The protection of Consumer Personal Data is our top priority. The management and protection of personal data is governed by the terms of this contract and the relevant provisions of both Greek and Community and international law regarding the protection of the individual from the processing of personal data, as well as the Decisions of the Protection Authority. Personal Data, which we respect and hold. Any future changes to the above regulatory framework will be the subject of this contract. In order to offer you the best and highest quality services, we collect personal data after your explicit consent and after previously receiving full knowledge of your rights, as provided in the provisions of Regulation 679/2016 GDPR and this interpretative Greek Law for the protection of personal data. The primary concern of our Company is the provision of high quality services with respect for the rights, fundamental freedoms, privacy, as well as the privacy of the communication of the users of our website, therefore we take all the appropriate and necessary measures within the framework of the law, adopting modern technological processes, advanced technical equipment and software.
Visitors and users of the services of this website while browsing its websites may be required to voluntarily provide information and data concerning them in order to register for services, place orders for products or services, receive updates, and to enjoy the services offered on the website www.monemvasiawinery.gr. The personal data are collected by us exclusively if you register in our services as members and are limited to your name, address (street, city, postal code), a contact telephone and invoicing details (VAT, TAX). At the same time, we request some information such as a mobile phone number (in case we need to contact you directly). You hereby give your explicit consent to the collection and processing of your above personal data, without which we can not offer you our services, while you can revoke or modify it at any time (Article 7 of Regulation 679/2016 EU ). We reserve the right to change the terms of protection of personal data without notice, in accordance with the applicable regulatory framework. We kindly ask you to check these terms from time to time for any changes, as your continued participation in our services implies your acceptance of all possible modifications thereof.
Personal data includes any information regarding the data subject, with the exceptions provided by law. Personal data (simple and sensitive), in accordance with Article 4 (1) of EU Regulation 679/2016 on the protection of personal data, is: any information concerning an identified or identifiable natural person (“data subject”); an identifiable natural person is one whose identity can be ascertained, directly or indirectly, in particular by reference to an identifier such as name, identity number, location data, online identity or one or more factors specific to physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. Simple personal data is all non-sensitive. The processing of personal data of visitors – users, is any operation or series of operations carried out with or without the use of automated means, in personal data or in personal data sets, such as the collection, registration, organization, structure, storage, adaptation or alteration, retrieval, retrieval of information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction (in accordance with 4 par. 2 of Regulation 679/2016 EU). The processing of user data by our Company is confidential. Our Company takes appropriate organizational and technical measures for the security of users’ data and their protection from accidental or unauthorized destruction, accidental loss, alteration, prohibited dissemination or access and any other form of unfair processing.
The Company, acting on the principle of legality, objectivity, accuracy, transparency, integrity and confidentiality, purpose reduction, minimization and limitation of the storage period, processes user data, which it obtains legally way and keeps on file, strictly under the conditions of the law (art. 5 of Regulation 679/2016 EU), exclusively and only with the consent of the user – subject of the data. The Company declares that it proceeds to the lawful processing of user data which it collects in a lawful and lawful manner for specified, clear and lawful purposes and which, undergoes lawful and lawful processing in view of these purposes.
Objectives that justify the processing are, among others, the execution of the orders of the users of this website, the requested information of the users through a newsletter and in general the more effective provision to them of the offered services of the Company. The processing is limited to the absolutely necessary measure, collecting no more data than is required each time in view of the purposes of the processing, and it is only during the period required for the realization of the purposes of their collection and processing (art. 5, per. b, c and e, Regulation 679/2016 EU). Our Company files the contracts with the consumers – users of this website, within the institutional framework and with a view to the smooth processing of orders. Consumer access to them is available upon special request.
The only cases, restricted listed in the law (no. 6 par. 1 of Regulation 679/2016 EU), in which our Company may process the simple data of the users without their consent are the following:
(a) the processing is necessary for the performance of a contract to which the data subject is a party or for action to be taken at the request of the data subject prior to the conclusion of the contract;
(d) the processing is necessary for the performance of a duty performed in the public interest or in the exercise of public authority delegated to the controller
(e) the processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, unless those interests are preceded by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular if the data subject is a child.
Furthermore, the processing of data by our Company is allowed when: the user after being informed about the type of data, the purpose and extent of the processing, the recipients or the categories of recipients has agreed, or the processing is necessary for the execution of the contract , in which the user is a party, or to take measures during the pre-contractual stage, at the request of the subscriber even without the consent of the user (art. 5, par. 2 law 3471/2006).
The design and selection of the technical means and the information systems, as well as the equipment for the provision to the users of the services of our Company, are made with the basic criterion of the processing of as little personal data as possible. The permitted storage and processing according to the above include the information of the user, the processing of his order, the provision of requested services and any action within the framework of the user contract with our Company. The sensitive personal data of the users, as described in the law, are not collected by the Company in any case. As an exception to this rule, the Company may collect and process sensitive personal data, under the strict, restrictive conditions mentioned in the law (article 9 par. 2, of Regulation 679/2016 EU).
Consent of the data subject is any indication of will, free, specific, explicit and in full knowledge, by which the data subject expresses that he agrees, with a statement or with a clear positive action, to process the personal data that the data subject concern. This information shall include information on at least the purpose of the processing, the data or categories of data concerned by the processing, the recipients or recipients of the personal data, and the name, surname and address of the controller and any of his representative. The consent can be revoked at any time, without retroactive effect (art. 7 par. 1-4 of Regulation 679/2016 EU). A written form is not required to give consent for the processing of simple user data, so consent may be given electronically, in any convenient way.
The users of this website during the data collection stage are informed in an appropriate and clear manner about the purpose of the processing and the recipients of their data. Users enjoy the rights provided by law regarding their personal data, including the right to information, access to their data and objections to the specific provisions of the law (art. 12-15 of Regulation 679/2016 EU). In particular, the data subject has the right to demand from the controller without undue delay the correction of inaccurate personal data concerning him as well as the right to request the deletion of such data (art. 16-17 of Regulation 679/2016 EU) . Users also have the right to the portability of their data and forwards this data to another controller without objection from our Company (art. 18-20 of Regulation 679/2016 EU). To exercise these rights, you can contact with us.
Credit card details are not stored in our company’s storage media during the transaction but are registered directly in a secure environment of the cooperating online payment service that has undertaken the routing of the cards.
Our Company adheres to the SSL (Secure Sockets Layer) protocol, which is currently the global standard on the Internet for the certification of websites (websites) to network users and for the encryption of data between network users and web servers (web servers). An encrypted SSL communication requires that all information sent between a client and a server be encrypted by the sending software and decrypted by the receiving software, thus protecting personal information during its transfer. In addition, all information sent with the SSL protocol is protected by a mechanism that automatically detects whether the data has changed during the transfer.
Our Site Services may include links to third party websites in the future to which our users may be transferred. Please note that we are not responsible for the privacy practices of such third party websites. We encourage our users / visitors to read the data protection statements / policies of any third party website to which they link from our site.
The visitors-users of the website www.monemvasiawinery.gr during the provision of their data in the context of their transactions with the store, of the member registration and any other case, are informed, consent and accept the processing of their personal data, for the needs of the smooth processing the transaction and the provision of the services of this website. The voluntary registration by the visitors-users of our online store of their personal data, provides the right to our Company to process this data in order to execute the orders and to offer the services requested by the users accordingly. The visitors-users of the website www.monemvasiawinery.gr with this registration provide the legally required consent for the processing of their personal data provided by the Company, within the framework of the law.