Return to previous page

Privacy Policy

Privacy Policy & GDPR

The protection of your personal data is of primary importance to us.

We declare that diko-sou.com fully complies with the European Regulation 2016/679 (General Data Protection Regulation, GDPR) to ensure maximum protection of your personal data. The GDPR is the most recent EU regulation establishing the conditions for the processing of personal data to protect the rights and freedoms of natural persons, in particular the right to the protection of personal data.

diko-sou.com is not directed to children and minors under the age of 16. If you are under 16 years of age, you may use our website only with the participation and approval of a parent or guardian.

Purpose of Processing

Your personal data is collected and processed for the sole purpose of fulfilling and supporting your orders, communicating with you and providing you with a better experience when using our website. More specifically:

1) Execution and support of your orders

In order to be able to manage your orders, fulfil them and support you after the sale, we need the following data:

Your email address in order to keep you informed about the progress of your order

Your landline or mobile phone number in order to contact you regarding your order. In the case of a mobile phone, we also inform you with messages about the progress of your order.

Your name and surname in order to deliver your order and to serve you after the sale. If you request an invoice, we also need your VAT number, tax office and profession to issue the corresponding document.

The delivery address of the order in order to receive it at the place you wish.

2) Sending newsletters with news and offers (newsletter)

If you wish, you can subscribe to our newsletter in order to receive news, suggestions, offers and other updates about our products and services. Your subscription is made with your free and clear consent either during the ordering process or by entering your email address in one of the relevant forms on our website.

Create a Membership Account:

If you wish, you can create a membership account on our website. By creating a membership account you can make your purchases without having to enter your details each time. You can also track the progress of your current order online, refer to your order history, and edit your wishlist.

To create a membership account, we need the same data that we ask you for when you place an order and the purpose of processing them remains the same as the purpose for fulfilling and supporting orders. In addition, you need to enter a username and your personal security code to ensure that only you have exclusive access to your account. You are solely responsible for maintaining the secrecy and concealment of your password from third parties and in the event of its loss or leakage you must immediately notify us, otherwise we are not responsible for its use by an unauthorized person. We recommend that, for security reasons, you change your password regularly and avoid using the same and easily traceable passwords (e.g. date of birth). We also recommend that you use not only letters and numbers but also symbols and its creation.

Payment Card details (Credit, Debit and Credit Cards)

For the payment of your orders by credit or debit card, the entry of their data is done by your automatic transfer to the secure environment of the banking institution and these data are never known to us and therefore neither processed nor kept by diko-sou.com.

Lawful grounds for processing personal data:

We collect the personal data you share with us based on one or more of the following legal bases:

1) as required for the provision of the services that you commission and wish to receive from us and thus the fulfilment of our contractual obligations thereunder, for the receipt of your orders, for after-sales support, to contact you regarding your orders and generally where reasonably necessary or required to comply with legal or regulatory requirements, resolve disputes, prevent fraud and abuse or enforce terms and conditions;

2) as required for our (or third parties') legitimate interests, including our interests in providing innovative, personalised, secure and profitable services to our users and partners, unless your interests or fundamental rights or freedoms that dictate the protection of personal data override those interests.

3) as required to comply with an obligation imposed by law, such as regulatory compliance for tax purposes;

4) in accordance with the consent you provide under the specific conditions set by the legal framework, in order to receive updates on products, services, offers, etc.

Processing of your data by third parties:

The information we receive from you is important. We will not in any way exploit your information or pass it on to third parties outside our company without your consent, except in the cases noted in this Policy. And access to your personal data is only allowed to authorized persons - our partners who are required to have access to serve the operational needs of the company.

In order to provide you with our services we will share your personal data with certain third party companies, which act on our behalf (processors) providing us with transport/distribution, hosting and bulk emailing services etc. in order to provide you with an optimal service. Our company ensures the processing of your personal data by third-party partners with contractual clauses limiting the purpose of processing and compliance with technical and organizational measures for the correct and secure processing of your personal data.

Storage time interval

Regarding the period of data storage, where processing is required as an obligation by provisions of the applicable legal framework, your personal data will be stored for as long as the relevant provisions require. Where the processing is carried out on the basis of a contract, your personal data will be stored for as long as necessary for the performance of the contract and for the establishment, exercise, and/or support of legal claims based on the contract.

For the purposes of marketing activities, your personal data is kept until your consent is withdrawn. This can be carried out by you at any time. The withdrawal of consent does not affect the lawfulness of the processing based on consent in the period prior to its withdrawal.

Your rights regarding your personal data:

As a natural person, with the following rights, you have control over the processing of your personal data. In particular, you are granted and guaranteed the following rights:

  • Right to transparent information about how your personal data is collected and used
  • Right of access to personal data
  • Right to rectification or amendment of personal data
  • Right to erasure of your personal data
  • Right to restrict the processing of your personal data
  • Right to portability of your personal data
  • Right to object to the processing of your personal data
  • Right to withdraw your consent already given, i.e. to withdraw your consent at any time for processing based on consent. Withdrawal of consent does not affect the lawfulness of the processing based on the consent prior to its withdrawal.

Your above rights are limited by law and may not have to be fulfilled by us in certain circumstances (such as, but not limited to, where there is a contract, a legal obligation to process personal data, public interest, in order to protect our legitimate interests, etc.).

To exercise any of the above rights you can contact us by email at sales@diko-sou.com or by letter to our address.

In addition, you have the right to lodge a complaint with the competent supervisory authority, the Data Protection Authority (DPA): www.dpa.gr, 1-3 Kifissia Street, Athens, P.C. 115 23, +30 210 6475600, contact@dpa.gr.

Personal Data Security

We are committed to protecting your information and have taken the necessary technical and organisational measures to protect your information from any loss, alteration, access or misuse. In any case, the way the internet works and the fact that it is free to anyone does not allow guarantees to be given that unauthorised third parties will never be able to breach the technical and organisational measures in place by accessing and possibly using personal data for unauthorised and/or improper purposes. We undertake that any possible personal data breach will be reported directly to the Data Protection Authority and to the individuals by direct notification or public communication.

Cookies

Cookies are small text files that are stored on your computer or mobile device. Cookies do not take up much space and are automatically removed when they expire. Some cookies expire at the end of your online visit, while others are stored for a short period of time.

Cookies are used by our website to collect online activity information, to store your preferences and settings and to optimise your browsing experience on the website. We also use cookies to personalise content and advertisements, provide social media features and analyse traffic for statistical purposes. In addition, we share information about how you use our site with our social media, advertising and analytics partners, who may combine it with other information you have provided to them or that they have collected in connection with your use of their services.

By continuing to use the site you accept the use of cookies.

You can change your browser settings to delete or prevent cookies from being stored on your computer or mobile device without your explicit consent. The "help" section of your browser will provide you with information on how to manage your cookie settings. See how this works for your browser at the following addresses:

Google Chrome: http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95647

Mozilla Firefox: http://support.mozilla.com/en-US/kb/Cookies

Internet Explorer: http://support.microsoft.com/gp/cookies/en

Safari: http://support.apple.com/kb/PH5042

Opera: http://www.opera.com/browser/tutorials/security/privacy/

By disabling cookies or withdrawing your consent, certain features of the website will not be available. In addition, the performance and functionality of the website may be affected.

Changes to the Privacy Policy

All future changes to our Privacy Policy will be posted on this website. You should therefore periodically check the Privacy Policy for any changes.

What is the General Data Protection Regulation (GDPR)?

The General Data Protection Regulation (GDPR), whose implementation started on 25 May 2018, applies to companies based in the European Union, but also to international companies that process personal data belonging to natural persons residing in the European Union.

While many of the principles of the GDPR are in fact an extension of existing EU data protection rules, the GDPR has a broader scope and stricter standards, and provides for significant financial penalties. For example, it sets more stringent requirements in terms of obtaining consent for the use of certain types of data and expands the rights of individuals to access their data and the transfer of that data. It also provides for significant sanctions, giving supervisory authorities the possibility to impose financial penalties that can reach up to 4% of a company's total annual revenues for certain infringements.

Commitment and preparation 

Data protection is a key issue for diko-sou.com, which complies with current European Union data protection legislation and the General Data Protection Regulation (GDPR).

Having already started the necessary procedures to comply with the GDPR regulation, we make the following commitments:

Transparency: Our Data Policy will remain the sole means of describing our methods of processing users' personal data. At the same time, however, we will provide consent options for new and existing customers and recipients of our updates, notifications within the products and solutions we advertise, and education campaigns for our end customers.

Control: we will continue to provide our customers and recipients of our updates with opportunities to control how their data is used. In this context, we will always provide the option to exercise the "right to be forgotten" through the newsletters we send out.

Accountability: we are responsible for our practices and have established Privacy Assurance Principles that explain our approach to privacy and data protection. Our legal department has regular meetings with regulatory and legislative authorities, as well as privacy experts, to ensure we remain highly informed and make adjustments where necessary.

Related legal bases

Under the GPDR, there are a number of grounds that justify the processing of personal data. Below we outline the most relevant legal bases under the GDPR regulation.

Conventional necessity

The data processed must be necessary for the performance of the project and must be specified in the contract concluded with the individual concerned.

Consent

Specific and unambiguous consent is required, which should be given freely, having been informed of all relevant information and with clear, positive action.

Recipients have the right to withdraw their consent and should be informed of this right.

Legitimate interests

A business or other third party must have legitimate interests that are not undermined by the rights or interests of the individual who consents to the processing of his or her personal data.

The processing of the data must be stopped in case of an objection.

diko-sou.com as data controller and as data processor

Data Controller: A data controller is the person who determines the "purposes" and "means" for each case of processing of personal data.

Data controllers should adopt compliance measures covering how the data are collected, the purposes for which they are used and the length of time they are retained, and ensure that natural persons have a right of access to the data held.

Data processor: a data processor is the person who processes personal data on behalf of the data controller. In addition, in cases directly involving data processors, data controllers must engage data processors to ensure that the data are processed securely and lawfully.

Although diko-sou.com manages most of its services as a data controller, there are some cases in which it also acts as a data processor in the context of its cooperation with companies.

Where diko-sou.com processes data as a data processor on your behalf, your business must have its own legal basis on which it will process and disclose data to us.