Privacy Policy

Introduction

Your privacy is valuable to us. We are committed to providing you a safe, secure, and trustworthy experience on our website. Hintsdeco (hereinafter also referred to as “the Company”) respects your privacy and aims your personal data to remain confidential. In order to achieve this goal, Hintsdeco fully complies with the provisions of National and European legislation regarding the protection of personal data, including General Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons regarding the processing of personal data and on the free movement of such data (“General Data Protection Regulation”, hereinafter “GDPR”), as applicable, and the Greek law L. 4624/2019. This Privacy Policy sets out the terms on which we collect and process your personal data when visiting and using our website and the services we provide, including any data we may collect through this website or due to its interaction with other websites, or data you provide to us for specific reasons. This Privacy Policy should be considered along with any other relevant Privacy Notice or any other Notice we provide when collecting and processing your personal data in special cases. We encourage you to review our Privacy Policy, so that you will be aware of when, how, and why we use your personal data.

Who we are?

Hintsdeco is an active Company in the field of furniture and home decoration items sale, and through its website aims to offer excellent quality products, as well as personalized services to its customers and visitors. In this context, our Company is fully committed to the protection of the personal data of the visitors and customers of its e-shop. We aim to inform you in advance of which personal data we collect, the way we use it, the recipients of your data and the rights you are entitled to exercise under applicable data protection laws. For the purposes of data protection legislation regarding the collection of your data through our website, our Company is the Data Controller of your personal data.

Definitions

Some of the terms included in this Privacy Policy are legal terms defined by the regulatory framework. Therefore: Processing: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Personal Data: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. Consent: means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. Data Controller: means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. For more information about the definitions please see article 4 of the GDPR here

Our Principles regarding collecting and processing your personal data

The collection and processing of your personal data by Hintsdeco is governed by the following principles as further specified by the GDPR: Lawfulness, fairness, and transparency Purpose limitation Data minimization Data accuracy Storage limitation Integrity and Confidentiality We do everything possible to implement the above principles at all stages of interaction with you through this website.

Data Subjects

Every user of our website is a data subject, either when he/she simply visits our website, or when he/she enters his/her details in our contact form, or when he/she creates an account on our website in order to place an order, or when he/she subscribes to our newsletter in order to receive informative material and news about the new products of the Company.

What personal data we collect

We collect and process your personal data solely for the purposes of fulfilling our obligations arising out of the following. When you visit our website, we automatically collect information about your IP address and your current device location, and how you use our services, such as the type of webpages you visit, or the frequency and duration of your activities. In addition, servers, logs, and other technologies automatically collect certain information to help us manage, protect, and improve our services. We share personal information with third parties only as described in this policy or if required by applicable law. By creating an account on our website, we receive a first name, last name, shipping address of the products, phone number, e-mail address and user password. Any of the data that is classified as optional is registered by you at your will in order to make it easier for us to provide you with higher quality of services. If you wish to enter our website via Facebook or Instagram, our company is authorized to collect additional information about you through these websites. At the completion of your order, we ask you to provide us with additional information necessary for its execution, such as invoicing address (if it is a different address from that of the shipment of the products), address and VAT number of your company, in case you wish to issue an invoice. Payment-related information, such as your credit card number, is requested from the collaborating banks through which the payment is processed at the checkout stage, however it’s not stored in our systems under any circumstances. All the above information is necessary to contact you and successfully process the order you wish. In order to contact our Company, we ask you to provide us with your name and last name, your phone, and your email address so that we can reach out to you and answer any of your questions. If you give us your explicit consent, by ticking the relevant box, we collect your email in order to send you our newsletters. Any of the data you provide optionally are provided at your discretion in order to facilitate us improving the services we provide you.

Your consent

By browsing our website, by completing the Contact Form, and by creating an account you declare that you accept the terms of this Policy regarding the collection and processing of your personal data. By sending a request for an order you need to know that the collection of the above-mentioned contact details is necessary for the expected progress of your order and the proper execution of the contract between us.

Newsletter subscription

By subscribing to the list of the recipients of our newsletter, by completing your email in the special form and ticking the "tickbox" before the registration of your email, our Company, as a Data Controller, receives your consent to send you informational and/or promotional material (newsletter) about its offers and new services. You can withdraw this consent at any time by contacting Support Team or by clicking the unsubscribe link at the end of the newsletter you received.

Information we collect automatically -Cookies

We use cookies and other technologies in order to gather information about your activity, browser and device. This data helps us to create a profile for our users. Some of these data will be aggregated or statistic, which means that we will not be able to track them individually. You may remove or reject browser cookies through settings in your browser or device. However, rejecting or removing cookies may affect the availability and functionality of our services. Please find more information about our cookies policy here. We may also collect information about your device anytime you visit our website. We may collect information from or about the computers, phones or other devices from where you connect to our services. We may correlate the information we collect from your different devices, so that we can provide you specialized services depending on the device you use. For instance, we collect features, such as operating system and hardware release, browser type and IP address and log files. The latter may include the means you used to visit our website, details of the device you used, such as web browser type and language, access times, pages displayed, cookie-related IDs or other technologies that can uniquely identify your device or browser, and pages you visited before or after browsing our website.

How we use your personal data

The table below details what personal data we process, the scope of processing and the lawfulness of processing.

Category of personal data Purpose for processing Legal basis under the GDPR
Full name and contact details. Communication with our clients/visitors Your consent [Art. 6 (a) GDPR]
Email address Sending newsletters Your consent [Art. 6 (a) GDPR]
Payment related information (billing address, VAT number) Completion of payment Performance of the contract [Art. 6 (b) GDPR] & legitimate interests of the company [Art. 6 (f) GDPR]
Device information, such as web browser type and language. Improve our website and set default options (such as language and currency) Legitimate interests of the company [Art. 6 (f) GDPR]
Information about your computer, your visits and your use of this website (e.g. your IP address, geographic location, browser, the duration of the visit and the number of views of the page). Statistical reasons and improvement of the website Legitimate interests of the company [Art. 6 (f) GDPR] & your consent (regarding the cookies used by the website) [Art. 6 (a) GDPR]

Who we share your data with?

In order to provide our services successfully or to fulfill your requests, we may share your personal data with the following recipients: Courier companies, to send your order to the address you have registered. Professional external partners of our Company, such as accounting service providers, who are bound by strict confidentiality clauses. Professional service providers such as marketing agencies, customer satisfaction research companies, advertising partners and website administrators who contribute to the operation of our Company. Companies approved by you, such as social networking sites. Some of these recipients may be located outside of the European Economic Area - for more information on how we protect your personal data outside of the EEA, see "International Data Transfers". How long will your personal data be kept We will keep your personal data for as long as necessary to provide our services or in case of any contact you may have with our Support Team. In any case, your information is deleted or destroyed after 10 years of collection. We may continue to maintain your personal data even after the end of your communication with our Team, respecting the principle of proportionality and only based on the "absolute necessity of knowledge" to comply with legal or regulatory requirements, resolve disputes, or prevent fraud and abuse.

International Data Transfers

Personal information published by users or linked applications on the website or submitted for publication on the website or linked applications may be made available via the Internet worldwide. The website may not prevent the use or misuse of such information by other persons. In any case, the transfer to third countries will be made in accordance with the provisions of General Data Regulation (EU) 2016/679 and the applicable Greek law, L. 4624/2019. Your rights as per the data the website collects We inform you that you have the right of:  Access to your data,  Correction of your data in case of any inconsistency,   Erasure of your data in specific circumstances, Limitation of the processing of your personal data, Objection to the processing of your personal data, Transfer of your data to another company Withdrawal of your consent at any time Complaint to the competent Personal Data Protection Authority in the event of an unfortunate violation of your data. The website will review and respond to your requests within one month of receipt. This deadline may be extended by a further 2 months if further time is required. Please note that you can contact the Data Protection Officer (DPO) with regards to any matter about the security of your data in our website or to exercise any of your rights, under the following number: +302109404217, and e-mail address: shop@hintsdeco.com

How to exercise your rights

You can submit an access request without any cost. However, depending on the personal data you request, we may levy a reasonable fee to cover the cost of providing details of the information we have. We will notify you of the possibility of such charges upon receipt of your access request and we will await your confirmation of the continuation of the procedure and payment of this amount.

Children protection

Visitors/users of the website who are children are not allowed to access its services. If, however, underage users voluntarily visit our website and this cannot be checked, the website is not responsible. In any case, the services provided for any order through the website and can be performed using a credit or debit card, if carried out by a child, are presumed to be done under the supervision of a parent or guardian or guardian and with the consent of the latter.

Security measures

We have taken appropriate security measures to prevent accidental loss of personal data or unauthorized use or access. Those who process your personal data for the legitimate purposes explained above are subject to a confidentiality obligation. In addition, we have procedures to deal with any data breaches. Specifically, our website: Takes every organizational and technological precaution to prevent the loss, misuse, or alteration of users' personal information. Stores all personal information provided by users on secure servers (password protected and firewall). All online financial transactions executed through the website or linked applications are protected by encryption and authentication technology. The user acknowledges that sending information over the Internet presents inherent security concerns and therefore the company cannot guarantee the security of the data being trafficked through it. The user is responsible for keeping confidential the password he uses to enter the website or related applications. Under no circumstances will our website ask you to share your password, except to login to the website or any related applications. In accordance with the above, our website does not store any credit/debit card information you enter when submitting your order. Please note that we cannot guarantee the security of the information we receive by e-mail. Therefore, you should NOT send us information and payment information by e-mail. However, in case you choose to disclose your information to us, you give your express consent to use it solely for the repayment of your order, while our Company will not store such information.

Personal Data Protection Authority

We hope that we can resolve any question or concern you may have about the use of your personal data. If you are unhappy with the way Hintsdeco manages your personal data, you have the right to contact the competent supervisory authority. The competent supervisory authority is the Hellenic Data Protection Authority, which is located at 1-3, Kifissias Avenue, Athens, Zipcode. 11523, tel. +30 2106475600 and with e-mail address contact@dpa.gr

Changes of this privacy notice:

The website updates this policy from time to time by publishing the new version on the website or linked apps. The user should regularly check this page to make sure that it complies with any changes to the terms of this Policy. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make.