For AK GRAFF S.A respect for and protection of your personal data is a commitment. We understand and take seriously into consideration the fact that you are aware of and interested in your personal data. This Personal Data Protection Statement describes the personal data the company collects about you, how we use and protect your personal data, the options you have regarding the way we use this data. We acknowledge that the protection of personal data is an ongoing responsibility and therefore we will update and amend this Statement from time to time. Please visit our web site https://akgraff.gr/ in order to make sure that you are aware of and satisfied with any changes.
1. Who we are
AK GRAFF focuses on the management of retailers of branded goods within and outside Greece. The company was founded in 2015 by Mr. Karatzis Antonios and maintains two stores in the center of Heraklion, Crete. The store under the name NAVY & GREEN on 1821 Street no. 35 and the store under the name ISO on Zografou Street 4.
2. What are the personal data we collect about you
- Name and Surname / Company Name. We collect the name and surname of physical persons, and the company names of our customers, the names of the contact persons of our clients that are interested in our services or they are signing up for our newsletter or they are participating in our promotions and contests organized by our company.
- Email address. We collect the e-mail addresses of our customers and of the contact persons of our customers, interested in our services or signing up for our newsletter or participating in our promotions and contests organized by our company.
- Postal address. We collect the addresses of our customers for billing purposes and for posting the invoices issued in a hard copy form.
- Other contact information. We collect other contact information, such as the phone numbers of our customers or our customers’ contact persons, in order to provide our services faster and better.
- Invoicing details. We collect customer details, such as the VAT number and the name of the tax office, necessary for the invoicing of our services.
- We try to minimize the risk to your rights and freedoms by not collecting sensitive personal data that concerns you.
3. How we collect your personal data
We collect your personal data when you express interest in our services, when you make purchases from our e-shop or from our stores when we provide our services, when you visit our website or when you subscribe to our newsletter. We do not sell your personal information to anyone. We only share it with third parties that facilitate the rendering of our services to you.
4. How we use (process) your personal data
We use your personal data for the following purposes:
- For the selling our products and services. We provide our products and services either through our e-shop or through our nationwide network of stores.
- For the marketing and/or for the promotional activities such as participation in contests or emails sent periodically to those who have subscribed to our newsletter. To this list of the subscribers we can also add those who provide us with their email addresses during our communication and also they consent to receiving our newsletters. Each newsletter allows the recipient to withdraw his consent.
5. Legal basis for processing your personal data
- The processing of personal data carried out for the provision of products and services to you is based on the conclusion and performance of a contract or, at your request, on preparatory actions for the conclusion and performance of a contract.
- The processing of personal data performed for the marketing and/or promotional activities is based on your consent.
- In some cases, the processing of the data is necessary for the purposes of our legitimate interests or for the purposes of our compliance with the national and/or European legislation.
6. Retention Time of Personal Data
- We keep your personal data for as long as our business relationship lasts.
- We keep the personal data of our customers and consumers for at least fifteen (15) years in order to fulfill our obligations to the tax or other administrative authorities with regards to the accuracy of the records.
- We keep the personal data of the people who signed up for receiving newsletters (and/or promotional actions) until they state that they no longer wish to receive from us newsletter and/or promotional material.
7. Measures we take to protect your data
When you give us your personal data, we take steps to ensure that it is securely kept. For the protection of your personal data, we take physical, technical and organizational protection measures. We update and review the security technology we use on a sustained basis. We allow access to your personal data only to those employees who need to access this data in order to provide benefits or services to you.
In addition, we educate our employees about the importance of the confidentiality and the preserving of the privacy and security of your personal data. Among others, we have implemented the following technical and organizational measures and procedures to protect your personal data from any loss, distortion, illegal processing or alteration:
- detecting and managing security breaches
- use of servers located in rooms with restricted access and subject to regular checks·
- use of information systems and computers programs installed in a way that minimizes the use of personal data and/or user authentication data·
- adoption of individual procedures for the retention of personal data and their secure deletion/destruction·
- access to systems and databases on a need-to-know principle
8. When and how we transfer your personal data to others
Within our activities, we use third-party providers who provide services on our behalf. So, we may need to share your personal data with them. However, we share only your personal data that is necessary to them to provide the services we request and we demand from them to protect your data and not to use it for other purposes.
The personal data we collect from you is stored in one or more databases hosted by third parties established within the European Union. These third parties do not use or access your personal data for any purpose other than storage and retrieval in the cloud.
9. Your rights
You have the right to request access to your personal data that we are processing. In addition, you have the following rights:
- Right to correct or delete (in some cases) your personal data.
- Right to restrict the processing or to object to the processing of your personal data.
- Right (conditional) to receive your personal data for using it anywhere else.
- In cases where we process your personal data based on your consent, you also have the right at any time to withdraw your consent. Such action does not affect the legitimacy of the processing of your data during the period prior to the revocation of the consent.
- Right to file a complaint with the DPA (Data Protection Agency) (dpa.gr): Telephone Center: +30 210 6475600, Fax: +30 210 6475628, E-mail:firstname.lastname@example.org
10. Transmission of personal data outside the EU
The personal data we collect from you is not transmitted or processed outside of the European Union.
11. How to contact us
12. Publication Information-Changes and Updates
This Statement was last updated on 28/5/2018. We reserve the right to modify and update this Statement at any time, for any reason, without notice to you, except for the posting of the updated Statement on our web site. We may periodically send emails to remind you of the changes and updates of this Statement, but you should check our website frequently to get updated on the current and in force Personal Data Protection Statement.