Skip to content
MENU

Introduction

annaniolaki.gr is fully harmonized with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (hereinafter referred to as the «Regulation») and commits to exercise due diligence for the correct and secure processing of the personal data it collects and processes.

We understand that by giving us your personal data, you are entrusting us with this information. We have created this policy so that you have full transparent access to the data we collect from you, the purpose for which we collect it, and the way we use it. We are obliged to ensure that you understand your rights regarding your personal data and the processing thereof. The purpose of this Company policy is to inform you about the data collected for the servicing of our relationship and about your rights to access, rectify, and delete this data.

 

1. What data we collect:

We receive, collect, store, and generally process the following information that concerns you:

  • Personal data and information that you enter through the website, including information you provide when creating an account on the website
  • Information contained in or related to any nature of communication with us, either directly or through our website.
  • Information as analyzed below under the title «Cookies».

The personal data you enter during your registration or consent must be complete and truthful and must necessarily include the following: full name and surname, address, telephone, and a valid e-mail address.

 

2. Requirements for obtaining consent

Our Company collects and processes data based on your consent. Your consent is provided in the form of a written statement, expressly excluding any other means. The request for consent is distinct, understandable, in an easily accessible form, and uses clear and simple language. You have the right to withdraw your consent just as easily as you gave it.

 

3. For what purpose do we collect the data

Our Company, following the principle of data minimisation, restricts the collection and processing only to personal data that is appropriate, relevant, and necessary for the purpose for which it is processed.

Specifically, we collect, store, and process your personal data, following your explicit and free consent, for the purpose of:

  • the performance of the service you requested us to provide,
  • the compliance of our business with current legislation, including but not limited to: tax, labour, and insurance legislation,
  • informing you about our news, events, and offers to improve our services, only if you have given us your explicit consent,
  • conducting contests,
  • internal research and statistical analysis, so that we can determine how our website is used and understand how we can improve it,
  • our compliance with the requirements of the law, regulatory authorities, and compliance regulations (if applicable),
  • verification regarding compliance with the terms and conditions governing the use of our website,
  • the protection of our civil rights,
  • understanding your interests, so that we can tailor the content, offers, and other activities we display on our website in a way that best meets your interests and preferences.

4. To whom we communicate/disclose your personal data:

We communicate your personal data:

  1. to any public authority, court, provided we are obliged to do so by current legislation, as it applies each time.
  2. Our business may cooperate with companies, which you can find on our website, and transmit personal data of visitors-users to them for processing and management for the optimal provision of services, through advertising, the promotion of new services, and the sending of newsletters to visitors-users. These companies, as third parties (specialists), are bound by every legal, professional, or other binding obligation of confidentiality regarding personal data.

5. Links to other websites

Our website may contain links or advertisements that refer to third-party websites, online locations, or companies that do not belong to our business. These links are provided only for the convenience of the user and do not mean that our business approves or accepts their content. The Company bears no responsibility if you enter your personal data on a website other than that of our business. The Company does not control these links and is not responsible for their data or for the policy they follow regarding the protection of personal data. Linking to these websites is the sole responsibility of each user. The aforementioned third-party providers of these online locations and websites have full (civil and criminal) responsibility for the security, legality, and validity of their content, excluding any liability of the Company, such as, indicatively, liability regarding intellectual property rights or any third-party right. Consequently, users are obliged to address the aforementioned third-party providers directly for anything that arises from the visit or use of their online locations and websites. Users of this website accept that the Company is neither obliged nor able to control the security and content of both the online locations and websites, and the services of third parties to which it provides access. Nevertheless, the Company is entitled at any time to remove, modify, or discontinue any third-party service or link to third-party online locations and websites, if, in its judgment, the law or these terms are threatened or violated. All actions you take on another website or online location other than that of our business are your sole responsibility.

 

6. Data storage period

We store and generally process your personal data for the duration of our contractual relationship. If our contractual relationship expires, we retain your personal data for as long as required until the time limit required by current legislation has passed for the purpose of our compliance, indicatively, with tax laws, limitation periods for any related claims.

Regarding personal data that we store for the purpose of sending newsletters and offers, they are retained for as long as we are legitimate based on your explicit consent.

Finally, in case of withdrawal of consent, we are obliged to permanently delete the personal data for which your consent has been withdrawn.

 

7. Rights under the Regulation

According to the Personal Data Regulation (EU 679/2016) you have the following rights:

  1. You have the right to know what personal data we hold and process, the purposes of their processing, the recipients or categories of recipients to whom they are disclosed, and the period for which they will be stored (right of access).
  2. You have the right to request at any time, and for our Company to execute without undue delay, the rectification of inaccurate personal data and the completion of incomplete data (right to rectification).
  3. You have the right to object to the processing of your data and we will immediately stop processing them unless there are other legitimate grounds that prevail (right to object).
  4. You have the right to request, and for our business to execute without undue delay, the restriction of the processing of your data (right to restriction).
  5. You have the right to request, and for our business to execute without undue delay, the erasure of your data from our database if their processing is not necessary for the purposes for which they were collected or you have withdrawn your consent for the collection and processing of the data (right to erasure/right to be forgotten).
  6. You have the right to ask us to receive the data you have provided in a readable format or to ask us to transmit it to another controller (right to data portability).
  7. You have the right to withdraw the consent you have given us to process your personal data at any time, free of charge. This applies to cases where the processing of personal data is done with consent and not based on our contractual relationship or personal data that the business is obliged by current legislation to retain for control and compliance purposes, for example, under tax or other provisions (e.g., order execution, invoice issuance).
  8. You have the right to lodge a complaint with the Supervisory Authority named the Hellenic Data Protection Authority electronically at the following address: www.dpa.gr.

For all the above rights and their exercise, contact us at our headquarters, 130 Vouliagmenis Ave., (3rd floor) 16674 Glyfada, or by e-mail at contact@annaniolaki.gr or by phone at 212-2228700.

Within the reasonable period of one (1) month from the receipt of your request, our Company will respond to your request in writing.

 

8. Updating personal data

In order to keep your personal data up-to-date, we advise you to inform us in a timely manner of any changes or incorrect entries of your data. To review and/or edit personal data, or to know how long our business intends to retain personal data or for other questions related to the access of personal data, or if you wish to submit a request for us to provide you with information as to whether we maintain or process any of your personal data on behalf of third parties, please contact the competent department at the e-mail address contact@annaniolaki.gr

 

Personal Data Security Policy

All information related to your personal data is secure and confidential. Security is achieved by the following methods:

 

A. Controlled Access – Security Systems

Access to our systems (servers) is controlled by a firewall, which allows the use of specific services by customers/users, while simultaneously prohibiting access to systems and databases with confidential data and information of our business. All servers have an Antivirus service that checks for possible malicious software that could cause data leakage. For the management of the servers, access is allowed only through a VPN service, which only our technical team has access to, thus preventing any access from a public network, even if the administrators’ access credentials are leaked for any reason. The filesystem of the servers is encrypted, so that even if someone gains physical access to a server with our data, they cannot decrypt the data.

 

B. Back Up

We keep daily backups of all data to prevent any destruction (hardware failure) in a secure location. The copies are automatically deleted from our systems, having a maximum lifespan of one month. The copies are stored in the same datacenter but on a separate storage unit, having exactly the same access and protection principles as the original data. The backup copies are stored with encryption, so that even if there is a leak, their recovery is not possible.

 

C. Data Breach

If any case of data leakage comes to our attention, either from a malicious attack on our systems or from a user’s mistake, our actions are as follows:

  1. Temporary suspension of the application’s operation until we ensure that any security gap has been closed.
  2. Immediate notification of users and/or customers about the breach, its size, and in case the error originated from a member, the possible way to deal with it.
  3. Immediate notification of any competent authority depending on the type of leakage (e.g., in case of a malicious attack, the cybercrime division of the Hellenic police is notified).

Cookies

You can visit our website without disclosing your identity to us and without revealing any of your personal information. Our website uses cookies to ensure the best possible user experience. Cookies are small text files placed on the user’s device to track usage patterns and registration preferences.

Cookies can be either «persistent» cookies or «session» cookies. A persistent cookie will be stored by a web browser and will remain valid until its set expiration date, unless deleted by the user before the expiration date. A session cookie, on the other hand, will expire at the end of the user’s session, when the web browser is closed. We use both session and persistent cookies on our website.

The information generated regarding our website is used to create reports about our website and its traffic. In this way, we can continuously improve our website and constantly adapt it to your needs.

Users can control and/or delete cookies as they wish (for details see aboutcookies.org). Blocking or deleting all cookies will have a negative impact on the stability of many websites. If users choose to disable our cookies, they will not be able to use all the features of our website.

This policy may be updated from time to time, e.g., due to modifications of the relevant legislation. We urge users to check this page periodically for the latest information on privacy practices.

 

Questions & contact

For any questions regarding this policy or if you wish to exercise any of your rights, as described herein, please contact us at the email address contact@annaniolaki.gr or at the following address:

Address: 130 Vouliagmenis Ave., (3rd floor) 16674 Glyfada
Tel.: 212-2228700

arrow-top
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.