Personal Data Protection Statement
According to the new General Data Protection Regulation (GDPR) of the European Union through this page we wish to inform you about the Personal Data collected during the use of this website, about the way they are collected, how they are used, for how long retained and finally let you know about your rights.

Definitions
Privacy

It is any information concerning a natural person that has been identified or can be identified. An identifiable person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as name, identification number, position data, electronic identifier or one or more factors that are specific to the physical, physiological, genetic , spiritual, economic, cultural or social identity of this natural person.

Processing
We mean any function or set of functions performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, configuration, storage, customization or modification, retrieval, consultation, use, disclosure through transmission; dissemination or other disposition, alignment or combination, restriction, deletion or destruction.
The protection of your personal data is extremely important for the website and through this policy we will describe how we will respect their collection through its use.

Website ID
This website www.glutenfreebakery.gr is its property

Gatidis SA
Bread - Confectionery and Food Company
3rd km of Serres - Drama
T.K. 62100
Serres

The website does not have to have a Data Protection Officer. In case you have questions, queries or concerns about the protection of your privacy, please do not hesitate to contact us either via the contact form or by sending an e-mail immediately to the e-mail: info@glutenfreebakery.gr

Data collected by the website
During your visit to the website we collect:

IP address
The IP address is temporarily collected every time you access our website in our server log files, firewall logs. The purpose of this log is to ensure the smooth operation of the website and all services resulting from it, the security of the server (malware) from malicious attacks and the avoidance of any abuse. We want to clarify that in no case does this log personalize you as the IP addresses do not immediately identify the users (visitors).

Usage Statistics
The collection of statistical information is done through cookies, which are small text files that are necessary to improve the user experience of the website. These files are stored on your device and may identify you in a unique way each time you visit our website. Deleting these files is very easy.

Data via Contact Form
When you send us a message through the contact form we collect the information you give us through the form, asking you each time to consent to the sending of this information to us for the purpose stated.

Data via Email
Any information you provide voluntarily by sending an email request. We use this information to respond to your request.

Newsletters
To subscribe to our newsletters, we ask for your email address. At the same time you must give your consent for the use of your email in order to send newsletters from us. Newsletters are managed and sent through the MailChimp service.

The process of your registration in our lists follows the double opt-in method as required by the current legislation. This means that after you register on the respective form, you will receive a confirmation email from us. Your registration in our lists is completed only by clicking on the relevant link of the confirmation message.

You can unsubscribe from our lists whenever you wish (opt-out).

Each newsletter we send you is accompanied by a relevant deletion option from the list, at the end.

In any other case you can request your deletion at info@glutenfreebakery.gr.

Data during online shopping
In order to make an online purchase, we ask you:

Name
Last name
Address
Postal code
Country
City
Prefecture / Area
Contact Phone
We use the above information in order to process your payment, to deliver the products you buy and finally to process your order.

We may contact you by email or telephone to clarify matters relating to your order.

In case you paid for your order by Credit / Debit or Prepaid card, we would like to inform you that the company does not store or register in its system card numbers, CCV2 as well as card expiration dates. The cooperating bank is responsible for the information you submit.

The above payments are made through the electronic payment platform of the partner bank, which uses TLS 1.1 encryption with 256-bit encryption protocol (Secure Sockets Layer - SSL). Encryption is a way of encrypting information until it reaches its intended recipient, who will be able to decrypt it using the appropriate key. Card information (card number, CVV2, expiration date) is transmitted / transmitted over the Internet in encrypted form (SSL 128-bit encryption) and is not accessible by third parties. The systems and procedures used by the partner bank prevent third parties from accessing its data and information systems.

Why we collect them
The collection of all the above data is limited to what is absolutely necessary for your safe and efficient service. It aims to improve the experience of using the website, to communicate directly with you and answer your questions or requests and to detect unwanted messages and security breaches.

Your consent to the Privacy Policy of this website is mandatory in its basic functions

Contact Form
expression of interest form
sending newsletters
User Registration
online purchases
In order to prove the consent of the user in the processing of personal data, the data and the time at which he gave his consent are recorded.

Sensitive personal data
The website will never ask you to enter data on religious beliefs, political and philosophical beliefs, sexual orientation or ethnic origin.

Data Sharing
There is a possibility to share data that you submit in the contact form of our website or through direct sending of e-mail, with our partners. This is only done if an investigation is required to create an offer for the service you are requesting from us. In no case, however, are personal data disclosed but only the details that describe your request.

The cases in which there is a possibility of disclosing this data to third parties are indicative, without being limited, to:

To the site administrators
In extremely rare cases, a third-party technician may have limited time-controlled access to troubleshooting software used on the page.
For accounting purposes, for the keeping of our books and the entries of the relevant accounting entries.
In postal services to service your order.
Upon a court or prosecutorial order or a request from a police authority to conduct an investigation.
In no other case do we transmit, sell, rent or disclose personal data of the website visitors to third parties for any reason.

How long do we keep your data?
We will retain your data for as long as necessary for the purpose for which it was submitted, taking into account the legal requirements of applicable law. In case of deletion of your account or corresponding request, the information will not be accessible through your account. However, if, prior to deletion, you have made a public announcement regarding our website, this information will remain publicly available. This information may remain in backup copies, for reasons of continuity of our company.

Security measures for data protection
The data entered on our website are stored on servers that are protected by strong security measures.

Our website uses the Secure Socket Layer (SSL) protocol to ensure the protection of your personal data.

Based on this technology, every personal item that is registered is encrypted before it goes online and then the authenticity of the message and the server is investigated.
The website uses an SSL-256bit certificate which appears as a padlock to the left of the address bar each time you enter pages where data is to be traded, confirming that your transaction is protected.

The passwords of the users on our website are stored encrypted.

At regular intervals we receive backup copies of our data, in order to be able to restore in case of technical failure.

Your rights
The provision of personal data on our website is done on a completely voluntary basis. If you choose not to provide the requested information, basic features of the Website may not be available. In some cases, only those who have submitted the required personal data to us are able to register on the website, make online purchases, contact us via the Contact Form, or express any interest or receive newsletters.

We provide the ability to maintain control over your data. The options you have include the display and processing of your data, the ability to unsubscribe from the newsletter service, delete your account and all related information, and finally retrieve information about retained data.

You can access and modify your personal data at any time by logging in to your account.
If any of the information you gave us changed, e.g. If you change your email address, if you want to change other contact information or if you want to cancel your registration, let us know by updating your details on the My Profile or My Account pages or by sending an email describing the changes at: info@glutenfreebakery.gr

In general, you have the following rights:

The right to request access to your personal data
You have the right to access some of the personal data you provide on our website.

You can access and modify your personal data at any time through your account management page.

By writing to us at info@glutenfreebakery.gr you can request details about the information related to you that we have and process and the purposes for which they are used.

The right to modify and / or delete your personal data
You have the right to correct, edit or delete your stored personal data.

You can access these features at any time through your account management page.

If you wish you can delete your account by clicking the "Delete Profile" button.

You can also send your request to the address: info@glutenfreebakery.gr. We will comply with your request without undue delay in receiving your request. If, for any reason, we are unable to comply with your request, we will contact you.

The right to terminate the processing of your personal data
In special circumstances, you have the right to terminate the processing of your personal data. You can contact us at: info@glutenfreebakery.gr
The right to data portability
You have the right to receive your personal data (for you only) in a structured, widely used and readable form from devices ("data portability") and you have the right to transfer this data to another data controller.

You can access the export of your data through your account management page, through the two options:

Export profile to CSV file
Export profile to XLS file
You can request the transfer of your data by contacting us at: info@glutenfreebakery.gr. We will comply with your request without undue delay in receiving your request. If, for any reason, we are unable to comply with your request, we will contact you.

The right to ban the processing of your personal data and to unsubscribe
You have the right to ask us not to process your personal data when the processing is based on a legitimate interest in us. You can exercise your right to prohibit the processing of your data at any time by sending your request to: info@glutenfreebakery.gr.

Emails sent to you by us that contain a newsletter or marketing content include the option to unsubscribe by following the instructions in the email. If you do not wish to receive emails from us, you can simply click the unsubscribe link and you will no longer receive emails.

For all other types of messages you may receive from us, such as maintenance notifications or management notifications, these messages can only be terminated by deleting your account. These messages are a mandatory part of our users' accounts and the relevant use of the website.

In any other case, contact info@glutenfreebakery.gr to delete your account.

The right to withdraw your consent at any time
You have the right to withdraw your consent to the processing of your personal data at any time. However, the withdrawal of consent does not affect the legality of the consent-based processing prior to its withdrawal.

You can revoke your consent to our privacy policy at any time through your account management page.

Contact us at info@glutenfreebakery.gr to withdraw your consent.

Terms and / or restrictions of your rights
There may be terms or restrictions on your aforementioned rights. Therefore, we are not able to guarantee your right to transfer or delete the data, as it depends on the specific conditions of the processing activity.

Privacy Policy Updates
We regularly review and, where appropriate, update our privacy policy. If we want to use your personal information in a way that we have not mentioned before, we will contact you to provide you with information about it and, if necessary, to ask for your consent.

At the end of this text you can see when it was last revised. We will update the date of this document each time a change is made.

October 2020