Introduction
The sole proprietorship of Theofanis Dimitriadis of Konstantinos with the distinctive title “ Gall é“, which is based in Kavala, 113 Omonias, PC 65302 (“ Business“) takes users’ privacy very seriously and undertakes to fully comply with applicable law (Regulation (EU) 2016/679 – hereinafter “GDPR” regulation> »).

This document (“ Privacy Policy“) provides information on how personal data collected by the Company is processed through this website (“ Website“) and is an informative notification to data subjects, in accordance with Article 13 of the GDPR. Specific information privacy notices are usually published in the sections of the Website where users’ personal data is collected and in any case supplemented by this Privacy Policy.

Data controller and DPO
The Data Processing Officer is Theofanis Dimitriadis of Konstantinos, resident of Kavala, 113 Omonias, PC 65302 (“ Processor“).

You can contact the Data Protection Officer (“DPO”) at the following address: info@galle-shop.gr (e-mail).

The Data we process
The following data can be processed:

the normal personal data that you may provide when using the Website features, including browser data or requests to use the services offered on the Website (e.g. registration in restricted areas, contests and other initiatives that may be available on the Website, use of Applications, requests for information and reports also submitted through contact forms, etc.), as well as data collected by cookies as defined in the Cookies Policy;

Why and how we process your personal information
With your consent, the Company may process your usual personal data to ensure that you can take advantage of the services and functions available and to optimize their performance, collect usage statistics, and manage requests and reports received through the Website and to manage your registration in any restricted areas and initiatives (eg tenders) that may exist on the Website in accordance with Article 6.1.a of the GDPR. The Company may also process your personal data in order to fulfill its obligations under European Union laws, regulations and law: the legal basis for such processing is Article 6 (1) (c) of the GDPR.

In addition, with your voluntary consent, your usual personal data may also be used in the official publications of the Company or in advertising activities (marketing), ie in the context of sending advertising material and / or commercial communications concerning the services of the Company in the contact details. reported using traditional methods and / or communication methods (eg mail, telephone, etc.) or automated media (eg Internet, fax, e-mail, text messaging, mobile applications, such as smartphones and tablets, social media accounts, eg Facebook or Twitter, etc.). The legal basis for this purpose is Article 6 (1) (a) of the GDPR.

Finally, the Company can process your usual and sensitive personal data to protect its rights in litigation.

All your data is processed using automatic and electronic tools that are suitable to fully ensure security and confidentiality.

Required editing and optional editing
The forms that must be completed on this Website require you to provide the personal data that is absolutely necessary for the processing of your messages and requests. This data is marked with an asterisk [*], ie the required fields. If you do not wish to produce them, we will not be able to process your messages / requests.

On the other hand, some forms may provide the possibility of providing personal data that is not absolutely necessary for the processing of your requests: the provision of such data is optional and non-submission has no consequences.

Browse data
If you just visit the Website (that is, without sending any message or using anyany of the available services / functions), the processing of your data is limited to the browsing data, ie the data that is necessary to be sent to the Website for the operation of the computers on which the Website operates and the Internet communication protocols. This category includes, for example, IP addresses or computer domains used to visit the Website and other parameters related to the operating system used to connect to the Website. The Company collects this and other data (such as the number of visits and the time devoted to the Website) for statistical purposes only and in anonymous form, in order to monitor the operation of the Website and improve its performance. This data is not collected to link to other user information or to identify users. However, this information, by its very nature, may enable the Company to identify users by processing and linking to data held by third parties. The browsing data is usually deleted after being processed anonymously, but may be stored and used by the Company to locate and identify the perpetrators of any computer offenses committed against or through the Website. Subject to this option and the provisions of the Cookie Policy, the browsing data described above is only temporarily stored in accordance with the law.

Links to other sites
This Privacy Policy applies only to the Website defined above. Although the Website may contain links to other websites (known as third party websites), we inform you that the Company does not have access to or use cookies, web beacons or other user tracking technologies, which may be active on third-party websites, the content and material posted on them or in the processing of your personal data. For this reason, the Company expressly disclaims any responsibility for such matters. Therefore, you should verify the privacy policies of such third party websites and collect information about the terms and conditions and how your personal data is processed.

How we store data and for how long
Pursuant to Article 5 (1) (c) of the GDPR Regulation, the computers and software used by the Company are set up in such a way as to minimize the use of personal data and identification data. This data is processed only to the extent necessary to achieve the objectives set out in this Policy and will be stored for as long as is absolutely necessary to achieve the specific objectives pursued. In any case, the criterion used to determine the storage period is based on compliance with the deadlines allowed by law and the principles of data minimization, storage limitation or rational management of our files.

How we ensure the security and quality of your personal data
The Company undertakes the obligation to ensure the security of the user’s personal data and to comply with the security provisions provided by law for the prevention of data loss, illegal or irregular use of data or unauthorized access to data, with special but not exclusive reference to Articles 25-32 of the GDPR. The Company uses many types of advanced technologies and security procedures to protect the user’s personal data. For example, personal data is stored on secure servers located in facilities with protected and controlled access. The user can help the Company to update and correct his personal data, announcing any change of address, qualifications, contact details, etc.

People who have access to the data
Individuals in the following categories are authorized to process user data: technical and administrative staff, IT staff, product managers, and other staff members who must process the data in order to perform their duties.

The Data may also be disclosed to third countries: (i) institutions, authorities, public bodies for institutional purposes; (ii) professionals, independent consultants – or working