Privacy Policy

The use of the electronic pages and services of the website www.cannapoint.gr.gr, owned by ‘Paitakis Yannis’ with Tax Identification Number 100600229, Tax Office of Chania, with activity Retail Shop of bags/clothes

Www.cannapoint.gr needs only your standard information, for the smooth completion of a transaction. These are the name, address (street and number), postal code, city, telephone and e-mail. These data are still useful for the delivery of products in the area where you will choose to meet the requirements regarding the services and products of www.cannapoint.gr

Member registration at www.cannapoint.gr. This means accessing older orders, updating products you choose, changing personal information and passwords.

Update on new offers and products after you request it during your registration.

This website recognizes, respects and considers very important the right to Privacy and Personal Data Protection of users, in accordance with the current Legislation in Greece and the European Union (Applicable Law on 25-5-2018 replaced by EU Regulation 2016/679 and regulatory law and other Legislation in force).

The applicable law governing all of the above is national law, Community law and the relevant international treaties. Along with our company’s internal information systems, this website has been designed to comply with EU Regulation 2016/679 on general data protection (GDPR) for the protection of users’ personal data. Any provision of the above terms that is found to be contrary to the above legal framework or becomes invalid, automatically ceases to be valid and is removed from here, without in any way affecting the validity of the other terms. This privacy policy may change from time to time depending on legislation or industry developments. We will not explicitly notify our customers or users of our website of these changes. We encourage you to periodically check this page for any changes to this privacy policy. The continued use of the website even after any changes in the Privacy Policy, means the unconditional acceptance of these terms.

Data Controller

The webmaster of this website is: Paitakis Yannis

Intellectual property rights

Copyright and Trademark The entire design of the website, the text, the graphics, the selection and its settings, are the intellectual property of the Company and are protected under the relevant provisions of Greek law, European law and international conventions. All rights reserved, any text or image bearing the symbols of the Company are trademarks or registered trademarks and are used herein with the permission of their respective owners.

Privacy

We collect and process your personal data only when absolutely necessary. We will never sell, rent, distribute, or disclose your personal information in any way. If you are under 16 years old, you MUST have your parents’ consent before using the services on this site.

The constant goal of the Company is to provide the best possible service to our customers. The specific online store (e-shop) enables both our customers and all internet users to be informed immediately about the products offered by the Company, as well as to make their purchases electronically.

Legal basis for processing

At this site the legal reason for the processing of personal data is the consent that is evidenced by the fact that visitors / users have read these terms and accepted them by staying on the page. This website may collect and process data off-site, for additional legal bases as required by law or the existence of a Contract. Failure to provide the personal data, in this case, will result in the contract not being able to be concluded with the data subject.

Data breaches

For all your personal information stored in our database, all necessary measures will be taken to ensure it. We will report any unlawful breach of this website or any third party data processing database to anyone and anyone directly concerned, as well as to the authorities within 72 hours of the breach, provided that the personal data are stored in a recognizable format, have been stolen.

Security

The SSL (SecureSocketsLayer) protocol is now the global standard on the Internet for authenticating websites to network users and for encrypting data between network users and web servers. An encrypted SSL communication requires that all information sent between a client and a server be encrypted by the sending software and decrypted by the receiving software, thus protecting personal information during its transfer. In addition, all information sent with the SSL protocol is protected by a mechanism that automatically detects whether the data has changed during the transfer. In addition, personal security is the password you give when you become a member of www.cannapoint.gr. In order to present any of your personal information, the username and password must first be given. For this reason, you must keep these items safe so that they do not fall into the hands of others. We also advise you to create a password using symbols along with alphanumeric characters. Finally, it should be reminded that the credit card details are not stored in the company’s storage media during the transaction but are registered directly in a secure environment of the cooperating company that has undertaken the routing of the cards. All transactions you make through www. thehobbyshop.gr are governed by International and European law, which regulates issues related to e-commerce as well as by the Law on Consumer Protection (Law 2251/1994), which regulates issues related to distance selling.

Duration of retention of personal data

Regarding the personal data we collect, their retention time depends on its use. Specifically regarding the cookies that are stored on your computer, each one has its own time of stay which is mentioned in detail if requested. The information collected for sending informative emails, remains on our website, as long as you are registered in this service. The data of the user-customer visitor will be maintained and processed by the Company until the completion of his specific order. The data of the registered user-client will be retained and processed until the registered user-client requests the deletion of his account or, for any processing of his data based on his consent, until he declares the withdrawal of his consent for the purposes of provision of the Company’s services. Nevertheless, some necessary personal data concerning its transactional relations with the Company as well as the information, consent and withdrawal of the member’s consent for the processing of his data will remain as information for the registered user-client to ensure the proof of its legitimacy. processing of its data by the Company and the safeguarding of the legal claims of the parties.

Special Category Data

The member is informed that the Company does not collect or require the disclosure of sensitive personal data (special category data) for the needs of www.cannapoint.gr The Company declares that no other use of the personal data of the visitor / registered user will be made for for purposes other than those referred to in this policy without prior notice and, where appropriate, consent.

Information, editing and editing purposes

The Company will process the personal data of the visitor / registered user-customer, as they are declared by him during the creation of his account and in his order in the data entry form, in order to complete his specific order through our online store. Furthermore, and if any order has been placed through the company’s website, the Company will now be able to process the personal data of its customer, to send commercial information and promotional messages, until the customer objects to it. In addition, if the visitor / registered user has not placed an order but has given his relevant consent to the Company, the Company will be able to process his personal data to send commercial information and promotional messages.

 

The user / customer has the option to choose 2 ways to complete an online order and declare his personal data: 1. As a visitor: In this case the personal data of the visitor / customer will be kept in the records of the Company until the completion and delivery of the specific order, with the exception of transaction data for tax purposes and their processing will be solely for the execution of the contract of sale. As a registered user of the online store: In this case the customer / user has created a user account in our online store and his personal data will be stored in the company files until he requests their deletion. The user / customer can at any time change or correct his data by logging in to his account at www.thehobbyshop.gr with his username and password. In order to carry out any transaction through the online store www.thehobbyshop.gr of the Company and to place orders for products and / or services of the company, the following are required: • the full name • the shipping address of the products • the billing address of the order (in case is different from the shipping address) • the number of a contact telephone • the e-mail address of the customer. In the event that a product is requested to be delivered to a third party other than the visitor / registered user, the latter acknowledges that it will have full responsibility for informing and with the full consent of the person designated as the recipient, for the disclosure of his personal data. to the company for the sole purpose of delivering to it, the relevant products and assumes full responsibility for any claims of this person against the Company. Credit card details are not stored in the company’s storage media during the transaction but are registered directly in a secure environment of the partner companies Piraeus, Viva or Paypal, which have undertaken the routing of the cards. The purpose of the basic data processing is the execution of the contract and the completion of the specific order, the communication with the user-customer and the sending of informational messages regarding the stages of the processing of the order, the provision of clarifications related to the order and the information in general for purchases made, the delivery of the order at the place of choice of the customer-customer, the confirmation and identification of the customer-customer in any necessary case and the information about the existing stock at www.thehobbyshop.gr. The visitor / registered user is informed that the provision of the above mandatory personal data as well as the details of his transactions are necessary and constitute a prerequisite for the proper execution of the order contract, delivery of products and / or execution of services. For this reason the consent of the user-client is not required for this specific processing. Every customer-user who uses www.thehobbyshop.gr is informed that his personal data regarding the receipt, execution and delivery of an order as well as questions regarding purchases, products and services of the Company and orders www.thehobbyshop.gr will be processed for the purpose of serving the customer-customers both by the competent employees of the Company and by the third party recipients and / or executors of the processing on its behalf in the context of the execution of an order. These third parties are transport companies, individual or group shipping companies, internet and e-commerce service providers with which the Company cooperates and which are subject to the special strict terms of personal data processing that have been agreed with the Company as a Processor. The Company requires its employees, the maintainers of its website, as well as its third party partners to take all necessary technical and organizational measures (including appropriate policies and procedures to prevent the disclosure of personal data of visitors / registered users- its customers who process and have and implement procedures for the management and processing of personal data in a lawful manner and protect them in accordance with the GCC.). No other processing or transmission of user-customer data will be done by the Company and its online store www. cannapoint.gr except for the treatments below for which the Company has received the prior consent of the users-customers or if required by law or a competent supervisory or judicial authority.

Information we collect and the reason

Tracking of website traffic with Google Analytics

Our website, like almost every website in the world, uses GoogleAnalytics, a data analytics service offered by Google. GoogleAnalytics uses ‘cookies’, which are text files, which are stored on your computer or device and facilitate the analysis of the use you make on the website. The information received from cookies about your use (including your IP address) is transferred to a Google server in the US and stored there. Google will use this information to evaluate your use of the Website, to report to its administrators on such activities, and to provide other services related to your use of the Website and the Internet.

Remarketing and Website Advertising

The Company Website may and may use GoogleAnalytics features for display ads (e.g., repeat marketing, Google Display Network display reports, Doubleclick Campaign Manager integration, and demographic and interest reports).

Our Website, in any case, complies with Πολιτική διαφημίσεων βάσει ενδιαφέροντος του GoogleAdWords και τους restrictions for sensitive categories.

Electronic newsletter

If you choose to participate in our email newsletter, the email address you submit to us remains on our website and you do not forward it now or in the future to third parties. The email address you submit will be stored in the database within the site and is protected by the protection measures we have taken so that there is no illegal access to this website. In case of deletion, your email is encrypted so that it cannot be accessed from the page. Your subscription to the site newsletter Your email address will remain in our database for as long as we continue to send you newsletters or until you explicitly request its removal from the list. You can do this by using the unsubscribe link in all the email newsletters we send you. As long as your email address remains in our database, you will receive periodic email updates from us.

WebBeacons

Webbeacons (also known as Internettags, pixeltags and clearGIFs) are usually transparent graphic images placed on a web page. Webbeacons are used in conjunction with cookies in order to record the actions of visitors to websites.

Addresses IP και URLs

An IP address is a unique locator used by certain electronic devices to locate and communicate with each other over the Internet. When you visit our websites, we can see the IP address of the device you used to connect to the Internet. We use this information in order to determine the general geographical location of the device and to understand from which geographical areas the visitors of our website come. We may use this information to change the way our website is presented in order to improve your visit. The URL (UniformResourceLocator) is a unique locator or address for each web medium and is essentially the address of the webpage you are visiting. We will use this information to see which websites have traffic as well as the way you navigate our website

Contact forms and email links

If you choose to contact us using a contact form or an email link, none of the data you provide will be stored on this website or transferred or processed by any third party data processing provider as defined below. in the section ‘Our third party data processors’. Instead, this data will be sent to us by e-mail via the SMTP (SimpleMailTransferProtocol) protocol. Our SMTP servers are protected by a TLS security protocol (sometimes known as SSL), which means that e-mail content is encrypted before being sent over the Internet. The content of the email is decrypted by our local computers and devices.


Sharing

For more information, please read it Facebook Privacy Policy.

 

Rights of the data subject

a) Right of access Every data subject has the right to be allowed access by the controller to the following information: whether or not personal data concerning him or her are processed, what that data is, who the recipients are, why and for how long, for what purpose and any other information that is compatible with the purposes of the processing. It is necessary to provide free information about his personal data stored at any time and a copy of this information. In addition, European directives and regulations give the data subject access to the following information: – the purposes of the processing – the categories of data concerned – the recipients or categories of recipients to whom the personal data has been transmitted or will be disclosed, in particular the recipients third countries or international organizations and in such cases whether the appropriate safeguards have been met – where possible, the estimated period for which the personal data will be stored or, if not possible, the criteria used to determine the the existence of the right to request from the controller the correction or deletion of personal data or the restriction of the processing of data concerning the data subject or to object to such processing – the existence of the right to terminate supervisory authority – where not are not collected from the data subject, the information available about their source – the existence of automated decision-making, including profile analysis, referred to in Article 22 (1) and (4) of the GDPR b) Right of correction Each data subject has the right to request and obtain from the controller, without undue delay, the correction of inaccurate personal data concerning him and the completion of incomplete personal data, including the provision of a supplementary declaration. c) Right to delete (Right to be forgotten) Every data subject has the right to request from the controller the deletion of personal data concerning him without undue delay and the controller is obliged to delete the personal data without undue delay when one of the following reasons applies: – Personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed – The data subject withdraws the consent on which the processing is based in accordance with Article 6 (1) Article 9 (a) of the GDPR or Article 9 (2) (a) of the GDPR and where there is no other legal ground for the processing – The data subject has an objection to the processing in accordance with Article 21 (1) & 2 of the GDPR and there are no compelling legal reasons for processing – Personal have been illegally processed – Personal data has been collected in connection with the provision of information society services referred to in Article 8 (1) of the GDPR. Where the controller has disclosed personal data and is required to delete the personal data in accordance with Article 17 (1), the controller shall take reasonable action, including technical measures, taking into account available technology and implementation costs. d) Right to restrict processing Every data subject has the right to request a limitation on processing, when one of the following applies: – The integrity of the personal data is challenged by the data subject for a period of time until the controller verifies the accuracy of personal data – Processing is illegal and the data subject opposes the processing of personal data and instead seeks to restrict their use – The controller no longer needs personal data for processing purposes – The data subject has oppose the processing in accordance with Article 21 (1) of the GDPR e) Right to data transfer (Portability) Every data subject has the right to receive the personal data concerning him and to transfer it to another body of his choice. This data is provided by the destination processor in a structured, easy-to-use and machine-readable format. Portability can only be achieved when processing is based on consent in accordance with Article 6 (1) (a) of the GDPR or Article 9 (2) (a) of the GDPR or in a contract