Rhodian Agora ("we" or "us" or "our company") is committed to protecting the information that you share with us online, using our Website for any reason. We treat the personal data you give to us with care and transparency, acting according to the European Regulation 2016/679 (GDPR) on the protection of the personal data and on the free movement of such data and the Greek Legislation.
We encourage you to read this Privacy Notice carefully when using our website or services or proceeding to purchases with us. By reading this Privacy Notice, the user is hereby informed on how we collect, process and protect personal data furnished through our website at www.rhodianagora.com
The principles set out in this Privacy Notice apply to all instances in which Rhodian Agora receives your personal data as a Data Controller for the purposes described in this Notice.
If you have any questions related to this Privacy Notice, or any other issue related to this website, any of our terms and conditions or our cookies policy, then please do not hesitate to contact us using the following information:
Rhodian Agora -Mediterranean Gastronomy
Avenue Rhodes-Kallithea, Faliraki, P.C.85105, Rhodes
What is the scope of this Privacy Notice?
By accessing any page of our Website, you shall be deemed to have accepted this Privacy Notice in full. If you do not accept these terms in full, you should stop using the Website immediately.
We may revise this Notice from time to time by updating this posting. You should check the Website regularly to review the then current terms, because they are binding on you. Certain provisions of this Notice may be superseded by expressly designated legal notices or terms located on particular pages on the Website.
This Privacy Notice applies to information collected on our website at www.rhodianagora.com. It covers how we collect, use, share, and otherwise process Personal Information as of the date that this Privacy Notice is posted. It does not apply to any other information collected by us through any other means.
Linked services, third party sites and content
Our website may, from time to time, contain links to other websites which are outside of our control and are not covered by this Notice. We do not own, operate or control the websites of those third parties and as a result we do not accept any responsibility or liability for other sites’ privacy policies. If you access other websites using the links provided, we encourage you to check their policies before submitting any personal information.
What information do we collect?
Rhodian Agora is the only Data controller of the data collected from our website except from some cookies and payment data. The term “personal information or personal data” in this Notice refers to information that identifies or is capable of identifying you as an individual.
We do not sell, rent or otherwise disclose personal information collected by us to third parties in the ordinary course of business.
The use of information collected through our website shall be limited to the purpose of providing the service for which you have engaged us, such as:
- managing orders,
- cancelling or amending your orders
- delivering products and services,
- processing payments (using third parties and not storing card information ourselves)
- communicating with you about orders, products, services and promotional offers, your loyalty program, any requests that you may have etc
- updating our records and generally maintaining your account with us,
- displaying content such as bargain alerts, favourites and recommended products on our website that might be of interest to you.
- communicating with us, submitting comments, reviews, or other user-generated content;
- connecting or interacting with us using the social networks (e.g., Facebook, Instagram, Twitter); or
- requesting customer or technical support.
- consenting to marketing communications and our newsletter.
Generally, the types of personal data that we process may include:
- Name; Surname;
- Postal or/and billing address;
- E-mail address;
- Telephone or/and mobile number;
- credit card details (name/surname of the holder, card number, expiration data and security code)
- your messages and requests using our contact form or our email address
- device identifiers/device data through cookies placed on our website
- history of your orders
- your loyalty account
- Other relevant data.
This information will be provided by you when:
- you place an order and make a payment (Legal basis: contract obligations)
- Perform certain services or other transactions initiated by you; (Legal Basis: contract fulfillment/ legitimate interest of Rhodian Agora)
- you require more information about our services, activities or our online content (legal basis: pre-contract negotiations, legitimate interest of Rhodian Agora).
- you want to proceed to a purchase with us in order to fulfill our contract obligations and we have to use this information in order to provide you with the requested products or/and services and/or proceed with the necessary delivery and invoicing arrangements. (legal basis: pre-contract negotiations and contract obligations)
- you need to complete and fulfill your purchase, for example, to process and complete your payments, earn and redeem points from our loyalty program (Legal basis: contract obligations, legitimate interest Rhodian Agora, consent)
- we need to respond to your questions, complaints, or reviews of our product and/or services; communicate with you regarding your order and the ordered goods and provide you with related customer service (Legal Basis: legitimate interest of Rhodian Agora)
- we send you communications about your online transactions, order information/confirmation, newsletters, or other notices you requested or offers tailored to you; (Legal Basis: contract obligations and legitimate interest)
- we need to comply with applicable law, obey judicial orders, cooperate with law enforcement authorities, or prevent any suspected illegal activities; (legal basis: legal obligation)
- you need our assistance for troubleshooting or further information.
Visitors to our website
When someone visits Rhodian Agora we collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. We collect this information in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website. We will not associate any data gathered from this site with any personally identifying information from any other source.
Our website is intended for a general audience and is not directed to children. However, there might be cases where children may use our website.
We do not knowingly collect personal information from children without proper parental consent. If you are aged under 18 years old, please get your parent/guardian's permission before you provide any personal information to us. In order for you to proceed to an order you must be at least 18 years old. If you are under the age of 18 then you can only use our website to see our products and what we sell but we cannot enter in a contractual relationship with you unless your parents consent to this. If you believe that we may have collected personal information from someone under the age of 18 without parental permission, please let us know as soon as possible and we will delete this information immediately.
Special Categories of Personal Data – Sensitive Personal Data
We do not process special categories of personal Data.
How we protect your personal data
We take all the necessary precautions, security measures as well as the relevant technical and organizational measures to ensure the confidentiality of the provided personal data against unauthorised access or disclosure including physical security, encryption, passwords, etc. However, 3rd parties may unlawfully intercept or access transmissions or private communications, and other users may abuse or misuse your personal information that they collect from the site. Therefore, although we work very hard to protect your privacy, we do not promise that your personal information or private communications will always remain private.
Therefore, we store your personal information in secured systems and we have processes in place to ensure the personal information you provide us is kept safe. We can also assure you that we take all reasonable steps to ensure your data is handled securely under appropriate agreements with our suppliers and other third parties. We DO NOT STORE any of your payment / credit card details in our system, all such details are stored with the online payment services of Greek Banks as well as and the payment gateway Paypal. Specifically, for secure payments we redirect the customer to the safe environment of Greek Banks and the safe environment of Paypal. We do not store payment data on our systems and we are not liable for any breach of your payment data since the sole responsible for processing payment data is the relevant Greek Bank from which the transaction takes place and Paypal.
How we use the data we collect from this website?
We always base the processing of your personal data to a valid legal basis such as law, contract or your consent etc.
You are not obliged to accept cookies. If you wish, you can set your browser to notify you before you receive a cookie so you have the chance to accept it and you can also set your browser to refuse to receive or send all cookies. The website www.allaboutcookies.org contains step-by-step guidance on how cookies can be switched off by users.
Access to sales information
We will access the information recorded through your past purchases (order history) in order to help us improve our service to you, our products and contact you with special offers that are likely to interest you. For example, if you buy olive oil from us we might send you an email of when we have a similar product or brand.
Withdrawing consent or otherwise objecting to direct marketing/profiling
In addition to sending you information about our products or/and services and in-life communications while you stay with us, where we have your permission or where we are relying on our legitimate interest according to the GDPR, we may send you direct marketing communications about our products, offers and promotions.
Direct marketing communications may be sent by post, email, or through social media (such as Instagram, Twitter, and Facebook). We may send you direct marketing while you have an ongoing relationship with us and for a reasonable time after you have used one of our products or services where we feel we have a legitimate interest (Law 3471/2006).
If you no longer wish to receive any marketing communications or remain on a mailing list to which you previously subscribed or receive any other communication from us, please follow the unsubscribe link in the relevant communication οr send us an email at email: email@example.com
Even after you opt-out or update your marketing preferences, we may still contact you for other reasons, for example for transactional or informational purposes. These include, for example, customer service issues, or any questions regarding a specific order on any requests we need to reply to.
How long do we keep your personal data?
We will maintain Personal Information for as long as we are required to do so by applicable law(s), or for as long as necessary for the purpose(s) for the uses set out in this Privacy Notice or while there is a legitimate business reason for doing so. We will delete Personal Information when it is no longer needed and, in any case, upon expiration of the maximum storage term set forth by applicable law.
In general, we will keep your Personal Information when you create an account with us for as long you maintain your account active. In case you want to erase your account and all the personal data included you can send us an email at firstname.lastname@example.org.
In case you need to erase your payment information you should then communicate with the online payment providers (i.e. Paypal and Greek Banks) since we do not store such information.
We will store your billing information for 5 years since we are legally obliged to do so.
Any other information will be stored for 3 years and then we will securely delete it.
You can delete your account in full at any time by clicking on the "delete your account" button.
We do need to keep some anonymous information for longer than the above mentioned periods, such as customers’ shopping habits and buying patterns, so we can analyze it to identify trends and changes in customer activity and buying habits. We remove all names, contact details and any other information that identify individual customers, so it’s all just anonymous numbers and data.
You, the user, as a data subject, have a number of rights.
• access your personal data stored at any time and get a copy of this information.
Furthermore, the data subject shall have a right to obtain information as to whether personal data are transferred to a third country or to an international organisation. Where this is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer.
If a data subject wishes to avail himself of this right of access, he or she may at any time contact our legal department at email@example.com
• require us to rectify, inaccurate, incorrect or incomplete data; (right to rectification)
• obtain from us the erasure or the limitation of the data processing, for example where the data is no longer necessary for the purposes of processing; (right to be forgotten and the right to restriction of processing)
• ask us to stop sending you emails, texts, or notifications at any time, simply by clicking on the “Unsubscribe” link, or/and texting “STOP” (right to stop receiving marketing emails)
• receive your Personal Information, which you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit that data to another entity without limitation. (right to data portability)
• object to the processing of your data where we are relying on our legitimate interests as the legal ground for processing. (right to object)
If you would like to exercise any of these rights, please contact us at firstname.lastname@example.org
To access what personal data is held, identification will be required.
If you have a concern or complaint about the way we are handling your Personal Information, the Greek Data Protection Authority is there to help you. They may ask you to give us an opportunity to put things right first, and we would certainly like you to give us the chance. You can find the contact details visiting the website www.dpa.gr and the information to submit a complaint.
If you send us a request to exercise any of the abovementioned rights and we don’t complete it within a month, or if you are unhappy about the way we or any of our employees and partners are handling your Personal Information, you can lodge a complaint by contacting our company at email@example.com
Disclosure of you personal data
In some cases we may be required to disclose your personal information to comply with legal requirements and requests from government agencies if required for the purposes set out above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.
Your information will only be shared and used in accordance with this Policy and where an agreement is in place to ensure that your information is protected. We won’t sell your personal information without your consent or share it with other organisations for their own marketing purposes.
We may share your personal data:
• with third-party payment processors, payment service providers, IT and marketing support service providers and other consultants, vendors and service providers who need access to such information to carry out work or provide services on our behalf or who help us to provide these services to you;
• with any law enforcement, courts, Government or regulatory bodies (in whatever jurisdiction), or otherwise in response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation, court order or legal process;
• if we believe your actions are inconsistent with our user agreements, contracts or policies, or to protect the rights, property and safety of our company, our employees or any third parties
• with our advisors, which includes our accountants, lawyers, other professional advisors and business contacts for the purpose of assisting us to better manage, support or develop our business and comply with our legal and regulatory obligations; and
• otherwise as permitted or required by applicable laws and regulations.
Social media login
Our websites and apps provide plug-ins to social media websites, including Facebook, Twitter, Google+, VKontakte and Instagram.
If you make use of, or log-in to, the social media features on our website, we may (depending on your privacy settings) access, use and store information about you, including, but not limited to: your name, e-mail address, gender, location, profile, picture, contacts, and any other information you have chosen to make available.
Overseas Transfers of Your Personal Data
Your personal data will not be transferred to countries outside the EEA.
In case we may need for some reason to transfer such data, we will only transfer such data in countries that satisfy the adequate or comparable levels of protection in order to protect personal data held in that jurisdiction, and (where we are required to do so) solely under your consent.
In case personal data is transferred from the EU to outside the EU, we use Model Clauses, ensuring that such data transfers are compliant with applicable privacy legislation.
Ιn relation to any transfer to a third party in a country that is not subject to an adequacy decision by the EU Commission, such transfer will be appropriately protected through mechanisms such as EU Commission approved standard contractual clauses, an appropriate Privacy Shield certification or Binding Corporate Rules. A copy of the relevant mechanism can be provided for your review upon request.
Changes in our Privacy Notice
From time to time we may make changes to this Notice. If we make any material change in how we collect, use, disclose, or otherwise process your data, we will prominently post notice of the change on our website for at least thirty (30) days before putting the change into effect. These updates might be in relation to changes in the law, best practice, changes to the services we provide or collection and use of your personal information.
Your continued use of our website after the updates to this Notice is deemed acceptance of those changes. If any proposed change is unacceptable to you, you may request that we remove your personal data from our records.
If you would like to get in touch with us, please contact:
Rhodian Agora -Mediterranean Gastronomy
Avenue Rhodes-Kallithea, Faliraki, P.C.85105, Rhodes
Last updated: 24 November 2018.