PERSONAL DATA PROTECTION POLICY
(Annexes hereto: Cookies Policy, 2nd Level Notification on the processing of personal data through a video surveillance system, CV Policy)
This Policy was updated on 29/04/2021
Purpose of this policy
The protection of your personal data is very important to ‘DIMERA GROUP SINGLE MEMBER P.C.’. This policy informs you about the personal data collection practices of ‘DIMERA GROUP SINGLE MEMBER P.C.’ through its websites, including the categories of data collected, retained and processed, the purpose of their collection, the categories of persons to whom your data are disclosed, as well as your rights. ‘DIMERA GROUP SINGLE MEMBER P.C SPORTING GOODS TRADE.makes every possible effort to protect your personal data, on the condition that the personal data you have provided are true and accurate. It also outlines certain security measures taken by the company in order to protect data confidentiality, and provides certain guarantees for things the company will not do.
Commitment of ‘DIMERA GROUP SINGLE MEMBER P.C.’
We at ‘DIMERA GROUP SINGLE MEMBER P.C SPORTING GOODS TRADE’ consider the protection of the privacy and data of our customers to be of the utmost importance and our are committed to providing them with personalised services that meet their requirements in a manner that safeguards their privacy. Your personal information (personal data) is used exclusively by ‘DIMERA GROUP SINGLE MEMBER P.C.’ and its employees in order to respond to your requests and better serve you, in accordance with this policy. The persons who handle personal information are trained for using appropriate procedures. The representatives and service providers of ‘DIMERA GROUP SINGLE MEMBER P.C.’ are required to keep your personal information private and not to use them for any purpose other than those serving the provision of specific services to us.
In addition, we may ask you in certain cases if we could share information with other reliable third parties. We will inform you when collecting such information if we expect this kind of information sharing with certain third parties. ‘DIMERA GROUP SINGLE MEMBER P.C.’ will define the types of businesses at the relevant point of collection of the information, describe the type of information to be transmitted (such as your address or your e-mail address) and will transmit the data to the other parties only if you consent.
Legal and regulatory framework
The Single-Person Limited Liability Company under the name ‘DIMERA GROUP SINGLE MEMBER P.C.’, trading as ‘DIMERA GROUP SINGLE MEMBER P.C.', with registered offices in Thessaloniki (at 1, Mikras Asias Street, tel.: 2310 944500), e-mail address: [email protected], with the main object of trading in sporting goods, collects and processes personal data in order to carry out its competences, process its electronic services and perform its legal obligations. For the purposes hereof, ‘DIMERA GROUP SINGLE MEMBER P.C.’ shall be referred to as the “Controller” within the meaning of Article 4(7) of the General Data Protection Regulation. The management and protection of the personal data of visitors/users of the website https://store.paokfc.gr owned by ‘DIMERA GROUP SINGLE MEMBER P.C.’ are subject to these terms, as well as the relevant provisions of European Regulation 2016/679 on the Protection of Personal Data (GDPR) and Law 4624/2019. These terms are set out taking account of both the radical development of technology and particularly the Internet and the existing set of legal regulations regarding these issues. The website https://store.paokfc.gr shall not engage in any misuse without your prior approval, in conformity with the personal data protection principles laid down in the relevant laws and international conventions. The website https://store.paokfc.gr shall in no way disclose, make public or exchange the personal data and information you entrust to us. Furthermore, it shall not transmit users’ personal information and data, e-mail addresses and any other information, in general, regarding its users to any other organisation or associate not affiliated with the company.
What is “GDPR” - Applicable Legislation.
The GDPR (General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, hereinafter the “Regulation”) aims at the establishment of a single legislative framework for the processing of personal data in the EU member states and replaces the previous Legislation (Directive 95/46/ΕC). The protection of natural persons in relation to the processing of personal data is a fundamental right. Article 8(1) of the Charter of Fundamental Rights of the European Union (the ‘Charter’) and Article 16(1) of the Treaty on the Functioning of the European Union (TFEU) provide that everyone has the right to the protection of personal data concerning him or her. The Regulation shall be binding in its entirety and directly applicable in all Member States (i.e. no special adaptation of the national legislation is required, as per Article 83 of the Regulation).
What are personal data?
The term “personal data” refers to a natural person's information, such as their full name, postal address, e-mail address, telephone number, etc. that establish or may establish your identity, hereinafter referred to as “Personal Data or Data”.
What is the processing of personal data?
Any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Who is the Controller?
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Who is the Processor?
A Processor is the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Is it compulsory to provide your Data?
Providing your Data to ‘DIMERA GROUP SINGLE MEMBER P.C.’ via this website may be necessary in order to achieve the goals set out in this Policy, or optional. If you refuse to provide the data marked as mandatory on the website (https://store.paokfc.gr), it will be impossible to achieve the main objective of collecting the specific Data and it could, for example, become impossible for ‘DIMERA GROUP SINGLE MEMBER P.C.’ to provide the services available on the website (https://store.paokfc.gr).
What type of data does ‘DIMERA GROUP SINGLE MEMBER P.C.’ collect through this website?
Any information within the meaning of personal data under the Personal Data Protection Regulation, the collection of which is not based on the law or the conclusion or performance of a contract, is collected by ‘DIMERA GROUP SINGLE MEMBER P.C.’ through this website only in the event that you choose to expressly consent.
We collect the following personal data:
Identification Data |
Full name, date of birth, telephone number |
Contact Data |
Postal address, e-mail address, telephone number |
Transaction Data |
TRN, type, place, time of products or services provided |
Contractual Relationship Data |
Contractual documents, information and consent forms, electronic statements of intention |
Transactional Behaviour Data |
Information concerning interests, preferences and participation in events, contests, surveys.
|
Health Data |
Due to the COVID-19 pandemic, health data may be collected. |
We do not collect or acquire any type of access to special categories of (“sensitive”) personal data (with the exception of the COVID-19 pandemic period due to strict instructions issued by the Ministry of Health) or data that concern criminal convictions and offences of our customers. Customers are obligated to abstain from providing such data that concern them or third data subjects (with the exception of the COVID-19 pandemic period due to strict instructions issued by the Ministry of Health). In the event that customers provide such data to ‘DIMERA GROUP SINGLE MEMBER P.C.’ these data will be deleted as soon as we are made aware of them (with the exception of the COVID-19 pandemic period due to strict instructions issued by the Ministry of Health). We at ‘DIMERA GROUP SINGLE MEMBER P.C'. shall bear no liability whatsoever towards customers or third parties for any provision and/or processing of sensitive data due to acts or omissions on the part of customers in breach of the above obligation. Visits to the websites of ‘DIMERA GROUP SINGLE MEMBER P.C.’ do not absolutely require the provision of any type of personal data on your part. However, in several cases, it is necessary for you to provide specific personal data indicated in the corresponding data entry fields on the website of ‘DIMERA GROUP SINGLE MEMBER P.C.'.
We at ‘DIMERA GROUP SPORTING SOLE OWNER LLC’ may collect and store the following personal information about you from the following exhaustive list of sources:
- identification data, communication data, transactional data, contractual relationship data and transactional behaviour data when you register as a new PAOK Club Card member,
- identification data, communication data, transactional data when you carry out electronic purchases of products or services provided by DIMERA GROUP through PAOK FC Official Stores
Personal contact data when you contact us to submit questions or requests or to ask information concerning the services provided by ‘DIMERA GROUP SINGLE MEMBER P.C.’ from publicly available sources.
The data collected through this website, https://store.paokfc.gr, may also be combined with data provided in other cases, e.g. when you call its call centres or participate in contests and promotional actions. The personal data provided to ‘DIMERA GROUP SINGLE MEMBER P.C.’ in these cases may be incorporated in existing databases and stored in order to simplify the systems used to manage your data.
‘DIMERA GROUP SINGLE MEMBER P.C.’ does not store and does not collect payment details during electronic or online payments via debit, credit or prepaid card. More specifically, upon recording the number, security code, holder’s full name and expiry date of the credit or debit card and upon completing the payment, these data are automatically transmitted to the competent Bank. The Bank collects the data, carries out the payment and then confirms the completion of the transactions to ‘DIMERA GROUP SINGLE MEMBER P.C.'.
Collection and purposes of use of personal data
‘DIMERA GROUP SINGLE MEMBER P.C.’ collects personal data from you for the following purposes:
Transactions: ‘DIMERA GROUP SINGLE MEMBER P.C.’ may use the personal data of visitors/users to process any transactions concluded with them, such as credit card payments etc.
Advertising/Marketing: ‘DIMERA GROUP SINGLE MEMBER P.C.’ may use the personal contact data of visitors/users for information purposes and promotional actions concerning contests, gifts, discounts on products and services of ‘DIMERA GROUP SINGLE MEMBER P.C.' and associated companies and sponsors, following their express consent.
Improvements and adjustments to the website: ‘DIMERA GROUP SINGLE MEMBER P.C.’ will use this information solely for the reasons for which they were collected and in order to provide you with information. It will also use this information in order to adapt the content of the website to your needs and to improve its compositions, changes and dynamism.
Provision of online services through user authentication processes: ‘DIMERA GROUP SINGLE MEMBER P.C.’ will use this information in order complete your electronic application. More specifically: For registration or authentication on its applications.
Credit check: In certain cases, we at ‘DIMERA GROUP SINGLE MEMBER P.C.’ may carry out certain credit checks with the competent bodies , when you request a service or product. If this applies, then it will be listed in the terms and conditions of the activity between you and ‘DIMERA GROUP SINGLE MEMBER P.C.’ or the company that will carry out the processing.
Legal use: We at ‘DIMERA GROUP SINGLE MEMBER P.C.’ may collect, store, disclose and, generally speaking, process the personal data of visitors/users when this is required by the Personal Data Protection Regulation and/or the law or when necessary in order to protect the interests of both sides, as they derive from the transactional and contractual relationship between them or the business-consumer relationship.
COVID-19: for reasons of public health prevention (tracing cases) and public interest, due to the COVID-19 pandemic.
DISCLAIMER: As regards the collection of personal data not conducted online through the websites owned by ‘DIMERA GROUP SINGLE MEMBER P.C.’ and concerning the processing of the personal data of employees, candidate employees, associates, contractors, suppliers, private citizens, customers and, generally speaking, natural persons, separate detailed notification is provided in writing to the data subjects during the collection of the above data, in line with the relevant requirement set forth in Articles 13 and 14 of the GDPR.
Data Retention - Storage
We at ‘DIMERA GROUP SINGLE MEMBER P.C.’ store your personal data solely for the time required to provide a service you requested or approved, without prejudice to any legal provisions to the contrary, as is the case with issues governed by commercial and/or taxation legislation, the various applicable provisions, etc. In any event, the personal data you provide us and which are recorded in written agreements, contracts and electronic correspondence concerning the execution of a contract or the realisation of a commercial transaction are stored for a period of 20 years in a physical and electronic archive kept at the legal department, the sales/contracts department and the accounting department of ‘DIMERA GROUP SINGLE MEMBER P.C.’ or any other third party that directly or indirectly provides the above services or assists the departments in question in the discharge of their duties or provides management services to us.
Any health data collected during the COVID-19 pandemic shall be deleted immediately after the pandemic ends and following instructions issued by the Ministry of Health.
Data erasure
Your data shall be erased on a case-by-case basis and always in accordance with the provisions laid down in the applicable legislation.
Personal data transmission
‘DIMERA GROUP SINGLE MEMBER P.C.’ does not transmit personal data to third parties unless it is required for legitimate purposes in order to respond to your requests and/or provided that it is required or permitted by law. In any case, access to your personal data is only allowed to authorised persons, who are required to have access to allow the attainment of their collection, use and processing, as hereby notified. In certain cases, ‘DIMERA GROUP SINGLE MEMBER P.C.’ may transmit your personal data to competent Public Authorities or natural or legal persons entrusted with processing, on the condition that we inform you in advance and obtain your prior consent, where it is required for the processing in question. Persons with access to the data shall respect their confidentiality.
Log files
We use IP (Internet Protocol) addresses to analyse trends in the use of Internet, manage the resources of our computers and our network, monitor any unauthorised illegal or malicious activity (attacks) and collect general demographic data (country of origin) for aggregate use.
IP Addresses
The IP address of the computer used by the visitor/user/member to have access on the Internet and then on the Website/Application, is stored and can be used, if necessary, in case of infringement of the Terms of Use of the Website/Application by the visitor/user/member. IP addresses do not constitute personal data.
Data security
The internet, just like any other medium used to transmit information, cannot be considered 100% secure. Security on the Internet is a sensitive issue and mainly relies on reliable organisations and companies respecting the confidentiality and safety of its Users’ data. ‘DIMERA GROUP SINGLE MEMBER P.C.’ endeavours to apply strict security and control measures for the protection of your personal data, in order to ensure compliance with all applicable legal requirements. We at ‘DIMERA GROUP SINGLE MEMBER P.C.’ employ security measures at a technical and organisational level aiming at the security of the data collected from you against any intentional or unintentional attempt of handling, loss, destruction and, generally speaking, access , to them by unauthorised individuals. Our security measures undergo continuous controls and updates in accordance with the latest technological developments. ‘DIMERA GROUP SINGLE MEMBER P.C.’ uses state-of-the-art encryption and data protection tools (256-bit encryption, secure pages, network protection system-firewall, digital signatures, etc.). Access to your personal data is limited solely to employees authorised for this purpose, so that they may provide you with products and services by accessing these data. Physical, electronic and procedural safeguards, harmonised with personal data protection regulations, have been activated. We at ‘DIMERA GROUP SINGLE MEMBER P.C.’ take every precaution possible to keep your personal data secure. However, due to the nature of the Internet, the company cannot guarantee the protection of communications or the data stored in its browsers from any unauthorised access by third parties.
Internet Access
If you contact ‘DIMERA GROUP SINGLE MEMBER P.C.’ online, we may occasionally use e-mail or postal address or telephone number to contact you, provided that you have provided them to us voluntarily. Please note that online communications such as emails etc. are not secure unless they are encrypted. ‘DIMERA GROUP SINGLE MEMBER P.C.’ shall bear no liability whatsoever for any unauthorised access or loss of your personal information that is beyond its control.
Privacy policy and children
This website has been designed for and is intended to be used by adults. If you are a minor and parental consent is required in your country (in Greece this limit is 15 - Law 4624/2019), you need to review the terms of this Privacy Policy together with your parent or guardian to make sure that you understand and accept these terms. If it is found that we have collected the information of a minor without the consent of their parent or guardian when such consent should have been obtained, we will delete the information in question as soon as possible.
Contact through the platform website
If a user contacts us through the contact form or in any other way, the provision of their personal data takes place voluntarily and exclusively at the user’s free will. We will process the personal data in question solely to the extent that it is necessary for the specific purpose.
Social Networking Sites
Our Website may offer the possibility to share items on Social Networks and other related tools that allow you to share your actions on the Website to other applications, websites or mass media, and vice versa. The use of such features allows the exchange of information with your friends or the public in general, depending on the settings you have set on your personal profile. Please consult the Privacy Policies of the social network services for more information on the processing of your data.
Special Categories of Data
Please do not send us your sensitive personal data by e-mail or disclose such data using the contact platform. The processing of personal data under this category by no means serves the purpose of processing, as defined in this Policy.
Monitoring of communication
All communications of ‘DIMERA GROUP SINGLE MEMBER P.C.’ with you (including phone calls, e-mails etc.) are neither monitored nor recorded.
Links
Our website may contain links to other websites. This personal data protection Statement applies solely with regard to the access of users to this website and other websites exclusively managed by ‘DIMERA GROUP SINGLE MEMBER P.C.’. The administrator of this web portal shall in no way be held liable for the personal data protection terms of other websites under the responsibility of third parties (natural or legal persons).
Revisions to the Policy
‘DIMERA GROUP SINGLE MEMBER P.C.’ reserves the right to modify or revise this Policy periodically, at its unfettered discretion. Where changes occur, ‘DIMERA GROUP SINGLE MEMBER P.C.’ shall record the data of modification or revision herein and the updated Statement shall apply to you as of that date. We encourage you to periodically review this Statement in order to examine whether the way we process your personal data has changed.
Applicable law and Jurisdiction
With regard to any dispute arising between users and ‘DIMERA GROUP SINGLE MEMBER P.C.', Greek law shall be the applicable law, and the courts of the Prefecture of Thessaloniki shall have jurisdiction ratione materiae over the dispute.
What are your rights?
Under the Personal Data Protection Regulation [EU General Data Protection Regulation (GDPR) 2016/679], as in force, you have the following rights:
- a) the right to access;
- b) the right to rectification;
- c) the right to erasure, under certain conditions, such as when processing is no longer necessary for the purpose for which the data were initially collected and there is no imperative reason to continue processing (or storing) your information;
- d) the right to restriction of processing;
- e) the right to data transmission;
- f) the right to object and the right not to be subject to a decision based solely on automated processing, including profiling;
- g) the right to lodge a complaint with a supervisory authority.
In other words, you have the right to receive, upon request, free information on the personal data we have stored that concern you, to object, upon request, to the processing of data that concern you, valid thenceforth, and to withdraw your consent, and, in accordance with the applicable provisions, the right to rectification, restriction of processing, data transmission, erasure of the data in question and the right to lodge a complaint with a supervisory authority. In such cases, please contact the competent Personal Data Protection department of the Company listed below in writing via original letter or fax or e-mail.
Right to lodge a complaint
Should you believe that the processing of your data infringes Regulation (EU) 2016/679, you have the right to lodge a complaint with the supervisory authority. The competent supervisory authority for Greece is the Hellenic Data Protection Authority, 1-3, Kifisias Street, GR-11523, Athens, https://www.dpa.gr/, tel.: 2106475600.
Contact
‘DIMERA GROUP SINGLE MEMBER P.C.’ informs you that it has appointed a Data Protection Officer, whom you may contact at: [email protected]. If you have questions or recommendations concerning this Policy, please contact the above address. Constant Internet developments in general necessitate the adaptation of our rules concerning the protection of online data from time to time. ‘DIMERA GROUP SINGLE MEMBER P.C.’ reserves the right to make any recommended changes to these rules at any time.
Cookies Policy
‘Cookies’ are data files sent by websites to your computer when you browse that website. These data files contain data that allow our website to remember important information that will make your use of the website more efficient and useful. Our website uses cookies for various purposes. We use cookie technology and IP address to obtain non-personal information concerning visitors to each website and in order to provide registered visitors with the best personalised online experience.
How do we use cookies? Visitors to the ‘DIMERA GROUP SINGLE MEMBER P.C.’ website use different Internet browsers and computers. In order to further facilitate your visits using your technology of choice, we automatically record the browser and operating system used by each visitor, as well as the name of the Internet service provider of each visitor. We also record the total number of visitors to the website in an aggregated manner in order to update and improve our website. No personal information is exported through this process. These data show us whether more visitors prefer specific functions or sections of the website over others, which helps us keep our website up to date with new material that is interesting for the majority of our visitors. More specifically, we use the following types of cookies:
Cookies that are strictly necessary for the operation of the website and user identification: Strictly necessary or essential cookies are of essential importance for the proper operation of our Websites, enabling you to browse the website and use its features, as well as access secure areas or use the shopping cart. These cookies do not identify users. Without these cookies, our Websites cannot function effectively.
Functionality cookies: These cookies help us remember your preferences while browsing our website, enabling us to recommend more relevant products of interest to you, so that you can find what you are searching for more easily and quickly.
Performance cookies (Google Analytics): These cookies collect information about the performance of our website and help us identify which products have the highest traffic, which pages may present browsing problems, etc. These cookies are only used to improve our website and facilitate your browsing.
Marketing Cookies (Facebook Pixel, AdWorks): This presents advertisements to persons who have visited our website or used our mobile app. For example, when people leave our website without buying anything, remarketing helps us reconnect with you by displaying relevant advertisements, minimising meaningless advertisements.
Active Campaigns: This provides integrated e-mail marketing, marketing automation, and CRM for small businesses. We can send you beautiful newsletters, set automations based on behaviour and benefit from sales automation.
Moosend: This is electronic marketing and commerce automation software. With it we can design beautiful campaigns or start personalised conversations and communications with visitors on greater scale.
Third-party suppliers, including Google and Facebook, may display advertisements of ‘DIMERA GROUP SINGLE MEMBER P.C.’ on websites, use cookies to update, optimise and display advertisements based on past visits of users to the website https://store.paokfc.gr.
How do we use cookies to personalise your experience on our website? Cookie technology helps us provide information that fits the interests of visitors and allows us to facilitate registration, participation in lotteries and contests, and access to other functions available on our website for visitors. Where allowed, we may correlate personal information with a cookie file in such cases.
What if you do not wish to accept cookies? If you do not wish to accept cookies, you can click on the special pop-up banner to select which settings you wish for your computer each time: ACCEPT/MORE SETTINGS/REJECT (Check the Help menu of your browser to learn how you can change or correctly update your cookies settings).
What are webbeacons and how does the Company use them? Some of the webpages and newsletters of ‘DIMERA GROUP SINGLE MEMBER P.C.’ may contain electronic images called webbeacons, also known as one-pixel GIF files, pure GIF files or pixel tags. Their use on websites allows the counting of visitors who have accessed the pages of ‘DIMERA GROUP SINGLE MEMBER P.C.’. Their use in our product/service promotion e-mail messages and newsletters allows us to measure how many registered users have read the material we are sending. Webbeacons allow us to develop statistical information about the activities and functions that are most interesting to our visitors/users in order to provide more personalised material. They are not used to access personal information without your consent.
Disabling cookies may affect your ability to use certain products/services on the ‘DIMERA GROUP SINGLE MEMBER P.C.’ website.