Privacy Policy

Increasing economic and scientific collaborations as well as mutual provision for data processing services result in the exchange of personal data, a trend reinforced by the increasing use of modern telecommunications media. For these reasons, it is necessary to process the data carefully.

CHARALAMPIA NIKOLOPOULOU (hereinafter the Company) beneficiary of the website laceboutique.gr informs you that the processing of your personal data, which is performed through the website (“Website”) or which are collected through any contact form ( “Form”) is carried out in accordance with applicable data protection legislation (Regulation (EU) 2016/679 – hereinafter “GDPR”) and the Website Privacy Policy and states that compliance with data protection principles for processing them is its purpose as it is committed to respecting your individual rights and your privacy.

The website of our Company handles personal data with special care and always in accordance with EU Regulation 2016/679, the applicable National Law and applicable law. At our Company, we know that protecting the privacy of our customers is very important and our priority is to protect your personal information. The purpose of the Privacy Policy is to inform you about the type of information we collect about you, how we use this information, whether we share or share it with third parties and how we store it.

The Privacy Policy applies to this website and to every website, online and offline promotional activity of the Company.

This policy is subject to change from time to time, so please check this page to be notified of any changes.

For this reason, we want to keep you informed about the way we collect, use and share information about you. The collection, use and disclosure of your information is based on your consent or in accordance with applicable law.

For these reasons, it is necessary to process the data carefully.

The online store of the Company handles the personal data with special care and always in accordance with the EU Regulation 2016/679, the applicable National Law and the current legislation.

For the purposes of this Directive, the following definitions shall apply:

Data Subject: any natural person whose personal data are processed by or on behalf of the Company

Personal Data: any information relating to a designated or identifiable natural person relating to his or her physical, physiological, psychological, emotional or economic status, cultural or social identity.

Processing: processing of personal data (“processing”), any work or series of tasks performed on personal data, such as the collection, registration, storage, modification, analysis, use, association, commitment (lock), deletion or destruction.

1. Criteria of legality

Personal data may be processed if at least one of the following applies:

  • the subject has given his consent
  • processing is necessary for the performance of a contract to which the subject is a party
  • processing is necessary to comply with a legal obligation.

2. Principles applicable to processing

We are allowed to process your personal data in order to provide personalized services, based on the law (Article 6 (1b) of Regulation (EU) 2016/679) and the relevant National Implementing Law. Your personal data is not used for purposes other than those described in the Declaration, unless we obtain your prior permission, or unless otherwise required or permitted by law.

Personal data should be processed in a manner compatible with the purpose for which it was collected.

The principle of proportionality applies to the processing of personal data. Among other things, it creates the obligation not to collect personal data for no reason.

The personal data used should be accurate and up to date.

Personal data used that is no longer accurate and complete should be corrected or deleted.

Except in cases where there is a legal obligation to keep them for a longer period of time, personal data should not be kept for longer than is necessary for the purposes for which they were collected or processed.

The processing of personal data should be done in accordance with the principles of good faith. This means that data subjects can rely on the fact that processors will show due diligence in all data processing matters.

Individuals whose personal data has been processed should be informed accordingly upon request. In particular, they have the right to be informed about the purposes for which their data are processed, the type of data to which they relate, as well as the identity of the recipients of the data. Where necessary, data subjects also have the right to request the correction, non-transmission or deletion of their data.

The above rights can be restricted only if this restriction is provided by law. This is especially true when conducting scientific research.

In particular, personal data is protected against unauthorized disclosure and any unlawful processing. The measures implemented should ensure a level of security commensurate with the nature of the data to be protected and the risks that may arise from its processing.

The Company is responsible for the implementation and compliance with EU Regulation 2016/679 and the applicable National Law.

The employees of the Company who deal with the processing of personal data are accordingly informed.

Why and how we process your data

The data are processed for the following purposes:

  • to process the requests, you submit with the “Form”, to enter your order on the site and provide information through it. The legal basis for the processing of personal data for this purpose is your consent (Article 6 (1) (a) and Article 9 (2) (a) of the GDPR Regulation) and the performance of the contract to which you are a party to the data
  • to manage adverse reaction reports submitted through the Website or Forms. The legal basis for processing for these purposes is your consent (Article 6 (1) (a) and Article 9 (2) (a) of the GDPR Regulation), as well as the pursuit of any public interest (Article 9 (2) (i)) of the GDPR Regulation) and legal obligations;

As you visit our online store, we will track the products you have seen and use it to show you which products you have seen recently.

The location, IP address, and browser type will be used for purposes such as estimating taxes and shipping costs.

We will ask you to enter your address so that we can, for example, estimate the shipping costs before placing an order and have the order shipped to you.

We will also use cookies to track the contents of the cart while you browse our website.

When you purchase from us, we will ask you to provide information such as your name, billing address, shipping address, email address, phone number, credit card / payment details and optional account information such as username and password. We will use this information for purposes such as:

  • Send us information about your account and your order
  • Respond to your requests, including returns and complaints
  • For payment procedures and fraud prevention
  • To set up your account in our store
  • To comply with our legal obligations, such as the calculation of taxes
  • To improve the offers of our store
  • To send you marketing messages if you choose to receive
  • If you create an account, we will save your name, address, email and phone number, which will be used to replenish the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it and we are not legally obligated to continue to maintain it. For example, we will store order information for tax and accounting purposes. This includes the name, email address, and billing and shipping addresses.

We will also save comments or reviews if you choose to leave them.

Who in our team has access?

Our team members have access to your data we collect. For example, System Administrators and Store Administrators have access to order information such as what was ordered, when the order was placed and where it will be shipped. In customer details, such as name, email, shipping address and billing information.

Our team members have access to this information in order to fulfill your order and provide every possible support.

What we share with others

In order to process your order, we will share your data such as name, address, phone number with courier companies to send your order.

Payments

To process your orders, we will share your data such as name, address, email with the PayPal service with which online payments are made.

All online payments we accept are made through PayPal. As the payment is processed, some of your data will be sent to PayPal, such as the total value of the order and the shipping address of your order.

See more in PayPal usage agreements.

By selecting the appropriate boxes, you agree to the processing of your data for these purposes.

Your data may in any case be processed, even without your consent, for compliance with laws, regulations, EU law (Article 6 (1) (c) of the GDPR), for obtaining statistics on the use of the Website and its proper functioning (Rule 6 (1) (f) of the Rules of Procedure).

Personal data is entered into the Company’s IT system in full compliance with data protection legislation, including security and confidentiality profiles, and is based on principles of good practice, legality and transparency regarding processing.

The data are stored for as long as it is absolutely necessary to achieve the purposes for which they were collected. In any case, the criterion used to determine this period is based on compliance with the deadlines set by law and the principles of data minimization, storage limitation and rational file management.

All your data will be processed in printed or automated media, ensuring in each case the appropriate level of security and confidentiality.

The procedures for the processing of personal data of third parties upon agreement, are defined as follows:

  • The Company bears no responsibility for personal data of third parties which the customer submits to the Company.
  • Our customers themselves have the responsibility to have the explicit consent of the third parties, whose data they provide us. In the event that the third party is deemed unable to ensure a satisfactory level of security of the third-party personal data, the Company will terminate the cooperation and will not bear any responsibility for any third-party data that may have been processed.

3. Access to personal data and Rights

If you wish, you can request at any time to be informed about your personal data held by the Company, their recipients, the purpose of their maintenance and processing as well as their modification, correction or deletion, by sending a relevant e-mail to laceboutique.gr from the email address you provided, attaching a copy of your police ID. You also have the right to review the personal data we hold and in general to exercise any right provided by law for the protection of personal data.

4. Security of Personal Data

The Company implements specific technical and organizational security procedures in order to protect personal data and information from loss, misuse, alteration or destruction. Our partners who support us in the operation of this website also comply with these provisions. In particular, we have a vertical Server, our own powerful order management technology. In general, the Company makes every reasonable effort to keep the personal data collected only for the period for which it is needed for the purpose for which it was collected or until their deletion is requested (if this occurs earlier), except if it continues to comply with the provisions of the current legislation.

5. Revisions of the Declaration

The Company reserves the right to modify or periodically revise this Statement, at its sole discretion. In the event of any changes, the Company will record the date of modification or revision in this Statement and the updated Statement will be valid for you from that date. We encourage you to periodically review this Statement to determine if there are any changes to the way we handle your personal data.