1. The limited partnership styled “DRESS 2 UNDRESS L.P.” and the distinctive title “DRESS 2 UNDRESS”, seated in Glyfada Attica, no. 27-29, A. Metaxa str., respecting fully the privacy of the users’ personal data, undertakes to comply fully with the applicable law (regulation (EU) 2016/679 – henceforth the “GDPR”).
2. Data Protection Officer (DPO)
The Data Protection Officer is the limited partnership styled “DRESS 2 UNDRESS L.P.” and the distinctive title “DRESS 2 UNDRESS”, seated in Glyfada Attica, no. 27-29, A. Metaxa str., (“Controller”).
Contact e-mail: [email protected]
You may contact the Data Protection Officer (DPO) at the following e-mail: [email protected]
3. Processed Data:
The following data are susceptible of processing:
The usual personal data that you may provide when you use Website operations, including any web browser program, as well as any data collected by cookies, as determined in Cookies Policy.
“DRESS 2 UNDRESS L.P.” is committed to ensure your privacy protection. More specifically, it collects information regarding (a) the data provided by the user upon his registration as a client, (b) the data, provided by the user for the execution of his order by the Company and (c) the data, provided by the user in order for him to participate in the from time to time tenders. Upon the filling of any order form on our website, you will be requested to give your full name, your address, your area zip code, your e-mail, your phone number, your credit card data, your order payment method. In addition, you may be asked to give more specific information, such as order shipping – delivery information, pricing information or details as to the offer requested by you.
Any information provided by you upon the emailing of our e-shop membership account creation - registration form, may be used in order for us to contact you regarding (a) the delivery of your order at your place, (b) the verification of the identity of the client in any necessary case, (c) for any new or alternative products offered by “DRESS 2 UNDRESS L.P.”, (d) any special offers of “DRESS 2 UNDRESS L.P.”.
Therefore, each order execution requires the collection of personal data, for the delivery or booking of the said order. Subsequently, the use of credit card, the debiting of which requires its holder identification supporting evidence, is under any circumstance secured. The credit card data are only required upon the completion of your orders, provided that you have opted the relevant payment method and only relate to their e-transmission via a secured environment to the banking institution, solely for the completion of payment.
“DRESS 2 UNDRESS L.P.” does not store any credit card data in its systems, except the last 4 figures of the card number, in order to proceed to the identification, as the case may be. Any supporting evidence and document certifying and demonstrating the identity of the client remains strictly confidential and is only controlled by the competent department in charge of “DRESS 2 UNDRESS L.P.”.
In any event, even without your consent, we reserve the right to process your personal data in order for them to comply with the legal obligations, deriving from the law, the regulations and the EU legislation, exercise any legal remedies rights, preserve your own lawful rights and apply as the case may be, as prescribed by article 6 and 9 f the GDPR.
Processing is performed via computers as well as printed material and it is always in line with the safety measures stipulated by the applicable law.
Any information that you share is used for the optimization of our services. There are necessary also for making purchases. Information is used for: improving services and products, your updated as to any new products, services etc., following your approval, provision of information in case you have made any purchase. The shop allows you to change, delete and add information and data already provided by you. Please not that we make all efforts for the safeguarding of your data; however, your account’s password safety depends on you.
Whenever your consent for the use of your personal data is required and needed, you opt for the corresponding box or else by an email. For example, we will process your personal data for promotion only if we have your prior consent.
Newsletter and communication between us
In case you approve, we would like to inform you on any “DRESS 2 UNDRESS” products, services, events, sales, promotions (including such of individualized content and advertising, social media).
Upon the completion of your purchases, you may opt for the corresponding box (optin) in order for us to send you promotion messages, newsletter, updates. Upon your approval, we will use your email as an expedient manner to communicate with you with regards to your order or for any other notification and reminder. We may, at any time, inform you for the website or for any new presents; however, only with your explicit consent. Whenever you wish, you may opt-out from the promotion messages, newsletter and updates service.
4. Why and how we process your personal data
Upon your approval as a user, the Company may process your standard personal data in order to ensure that you may benefit from the available services and operations and optimize their efficiency, collect statistic information regarding their use for the management of the requests and reports received via Website as well as your subscription, in any limited access area and initiative (e.g. tenders) which may be posted up to the Website pursuant to Article 6.1.a. of GDPR. The Company may also process your personal data for the fulfillment of any obligations deriving from statutes, regulations and the European Union law: the legal grounds for this process is article 6 paragraph 1 item c) of GDPR.
All your data are subject to processing by the use of automated or electronic tools, which are appropriate for the full safeguarding of safety and confidentiality.
5. Browsing Data
Ιf you just visit the Website (that is, without sending any message or using any of the services/operation available) your data processing is confined to the browsing data, that is such which should be sent to the Website for the operation of the computers on which such operates and of the communication protocols via Internet. This class includes, for example, IP addresses or computer domains used for visiting the Website and other parameters which relate to the operational system used for getting connected to the Website. The Company only collects these as well as other data (such as, indicatively, the number of visits and the time dedicated to the Website) for statistical purposes and in an anonymous form, in order to monitor the operation of the Website and improve its efficiency. These data are not collected in order to be combined to other information related to the users or for the identification of the users. However, this information, which by their very nature, may allow the Company to identify the users through the processing and connection with data held by any third party. Subject to the provisions of the Policy and of Cookies, the browsing data described above are only stored provisionally, pursuant to the law.
6. Data Storage and Duration
Under article 5 paragraph 1 item c) of GDRP, computers and programs used by the Company are created in such a manner so that to limit to a minimum the use of personal data and identification data. These data are only subject to process to the extent that is necessary for the attainment of the purposes set out in the present Policy and will be stored for as long as it is absolutely necessary for the attainment of the specific goals sought. In any case, the criterion used for the fixation of the storage period is based on the compliance with the deadlines permitted by law and by the principles of minimization of data, restriction of storage or of the rational management of our files. We do not retain your data for a time period longer than what is necessary for the fulfillment of the purpose for which they are subject to processing. In order to determine the appropriate time period of retention, we take into account the amount, nature and sensitivity of the personal data, the purposes for which we are processing them and the possibility to succeed in these purposes by other means. When we no longer need your personal data, we delete or destroy them safely. In addition, we take into account the manner in which we could eventually minimize, over time, the personal data used, as well as whether we can retain them anonymously, in order to avoid being associated or identified with you. In this case, we may use them without any further notice.
7. How we secure the safety and quality of your personal data.
We apply a series of measures, in order to keep your information safe and protected, which may entail encryption and other safety forms. We demand from our staff and every third party, which conducts any work on our behalf, to abide by the appropriate compliance standards, including any obligation to protect all information and apply the appropriate measures for the use and transmission of information. The personal data are stored on secure server installation with controlled access.
For your safe browsing to the Store as well as for the safety of your transactions with it, the Company takes all appropriate measures, by adopting modern high quality safety specifications pursuant to the market trends, such as SSL (Secure Socket Layer) high level encryption technology of Thawte, which are put into operation during the introduction of sensitive personal data, offering a 225 bit codified communication. Please, note that we do everything possible to protect your personal data and that safe browsing to our Store as well as the protection of your personal account password with “DRESS 2 UNDRESS” depends also on you.
8. The Company does not transmit personal data to any third party.
In certain cases, the Company may share your personal data with various associated companies or service suppliers, in order to respond to your requests or to such of any natural persons or legal entities, who have been assigned the processing, upon condition that you will be notified in advance and obtain your prior consent. Any individuals having access to data should respect their confidentiality. Any “DRESS 2 UNDRESS” staff engaged in the processing of personal data has access thereto. More specifically, the staff of information, administration, customers service, marketing departments as well as any other persons that need to process any personal data in order to carry out their work and within the context of our dealings.
9. User’s rights
You may exercise at any time the rights granted by articles 15-11 GDRP: a) Know your personal data classes kept and processed by us, their origin, the purposes of their processing, the classes of their recipients, the time period of their retention as well as your relevant rights (access right).
b) Request the correction or/and complementation of your personal data, in order for them to be complete and accurate (correction right), by producing any requisite document evidencing the need of correction or complementation.
c) Request the restriction of your data processing (restriction right).
d) Object to any further processing of your personal data that we keep (objection right).
e) Request the deletion of your personal data from the files kept by us (right to be forgotten).
f) Request the transfer of your data from our Company to any other process officer (data portability right).
g) File a complaint to the Personal Data Protection Authority (www.dpa.gr) provided that you believe that your rights are affected in any manner whatsoever.
The exercise of the rights above (a-g) applies to the future and does not relate to any already performed data process.
10. You may contact the Process Officer or/and DPO at the addresses given above, in order to submit any request you may have with regards to the personal data processing by the Company, exercise your legal rights and obtain an updated list of the parties who have access to your data. The service above is offered by “DRESS 2 UNDRESS” free from charges. In case, however, where the requests of the User are evidently groundless, extraordinary or repeated, the Company may either impose to the Client the payment of a reasonable fee, by notifying him accordingly, or decline to respond to his request(s).
“DRESS 2 UNDRESS” reserves the right to amend the present policy in order to apply the from time to time applying law for the protection of data, as well as in any other case it considers it necessary without any prior notification to the users/clients.