Privacy Policy
POLICY ON THE PROTECTION OF PERSONAL DATA
1. In general
In compliance with the provisions of the European Regulation on the Protection of Personal Data and the relevant Greek legislation (as amended and in force), the COMPANY manages the personal data which are submitted by the USER with the utmost care, ensuring in any case their protection and privacy.
The USER may browse into the website without being asked of any personal information from the COMPANY, unless expressly otherwise informed and requested. The COMPANY collects personal data that are disclosed only when the USER is registered at its services, as well as when they proceed to an order as an unregistered USER. In any case, this information is considered as necessary to perform the online purchase and the relevant USER’s update on the proceedings
2. In which cases are the data collected
The COMPANY collects five types of information about the users: (1) data provided by the USER when registered as a REGISTERED USER, (2) data provided by the USER in order for the COMPANY to execute their order, (3) data provided by the USER in order to participate in competitions (4) data provided by the USER for telephone and Internet service’s activations, (5) data that the user gives when connecting through another platform (ios, android, Facebook, Google). When completing any order form on the website, the USER will be asked for their name, address, postal code of their area, e-mail address, telephone, payment method and credit card details (if this payment method has been chosen). In addition, more specific information may be required, such as an order’s delivery or delivery details, pricing details, or details on an offer. The COMPANY makes use of these data provided by the USER while completing their e-order’s form, in order to contact him/her regarding (i) the order’s delivery in the place indicated, (ii) for customer’s confirmation and identification in every necessary case, (iii) for COMPANY’s new or alternative products offered (iv) COMPANY’s special offers (v) receipt of gifts after a competition.
You have the option to choose whether or not to receive such notifications/newsletters from the COMPANY by sending your request via e-mail to info@moya.com.
Every order processing requires the collection of personal data either for an order’s delivery or for the products’ reservation. In addition, the debit of a credit card requires identification of legally identifiable data on the first time and is in any case guaranteed by the electronic environment of each Bank. Any supporting documentation certifying and declaring the identity of the client remains strictly confidential and is controlled only by the COMPANY’s department in charge. The personal data’s submission by the USER means that he/she agrees and accepts that those data will be used by the COMPANY’s employees for the reasons mentioned above. It is requested by the COMPANY’s to provide the USERS with the security level mentioned in the present Privacy Policy. In no other case the COMPANY will share with third parties the USER’s personal data without their prior consent, unless this is required by the law.
3. Data’s Use
In order to continuously improve and enhance the COMPANY’s services, e-mail marketing messages related to the COMPANY may be sent to the USER, which may be of their interest. The USER can choose the types of notifications they want to receive at any time by updating their email preferences. Sending sms to the mobile phone number which was declared during the USER’s order, is only to inform them about the progress of their order.
The COMPANY will not use the USER’s data for advertising purposes unless the USER has given their explicit and free consent. With regard to existing customers, COMPANY may use the email address received by the USER with an existing customer relationship to provide them with marketing materials related to similar products or services that they have previously requested, used or you may be interested.
The USER can be deleted at any time or alternatively, they may choose through their account whether or not to receive promotional / promotional material via email or sms. The USER may also oppose this use at the time of collection and every time they send a message. In order to stop receiving emails for marketing purposes, the USER is proposed to follow the instructions in the e-mail received.
4. Data’s use for advertising purposes
In order to continuously improve and enhance the COMPANY’s services, e-mail marketing messages related to the COMPANY may be sent to the USER, which may be of their interest. The USER can choose the types of notifications they want to receive at any time by updating their email preferences. Sending sms to the mobile phone number which was declared during the USER’s order, is only to inform them about the progress of their order.
The COMPANY will not use the USER’s data for advertising purposes unless the USER has given their explicit and free consent. With regard to existing customers, COMPANY may use the email address received from the USER with an existing customer relationship to provide them with marketing materials related to similar products or services that they have previously requested, used or you may be interested.
The USER can be deleted at any time or alternatively, they may choose through their account whether or not to receive promotional / promotional material via email or sms. The USER may also oppose this use at the time of collection and every time they send a message. In order to stop receiving emails for marketing purposes, the USER is proposed to follow the instructions in the e-mail received.
5. Legal obligations
THE COMPANY may need to use and maintain personal data for legal and compliance purposes such as the prevention, detection, or investigation of a crime, prevention of loss, fraud or any other misuse of its services and IT systems. The USER’s personal data may also be used by the COMPANY for internal and external audit requirements, information security purposes, or to protect or enforce its rights, privacy, security, property or other persons.
6. Processing of children’ personal data
The COMPANY will not collect or process personal data of children under the age of 16 unless a parental consent has been given in accordance with applicable local law. If the COMPANY realizes that a child’s personal data was collected in error, they will be deleted without undue delay.
7. Processing sensitive data
In some cases, the COMPANY may process special categories of personal data relating to the USER (“sensitive data”). Sensitive data defines personal data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, participation in trade unions, genetic data, biometric data to identify a natural person, health or sexual life, or sexual orientation. For example, the COMPANY may process sensitive data that the USER has made public. The COMPANY may also process sensitive data, where appropriate, to support, exercise or defend legal claims. The COMPANY may also process the USER’s sensitive data if they have freely given their explicit and separate consent in a specific context for a particular purpose.
8. Correction, Modification or Deletion of Information/Data
The website allows and encourages its USERS to correct, change, supplement or delete data and information submitted. If the USER chooses to delete some information, the website will act to delete this from the COMPANY’s files immediately. For the USER’s protection and security, the website will attempt to make sure that the person making the changes is the USER himself. To access, change or delete your personal data or to report problems arising from the website’s functioning or make any question please contact by e-mail at info@moya.com. Changing or correcting your personal information can also be made through the sign-up page. Please note that the Company will do everything possible to protect the USERS’ password privacy
9. USER's rights
As a data subject, the USER has specific legal rights regarding the personal data collected by them. THE COMPANY will respect those rights and deal adequately with their concerns. The following list contains information about the USER’s legal rights of arising from applicable data protection laws:
- Right to withdraw the consent: Where processing of personal data is based on the USER’s consent, they may withdraw its consent at any time.
- Right of correction: The USER may request the Company to correct the inaccurate personal data concerning him or her. THE COMPANY makes reasonable efforts to maintain the personal data held or controlled by her and are used on a continuous basis, accurate, complete, current and related, based on the most up-to-date information available. The USER also has the ability to check and correct their personal data by entering his /her personal account.
- o Right of limitation/restriction: The USER shall have the right to request from the COMPANY/data controller the restriction of processing where one of the following applies:
(i) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
(ii) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
(iii) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;
(iv) If the USER has objected to the processing for the period the COMPANY verifies whether its legitimate interests override their own.
Right of access: The USER may request information about the personal data the Company holds, including information about the categories of personal data in its possession, process or control, for the purpose they are used, from who they were collected (if not directly by the USER) and to whom they have been disclosed etc. The USER may receive from the COMPANY without charge a copy of their personal data. THE COMPANY reserves the right to charge a reasonable fee for any further copies that may be requested.
- Right of data portability: Based on a USER’s request, the COMPANY will transfer their data to another controller if technically feasible, provided that the processing is based on the consent of the USER or is necessary for the performance of a contract. The USER, instead of receiving a copy of his or her personal data, he/she may request the COMPANY to transfer the data to another controller, which will be directed to it directly by the USER.
- Right to erasure: The USER shall have the right to request from the COMPANY the erasure of personal data concerning him or her without undue delay in the following cases:
(i) personal data are no longer necessary in relation to the purposes for which they were collected or processed,
(ii) the USER has the right to object to further processing of his or her personal data and exercises it,
(iii) the processing is based on the consent of the USER, withdraws its consent and there is no other legal basis for processing,
(iv) the personal data has been illegally processed unless processing is necessary,
(v) in compliance with a legal obligation that requires processing by the COMPANY,
(vi) in particular for legal obligations to perform a task; and
(vii) for the support, exercise or defense of legal claims.
- Right to object: The USER may at any time object to the processing of their personal data because of their particular situation, provided that the processing is not based on their own consent but in the Company’s legitimate interest or in the legitimate interest of third parties. In this case, the COMPANY will no longer process the personal data of the USER unless overriding legitimate reasons can demonstrated and a superior interest in processing or supporting, exercising or defending legal claims. If the USER opposes the processing, kindly specify whether the deletion of their personal data or limit the processing by the COMPANY is desired.
- Right to lodge a Complaint with a supervisory authority: In the event of a suspected violation of applicable privacy laws, the USER may lodge a complaint with the Data Protection Supervisory Authority in particular in the place of his or her habitual residence, place of work or place of the alleged infringement.
10. Special highlights
- Timeframe: The COMPANY will attempt to satisfy any relevant USER’s request within 30 days. However, the time limit may be extended for specific reasons relating to the specific legal entitlement or complexity of the request.
- Restriction of access: In some cases, the COMPANY may not be able to provide access to all or some of the USER’s personal data due to legal provisions. If the COMPANY refuses the USER’s request for access, he/she will be informed on the reasons of this refusal.
- Non-recognition: In some cases, COMPANY may not be able to search for the USER’s personal data due to the identifiers they provide in their application. In such cases, where the COMPANY cannot identify the USER as the data subject, will be unable to comply with their request to perform his / her legal rights as described in this article unless the USER provides the COMPANY with additional information which allow the said identification.
- Exercise of the USER’s legal rights: In order for the USER to exercise their legal rights, please contact us in writing by e-mail. You can also contact the COMPANY Data Protection Officer (DPO) directly at info@moya.com.
11.Personal data retention
Generally, the COMPANY will delete the personal data collected by the USER if it is no longer necessary to achieve the purposes for which they were originally collected. However, we may be asked to store personal data for a certain time period because of legal provisions.
The USER may address questions on data protection and any relevant requests for the exercise of their legitimate rights to the COMPANY’s Data Protection Officer (DPO) at info@moya.com.