PRIVACY POLICY - Floofers Dog Fashion

PRIVACY POLICY

We protect your personal data

Welcome to our website floofers.co

We take the protection of your personal data and private life very seriously. In accordance with transparency principles, we have created this policy, to provide you with adequate information regarding the processing of your data by our Company through our Website.

1. Introduction – Data Controller

The website found at floofers.co, hereinafter referred to as the “Website”, is owned by “Matina Dimitriadou”, a sole-trader company, registered in Greece with legal address: Laskou V. 6, 11633, Athens, hereinafter referred to as the “Company” or “we” or “us”.

Email: data [at] floofers.co

In order to provide our services and comply with our legal obligation, we process information through the Website, which may lead, directly or indirectly, to your identification, as users.

According to the applicable legal framework regarding data protection, some of this information is “personal data”, while you, as users, are characterized as “data subjects” and we, the Company, are the “controller” of your data.

This Policy aims at providing information in a clear and simple way about the data we process, the purpose and the legal ground for the processing, the recipients of your data and, finally, your rights and how you can exercise them.

In case you have any questions regarding the processing of your data or the exercise of your rights, you are more than welcome to contact us.

This privacy policy applies to all information collected through our website and/or any related services, sales, marketing or events. Please note that if you become our customer, there will be more specific terms regarding data processing which will supplement this policy and override any conflicting terms.

2. What data we process and under which conditions

In principle, we process your data only when you provide them in an active manner to us, e.g. by filling out a contact form.

Τhis rule does not fully apply to certain technical data which are automatically collected with the help of cookies or similar technologies. Please visit our cookies policy for further information.

Α. Information we receive automatically

Due to the nature and function of the Internet, as soon as you visit our Website, your IP address and other information, such as the date and time of your visit, the website from which your visit originated, the type of your browser and operating system, is recorded in our server’s special log files. Although we are not in a position to identify you on our own based on this information, your IP address is considered to be personal data.

The legal basis for collecting and storing data in our server’s special log files is our legitimate interests, since our goal is to ensure network, information and services security, in case of accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data (e.g. avoiding “denial of service” (DoS) attacks), as well as to effectively resolve any technical issues.

This processing is in compliance with the applicable legal framework, as it does not entail serious risks for your rights and freedoms. Furthermore, it is necessary for the purposes of the legitimate interests pursued by us, according to the GDPR and the national legislation.

Β. Information provided to us by you

We process personal data provided by you in the following cases:

I. Contact via email/contact form

Data we process Purpose Legal Basis
1. Νame
2. Email address
Important note: Your message should include only the necessary information related to your request. Please avoid any unnecessary reference to personal information either yours or any third party’s.
We process this data, in order to be able to contact you in response to your message. Sending an email or submitting a form does not make you our client and you are not enlisted in the relevant database. We process your data based on your consent (article 6 (1) (a) GDPR), which you can withdraw at any time and request the erasure of your data. The withdrawal of your consent shall not affect the lawfulness of processing based on consent before its withdrawal. Any withdrawal will prevent us from communicating with you in the future.

II. Making an order for our services and receiving a proof of payment

Data we process Purpose Legal Basis
1. Full name
2. Email address
3. Address
4. Phone Number
We process this data upon your request, to be able to proceed with your order and provide your company with our services. We also use this data to provide you with a proof of payment. We process the data provided by you in order to take appropriate measures before entering into a agreement with you as well as to carry out our contractual obligations (article 6 (1)(b) GDPR). We also process this data to comply with our tax obligations, according to the legal framework ((article 6 (1)(c) GDPR).

ΙΙΙ. Newsletter

Data we process Purpose Legal Basis
1. Email address We use your email address to send you updates regarding news, offers and other related material regarding our Website. We process your data based on your consent (article 6 (1) (a) GDPR), which you can withdraw at any time and request the erasure of your data. The withdrawal of your consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Important Note: The data you provide to us must be accurate. Find out more about your right to rectify inaccurate data at the section of this policy which refers to your rights.

4. Who has access to your data

In principle, access to your data is permitted to authorized members of our staff, who process your data in a strictly confidential manner, only to the extent and in the context of the purposes which you have already been informed about.

Furthermore, to be able to provide our services to you, we share some of your data with our partners. These companies (Data Processors) process the data we provide only for the purposes mentioned above and on behalf of the Company, with the exception of any legal obligations imposed by the applicable laws or any other contractual relationship you might have with them. When transferring your data, the Company takes all appropriate technical and organisational measures to ensure the highest level of security possible.

One of the key criteria when choosing our partners is the respect for the rules regarding the security of the processing of your data. In addition, our partners are contractually bound to provide the necessary safeguards and to take all appropriate technical and organisational measures to ensure the lawful processing and protection of your data and rights.

These companies provide us with: (a) web hosting services, (b) online payment services, (c) shipping services, (d) online marketing services.

We also use hosting services provided by Hetzner and Cloudflare. You may find their privacy policies here (Hetzner), here (Cloudflare).

Online payments are handled via Stripe. You may find Stripe’s privacy policy here.

All product shipments are made through ACS Courier and/or ELTA Courier. You may find their privacy policies here (ACS Courier), here (ELTA Courier).

5. Social Media

Facebook

Our Company has an official Facebook page (https://www.facebook.com/floofers_dogfashion). The Website uses hyperlinks that direct you to the Page.

You may contact us via our Facebook page in order to get more information about our products and services using the ‘send message’ function.

In order to respond to your queries, we process your Facebook username and other information which is publicly available through your profile (e.g. your email address). By sending a message for the purposes of communication between us you provide us with your consent to the abovementioned processing of your data. Access to and use of our Facebook Page is subject to the terms of this Privacy Policy.

By clicking the “LIKE” button on our Facebook Page you provide us with your consent to process your data so that you are able to see our news and promotional activities (via your newsfeed). If you do not wish to receive such updates, you can click “UNLIKE” at any time and withdraw your consent.

Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin, Ireland, is responsible for Facebook’s operations in the European Union. You can learn more about Facebook data policy and GDPR compliance.

Instagram

Our Company has an official Instagram account (https://www.instagram.com/floofers_dogfashion/). The Website uses hyperlinks that direct you to the account.

You can follow the Company’s account on Instagram and comment on its posts, thus providing data to be processed on the platform.

Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin, Ireland, is responsible for Instagram’s operations in the European Union. Instagram has its own cookie and data protection policies, over which we exercise no control and are not in a position to influence.

General information regarding social media

Based on the case-law of the Court of Justice of the European Union, the Company, by processing social media users’ personal data, as the page administrator, may be considered a joint Controller with the social media provider. This relationship concerns only the user’s data processing operations that take place through the page, e.g. the use of a like button on a post. This processing is based on the consent given by the user, as described above.

The Company takes all appropriate technical and organisational measures to ensure the security of data processing via social networking platforms, including, but not limited to, applying restrictions to the number of persons with administrator-level access to each page.

The Company is responsible only for the means it processes your data for its own purposes (communication, provision of services and promotion) and to the extent that it exercises control over your data. On the other hand, it bears no responsibility for the way any social networking platform processes your data.

We urge you to be extremely careful about the content you post on our social media pages, especially when you provide your own or any third party’s personal information. In case you choose to communicate with us, please make sure that the page you are contacting is indeed our official page.

Comments on Social Media

In an effort to improve our services, we encourage users to comment on posts and/or on our pages on social media in a way that promotes public debate and pluralism.

We make every effort to provide a safe online environment, however we do not have a general obligation to review the content that is submitted by users on these platforms.

We reserve the right to remove any kind of content found to be in violation of our terms of use, such as content that is abusive, vulgar, pornographic, threatening, or constitutes advertising, infringes intellectual property rights or contains a false statement about the user and at the same time we reserve the right to block users who submit such material. The terms of use of each media where the comments are published shall apply concurrently.

In case you think that there is content in our Company’s social media pages, which affects you in a negative way or otherwise violates our terms of use, please contact the administrators directly.

6. Where and for how long we store your data

Your data is stored in the Website’s server, which is hosted in a data center located within the European Economic Area (EEA). The data center is operated by a certified company which takes appropriate technical and organisational measures in order to avoid data breaches.

Your data is stored strictly for a period of time which is considered necessary for our processing purposes.

7. What are you rights and how you can exercise them

According to the applicable legal framework (mainly GDPR, Articles 12-22), you have a set of rights regarding the processing of your data by our Company. In particular, you have the right:

  1. To submit a request to the Website to be informed whether we process your data and, if so, what types of data (right of access).
  2. To have inaccurate personal data rectified, or completed if it is incomplete (right to rectification).
  3. To request, under conditions, the erasure of the data (right to erasure).
  4. To request, under conditions, the restriction of the data processing (right to restriction of processing).
  5. To object, under conditions, to the processing of your data by us (right to object), especially with respect to the processing relating to marketing purposes (e.g. newsletter).
  6. To request the data that you have provided to us in a structured, commonly used and machine-readable format (right to data portability), as long as it is technically feasible.
  7. In case of data breach, which is likely to pose a high risk to your rights and freedoms and as long as it does not fall under any of the exceptions provided in the General Data Protection Regulation and the national legislation, the Company has the obligation to communicate the breach to you without undue delay.

Compliance with the legal framework on the processing of personal data and the exercise of your rights guaranteed by that framework, are our top priority. Therefore, we have the right to request additional information necessary for your identification before you can exercise the rights described above.

In principle, the Company has the obligation to respond to your request promptly and, at the latest, within one month . If deemed necessary, taking into account the complexity of the request and the number of the requests, that period may be extended by two further months. In any event, we will inform you as soon as possible, and always within one month after the submission of your request, concerning the progress made and the reason for any possible delay.

In case your requests are manifestly unfounded or excessive, in particular because of their repetitive character, the Company may either i) charge a reasonable fee taking into account the administrative costs for providing the information or making a communication or performing the action requested, or ii) refuse to act on the request.

In case you consider that we do not comply with the personal data protection laws, you have the right to lodge a complaint with the Hellenic Data Protection Authority (www.dpa.gr, 1-3 Kifissias Ave., Athens, P.C. 115 23 Greece, email: [email protected]).

8. Hyperlinks

Within our Website you can find hyperlinks which allow you to access third party websites. These links have the sole purpose of facilitating your browsing in the Web and they do not imply, in any way, our endorsement or approval of the content of other websites.

Accessing these websites via hyperlinks in our Website is solely your responsibility and we strongly urge you to read each website’s privacy policy and terms of use carefully.

9. Minors

We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services.

If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age 18, please contact us at: data [at] floofers.co

10. Changes in policy and updates

We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.

LAST Revision: 27 April 2023

Reject