To continue, please read and accept the data protection policy

Privacy Policy

The protection of your personal data is important to us. This Privacy Policy (hereinafter “Policy”) concerns the conditions for the collection, storage and use of your personal information by ATP when you visit, register or use our online store (e-shop) https:www//atp.com .gr provided that you are a natural person.

A few words about the online store www.atp.com.gr

The website www.atp.com.gr is the website of ATP – Theofilatos G. Andreas, where the online store for the exhibition and sale of its products is also located. www.atp.com.gr (hereinafter “Company”) is a Greek Company active in the field of design, production, trading of souvenirs as well as the exclusive import of stationery items and their sale in the Greek market.

The personal data you provide to us while browsing our online store, registering as a user in our services (creating a user account) or placing your order are subject to processing and will be kept on file under the responsibility of the Company.

The company, respecting the privacy of natural persons and being vigilant to ensure the confidentiality and security of your personal data, hereby provides you with the following information on the processing of the personal data of visitors/users of its website (the type of the personal data it collects, how it is processed, its means of protection) and your rights as a subject of the processing of this data.

What is personal data?

The term “personal data”, as used in this Policy, refers to information of natural persons, whether individuals or professionals, such as name, postal address, e-mail address, telephone number, credit card details, etc., which can be used to identify a customer or visitor of the online store, hereinafter “Personal Data or Data”.

Personal data is processed in accordance with Law 2472/1997 (protection of the individual from the processing of personal data) and its amendment by Law 3471/2006 (protection of personal data and privacy in the field of electronics) communications) as well as the generally applicable European legislation (EU Regulation 2016/679) on personal data protection.

3. What is Personal Data Processing?

Processing of Personal Data is the collection, registration, organization, storage, adaptation, alteration, retrieval, information search, use, transmission to third parties, dissemination, association, combination, limitation, deletion and destruction of Personal Data of natural persons.

What kind of personal data do we collect about you?

The Company collects (1) registration data, when you register or register for a Company Service, (2) public data and posts that you share, (3) data that you have allowed social media to share with the Company, (4) activity data when you access and interact with a Company service; Specifically, the Company collects the following types of data from and about you:

  • Registration Data, i.e. the information you submit to register with the Company, for example to create an account, post comments, receive a newsletter or enter a competition. Registration information may include, for example, first name, last name, email address, gender, country, zip code and date of birth.
  • Public data and posts consisting of comments or content you post on the Company and your personal data accompanying those posts or content, which may include your nickname, username, comments, likes, status, profile information and photo. Public information and posts are always public, which means they are available to everyone and may appear in search results on external search engines.
  • Data from social media. If you access or connect to the Company through a social media service, the data we collect may also include your user ID and/or username associated with that social media service, the information or content you allow the social media service to share with us, as well as your profile picture, email address or friend lists, and any personal data you have made public in connection with that social media service; When you access the Company Services through social media services or when you connect a Company Service to social media services, you authorize the Company to collect, store and use the related personal data and content in accordance with this Privacy Policy.
  • Activity data. When you access and interact with the Company, we may collect certain information about those visits. For example, to allow you to connect to the Company, our servers receive and record information about your computer, device, and browser, possibly including your IP address, browser type, and other software information; or material. If you access the Company from a mobile or other device, we may collect a unique device identifier assigned to that device, geographic distribution data, or other transaction information for that device. We may also collect cookies and other tracking technologies (such as browser cookies, pixels, beacons and Adobe Flash technology commonly called “Flash cookies”). These technologies may be used to collect and store information about your use of the Company Services.
  • Information from other sources. We may supplement the information we collect with information from other sources, such as publicly available information about your online and offline activity from social media services and commercially available sources.

We do not collect:

  • Financial information from a payment service provider: in some cases, we may use an unaffiliated payment service to enable you to purchase a product or make payments (“Payment Service”). If you wish to purchase a product or make a payment through a Payment Service, you will be directed to a Payment Service webpage. Any information you provide to a Payment Service will be subject to the Payment Service’s privacy policy and not this Privacy Policy. We have no control over and are not responsible for any use by the Payment Service of information collected through any Payment Service.
  • Sensitive information: we ask that you do not send us or disclose sensitive personal information (such as social security numbers, information about your racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background, or membership to trade unions) on or through the Company Services or otherwise.
5. For what purpose do we process your data?

We collect your Data exclusively for the purposes of the services provided by the online store www.atp.com.gr and in particular for a) managing the sale of our products, e.g. communicating and informing you about product availability and order progress, executing your order, sending products to your address, managing your debts to the Company, making returns, providing guarantees, b) compliance with the obligations imposed by the current legislation, e.g. issuing an invoice, c) the customer satisfaction survey, product promotion, periodic sending of newsletters for products and services. When your personal data is collected for marketing purposes, you have the option not to provide the Company with your personal data.

6. What is the legal basis for processing your Data by the Company?

The processing of applicant, contact, billing, shipping, transaction data is either done for the execution of the sales contract, or is based on the user’s own consent.

Your data, such as the A.F.M., the D.O.Y. and invoice data is collected and held as part of our compliance with a legal obligation imposed by applicable tax legislation.

For your Data related to the sending of newsletters, product promotion, satisfaction research and the use of Cookies, the law of their processing is based on your consent.

7. Who are the recipients of your Data?

Recipients of the Data are the absolutely necessary personnel of the Company, who are committed to confidentiality and the companies cooperating with us, which process your Data as Processors on our behalf and in accordance with our orders.

We may share or disclose your Data when you have expressly requested it or when required by law.

8. How do we ensure that Processors respect your Personal Data?

The Performers have agreed and contractually committed to the Company:

· to observe confidentiality,
· not to send Data to third parties without the Company’s permission,
· to take appropriate security measures,
· to comply with the legal framework for the protection of personal data and in particular the GDPR Regulation.

9. Do we send your Data abroad?

We do not send your Data outside the European Union (EU). Your Personal Data is only stored and processed within the E.E.

10. When do we delete your Data?

The company keeps your personal data for as long as is provided for each case, by the applicable legislative and regulatory framework and for the entire duration of the transactional relationship between us, but in any case for a period of twenty (20) years from last calendar day of the year of the end of your respective business relationship with the company, especially in case of raising any form of claim and for as long as it is maintained. After the above period of time, they will be deleted in a secure and irretrievable way.

  • With regard to the information deemed necessary when you register for our services, such as your email address, they are kept for as long as you are registered as a member of the website’s newsletter service or the relationship between us is maintained transactional relationship.
  • With regard to your personal data that you enter, for the purpose of purchasing products or services provided by the company through its online store (e-shop), they are kept for a period of at least two (2) years, in accordance with the written provisions of national legislation.

In the event of a legal dispute, your personal data will be kept in any case until the end of the pending litigation, even if the above period of twenty (20) years is exceeded.

11. For how long will we send you informational material?

We will only send you newsletters with your consent, as long as your details are on the “newsletter mailing list”, i.e. as long as you have not declared that you no longer wish to receive newsletters.

12. Is your Data secure?

We are committed to safeguarding your Personal Data. We have taken appropriate organizational and technical measures to secure and protect your Data from any form of accidental or unlawful processing.

We use an Electronic Security Certificate (SSL – Secure Socket Layer) to ensure the secure exchange of data between the website and your browser.

These measures are reviewed and amended when deemed necessary.

The processing of your Data in any way is permitted only to persons authorized by us, our employees and partners exclusively for the above mentioned purposes.

13. What are your rights?

You have the right, at any time, to:

  1. receive confirmation as to whether your personal data exists and be informed of its content and origin, verify its accuracy and request its correction, update or modification;
  2. request the deletion, anonymization or restriction of processing of your personal data processed in violation of applicable law;
  3. object to the processing, in all cases, of your personal data for legitimate reasons.

You can send your request to the address listed in Section 15 below. In your request, please include your email address, name, address and telephone number and clearly specify the information you wish to access, change, update, remove or delete.

We remind you that even after you cancel your account, or if you ask us to delete your personal data, copies of certain information from your account may remain visible in some cases where, for example, you have shared information on social media or to other services or, for example, when the retention of such copies is necessary for the purposes of compliance with legal obligations or for the purposes of legal defense. Due to the nature of caching technology, your account may not be immediately inaccessible to others. We may also retain backup information about your account on our servers for a period of time after your cancellation or deletion request, for purposes of compliance with applicable law.

We also give you many choices about the use and disclosure of your personal data for marketing purposes. You can withdraw your consent in respect of:

  • Receiving electronic communications from us. If you no longer wish to receive marketing-related emails from us, you can opt out of receiving marketing-related emails either by following the unsubscribe instructions in our communications or by simply changing your preferences in the settings of your user profile if you are a registered user or through the consent management tool available on our website if you are not a registered user. You can also send a request to the address listed in Section 11 of the Privacy Policy. In any case, the Company may continue to send you administrative communications regarding the provision of the Company Services.
  • Sharing your personal information with business partners for their own marketing purposes. If you prefer not to share your personal information on an ongoing basis with business partners for their direct marketing purposes, you can opt out of such sharing either by simply changing your preferences in your user profile settings if you are a registered user , either through the consent management tool available on our website if you are not a registered user, or by sending a request to the address in Section 15 of the Privacy Policy.

In all of the above cases, we may contact you and ask you for additional information, which is necessary to properly process your request. Also, the additional rights described in Section 14 below are effective as of May 25, 2018.

14. What applies from 25 May 2018?

As of May 25, 2018, the General Data Protection Regulation has entered into force and the following provisions apply:

  1. Retention periods applicable to your personal data

We will retain your data only for the period necessary to fulfill the purposes for which the data was collected as described in this Privacy Policy.

At the end of the retention period, your personal data will be canceled, anonymized or aggregated.

2. Additional Rights

In addition to the rights set out in Section 13 of this Privacy Policy and further to the application of the Personal Data Protection Regulation, you will also have the right, at any time, to:

  • Ask the Company to restrict the processing of your Personal Data in the event that:
    • dispute the accuracy of the personal data until we take the necessary steps to correct or verify its accuracy;
    • The processing is unlawful, but you do not want us to delete your personal data,
    • We no longer need your personal data for the purposes of the processing, but you need it to establish, exercise or defend legal claims, or
    • You have objected to the processing on the grounds of legitimate interests pending verification as to whether the Company has compelling legitimate grounds to continue the processing.
  • Object to the processing of your personal data,
  • Request the deletion of your personal data without undue delay,
  • Receive an electronic copy of your personal data if you wish to transfer your personal data that you have provided to us, either to yourself or to another provider (“data portability”)< when the personal data is processed by automatic means and the processing either (i) is based on your consent or (ii) is necessary to perform the Company Service, and
  • File a complaint with the relevant data protection supervisory authority.
15. Personal Data Protection Authority

If you have any questions regarding the legislation on personal data or if you believe that your rights have been violated, you can contact the Personal Data Protection Authority, 1 Kifissias Ave., Athens 11523, tel. 2106475600 or  www.dpa.gr.

16. Updates to this Privacy Policy

The Company may modify or update this Privacy Policy for any reason (including, but not limited to, changes in applicable law and interpretations, rulings, opinions and orders regarding said applicable law.)

See the Effective Date at the top of this Privacy Policy to see when it was last revised. Any changes to this Privacy Policy will be communicated in advance by posting the revised Privacy Policy on the Company Services. In the event that we make material changes to this Privacy Policy that change the nature of the processing or expand our rights regarding the use of personal data we have already collected from you, we will notify you and provide you with a choice regarding future use of said personal data, as may be required by applicable law.

17. Contact Us

If you have any questions regarding this privacy policy, please contact our company’s data processing & protection officer, ATP – 27 Agios Anargyron, Paleo Faliro 17564 Attica, tel. 210-4190995-6, e-mail: dpo[at]atp.com.gr.