Privacy Policy

Privacy Policy

PERSONAL DATA PROTECTION POLICY

 

INTRODUCTION

The General Data Protection Regulation - EU Regulation 2016/679 (hereinafter "GDPR") has been in force in the European Union since May 25, 2018. For the text of the Regulation, you can select the URL: https://eur-lex.europa.eu/legal-content/EL/TXT/?uri=CELEX:32016R0679.

With this Personal Data Protection Policy, our Company, "M.F.S.A." (hereinafter the "Company", "We", "Us"), as Controller, prioritizing and respecting the privacy of its customers, as well as all natural persons who transact with it, provides you with the necessary information regarding the processing of your personal data (the type of personal data the Company collects, how it processes them, the means of protecting them), within the framework of our relations.

This Policy and our practices focus on processing, managing, disclosing, transmitting and storing your personal information in an appropriate and lawful manner, while ensuring the confidentiality, integrity, availability and privacy of your personal data.

The processing and protection of your personal data is governed by the following terms, by the relevant provisions of the applicable Greek legislation on personal data protection (Law 2472/1997, Law 4624/2019, Law 3471/2006, as applicable, etc.), EU Directives and Regulations (especially the General Data Protection Regulation (EE) 2016/679 – GDPR, hereinafter "GDPR"), as well as by the relevant decisions, guidelines and regulatory acts of the Hellenic Data Protection Authority (hereinafter "HDPA").

For the purposes of this Policy, the following definitions are referenced and adopted, based on their reflection in the relevant legislative framework for personal data protection:

 

DEFINITIONS FOR PERSONAL DATA

(Note: The definitions follow Article 4 of the GDPR)

1.      "Policy": the entire content and information of this Personal Data Protection Policy, as posted on this website.

2.      "Personal data": any information relating to an identified or identifiable natural person (hereinafter "Data Subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

3.      "Company", "Controller": the term "Company" or "Controller" refers to the legal entity "M.F.S.A.", which determines the purposes and means of the processing of personal data of Data Subjects.

4.      "Processing": any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

5.      "Processor": a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Company.

6.      "Data subject": the natural persons whose personal data are collected and processed by the controller (in this Data Policy, Data Subjects are the users of the aforementioned website, whether identified or not, for the use of a service).

7.      "Recipient": a natural or legal person, public authority, agency or other body, to which the personal data are disclosed, whether a third party or not.

8.      "Third party": any natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

9.      "Consent" of the data subject: any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

10. "Personal data breach": a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

In this Policy, you will find all relevant information applicable to the use of your personal data in your capacity as a customer of our Company M.F.S.A., as a user of our Company's main website https://www.timberlandshop.gr/, as an end consumer in any of our Company's physical stores in Greece and as a job applicant in our Company, when, as the case may be, you are a natural person. For the Privacy Policy applied by our Company in the context of your transactions with its Online Store (https://www.timberlandshop.gr/), you can find information at https://www.timberlandshop.gr/pages/prosopika-dedomena/

  1. Controller

The Controller of the personal data collected from the data subjects is the anonymous company with the name "M.F.S.A." and based in Marousi Attica (52 Aigialeias, telephone: 210 8771700).

  1. Principles of data processing

Our processing of your personal data is based in all cases on the following data protection principles, under the current legislative framework:

  • Personal data processing takes place in a lawful, fair and transparent manner.
  • Personal data collection will be for specified, explicit and legitimate purposes.
  • Personal data collection will be limited and proportionate to the strictly necessary information in relation to the purpose for which it is collected and processed.
  • Personal data will be accurate and, where necessary, kept up to date.
  • All necessary measures and actions will be taken to identify any inaccuracies in your personal data, taking into account the purposes for which they are collected and processed, and they will be erased or rectified without undue delay.
  • Your personal data will be kept in a form which permits your identification for no longer than is necessary for the purposes for which your personal data are collected and processed.
  • Your personal data is considered confidential and stored in a way that ensures your security.
  • Your personal data will not be communicated to third parties except in those cases where it is deemed necessary to offer our Company's services to you, following your prior explicit consent by actively choosing to accept this privacy policy.
  1. Purpose of Processing

Your personal data is collected by us on a case-by-case basis for the following purposes ("Permitted Purposes") and specifically for:

  1. Wholesale Customers (Existing/New) – End Consumers
  2. Conducting transactions with our Company.
  3. Communicating with you for receiving and completing your orders.
  4. Your invoicing.
  5. Facilitating the delivery of your orders.
  6.  The general execution of your orders and your after-sales service.
  7.  The general handling of your requests in relation to our Company and/or its distribution products.
  8.  Sending informational messages (newsletters) via email and/or SMS, in relation to our products and services, as well as generally to our Company's activities (e.g., events, competitions, etc.).
  9. Our compliance with mandatory rules of applicable national and EU legislation (e.g., tax law rules, unfair and free competition law, anti-bribery and corruption law, prevention of financial crimes, etc.)
  10. The evaluation or re-evaluation of transactional/credit risk undertaken within the framework of our transactional relationship, throughout its validity. To achieve this purpose, we cooperate with the anonymous company named "TRAPEZIKA SYSTIMATA PLIROFORION AE" and the distinctive title "TEIRESIAS AE" (Alamanas 2, Marousi Attica, VAT no. 094498725 Tax Office FAE Athinon, tel. 210-36-76-700 (data controller), from whose financial behavior data archive (TSEK) we may retrieve your data. The processing of your data is carried out in accordance with the specific terms of information of our Company and Teiresias S.A., of which you were informed when concluding your contracts/orders and which you can find at any time, for Teiresias S.A. here and for our Company https://www.timberlandshop.gr/pages/prosopika-dedomena/
  11. Natural Persons/Participants in Company Events
  12.  Sending informative messages (newsletters) via email and/or SMS, in relation to our products and services, as well as generally to our Company's activities (e.g., events, competitions, etc.).
  13.  Conducting promotional activities through the pages maintained by the Company on social networks (e.g., Facebook, Instagram).
  14. Participation in advertising campaigns and contests organized by our Company. When you submit your participation in our contest, your personal data is processed only for the purpose of carrying out the contest (notification and announcement of the winner, sending of prizes, etc.) and in any case in accordance with the terms of this Policy. On a case-by-case basis, the contests conducted by our Company are governed by the respective contest terms, which apply in conjunction with this Policy.
  15. Job Applicants
  16. Processing your application, including reviewing and analyzing your skills and qualifications, analyzing your suitability for the job opportunities you have applied for, verifying your references, character, and education.
  17. Communicating with you and organizing candidate evaluation activities (e.g., organizing interviews, etc.).
  18. Including you in our Company's job applicant database, and informing you via the telephone or email you have provided about job opportunities at our Company.
  19. Sending information and updates about our Company via SMS and email regarding our products, services, news, announcements, programs, customer surveys, or other events.
  20. Assessing your suitability for any of the current or future employment opportunities at our company.

The personal data collected are strictly necessary for the performance of the above services/actions on our part and are not subject to any further processing incompatible with the aforementioned purposes.

4.1. Personal data processed by us

Please note that we only collect personal data required within the framework of the above purposes under 3 and/or information you provide to us, which will generally be, as appropriate, the following:

  • Your identity details (e.g., your first name, last name, the language and country from which you interact with us, contact details).
  • Financial and transactional information (e.g., payment details or your card, information about your purchases, orders, returns, invoicing details for issuing an invoice, such as your company name, VAT number and registered address of your company, etc.).
  • Email address, landline and mobile phone number to facilitate our communication with you within the framework of the above purposes under 3, such as, for example, for the purposes of processing transactions between us, marketing and sending newsletters about our Company and its products/services, any offers, etc.
  • Connection, geolocation and internet browsing data (if, for example, you contact us from your mobile phone).
  • Commercial information (e.g., if you have subscribed to our newsletter).
  • For job applicants: (a) Personal details, such as name, address, date of birth, marital status, emergency contact details, country of residence, social security number, personal number, previous or expected remuneration, bank details, social security and tax details, (b) Professional details, such as previous employment contact details, job position and career details, curriculum vitae, details of your qualifications, relevant work experience and skills, (c) Identification documents, such as copies of your passport, driving licence, identity card or work permit or any other supporting documents (which may include photos you have submitted and (d) Other information related to your application such as assessment centres or performance assessments, references and background checks.
  • Other personal data derived from or generated by the pursuit of the above Permitted Purposes.

4.2. Processing of special categories of personal data ("sensitive personal data")

It should be noted that we do not generally process your sensitive personal data (special categories of data), such as data related to your racial or ethnic origin, religious or philosophical beliefs, health data or data related to your sexual life or sexual orientation, as such data are not necessary for the fulfillment of the above purposes, applying the principle of minimization, necessity and proportionality, as provided by the GDPR, unless there is a relevant legal obligation of our Company or you have given us your explicit consent to do so.

4.3. Processing of personal data relating to minors

Our website is not intended for minors. For the purposes of this Policy, minors are persons who have not reached the age of 18. Our Company does not process personal data of minors.

Furthermore, where the processing of personal data is based on consent in accordance with Article 6(1)(a) GDPR, in relation to the offer of information society services directly to a child, the consent given by the minor and consequently the processing is lawful if the minor is at least 15 years old. In cases where the minor is under 15 years of age, such processing is lawful only if and to the extent that such consent is given or authorised by the person having parental responsibility for the minor (Article 8 GDPR in conjunction with Article 21 Law 4624/2019).

If you are a parent or guardian and it has come to your attention that your minor child has provided personal data to our Company, please contact us immediately. On our part, if we become aware that personal data we are processing belongs to a minor without the consent of their parent or guardian, the Company will take appropriate measures to immediately delete such data and to prevent similar incidents in the future.

  1. Legal basis for data processing

We collect the personal data you share with us based on one or more of the following legal bases:

  1. when their processing is necessary for the service, support and monitoring of your transactional relationships with our Company and the proper execution of our contracts.
  2. as required for our Company's compliance with its legal obligations.
  3. as required for the pursuit of our Company's legitimate interests (or those of third parties), including our interests in providing innovative, personalized and secure services to our Company's customers and partners.
  4. when the processing of your personal data is necessary for the performance of a task carried out by our Company in the public interest, within the framework of the applicable legislative and regulatory framework.
  5. in accordance with your prior explicit consent, unless the processing is not based on one of the legal bases of processing mentioned below, as is the case when you wish to subscribe to the Company's newsletter service and receive updates about our new products and promotional activities, in which case it is necessary for you to provide us with your consent. This specific form of your consent will be freely and clearly given by you and under the main condition that you have actively chosen to receive corresponding e-mailsnewsletter.

Therefore, your personal data is lawfully processed by our Company, both at the stage of collection and during their processing, in accordance with the applicable provisions on personal data protection.

SPECIFIC INFORMATION REGARDING THE COMPANY'S SOCIAL MEDIA

Our Company maintains a presence on social media (social media), Facebook, Instagram, LinkedIn, etc. Through this paragraph and in conjunction with our entire Policy, the Company provides you with the necessary information regarding the processing of your personal data through social media.

Thus, through social media, our Company often organizes advertising campaigns, contests or provides the possibility to submit comments, send messages, subscribe to its newsletter, etc. In all the above cases, for the processing of your personal data, both our Company and the respective operator of the social media platform (Facebook, Instagram, etc.) are joint controllers, in the sense of Article 26 GDPR.

Therefore, it is not always possible for us to have full knowledge of the type of data processed by the operators of each platform, but we make every effort, we ensure the configuration of our pages on social media and act in accordance with the possibilities available to us by the operators, in order to ensure the processing of your personal data in accordance with the applicable legislative framework.

If you wish to receive more information regarding the processing of your personal data by the operators of social media platforms and to learn more, you can refer, as the case may be, to:

Facebook: www.facebook.com/privacy/explanation
Instagram: help.instagram.com/519522125107875
Twitter: twitter.com/en/privacy
LinkedIn: www.linkedin.com/legal/privacy-policy
YouTube: www.youtube.com/yt/about/policies/

When you interact with us through social media, the purposes of processing your personal data are specifically to serve you (where this possibility exists, e.g., contacting us by sending a message or posting a comment) and/or to inform you about our Company, by sending newsletters about its products/services, any offers, promotional activities, etc., only when you give us your explicit consent to do so.

In cases where you contact us in the above ways, the legal basis for processing is the legitimate interest of our Company, in the context of serving you and resolving requests or concerns you submit to us.

 

  1. Retention of your personal data

In any case, your data is retained by us only for the necessary/reasonable duration for the realization of the above collection purposes and based on the nature of each processing, our legal obligations and any legal claims we may have [e.g., for compliance with our legal obligations arising from the sale for two (2) years, for specific campaigns, for the duration of the campaign, for tax purposes for five (5) years and exceptionally for ten (10) years, if additional data arise according to applicable law and case law, etc.] and deleted when no longer reasonably necessary. The lawfulness of the processing of your data that was based on your consent is not affected by the withdrawal of consent until the time you requested the withdrawal.

If it is deemed necessary, in order to comply with our legal or regulatory obligations, to resolve disputes or to enforce the terms and conditions of use, we may retain some of your data, as required, even if there is no longer a need to provide services to you.

In the event of a legal dispute, personal data concerning you will in any case be kept until the end of the pending legal proceedings, even if the period of ten (10) years is exceeded.

In any case, after the expiry of the above years, your data will be deleted securely and irreversibly, in accordance with applicable law and our Company's relevant policy.

7.1. What rights do you have as a data subject

With this Policy, our Company informs you that, whenever you wish, you can exercise all the rights you have in accordance with the current provisions of the General Data Protection Regulation (EU) 2016/679. Specifically:

1) Right to information, communication and notification about the exercise of your rights (Articles 12, 13, 14 GDPR), i.e., your right to be informed about how your personal data is used (as detailed in this Policy).

2) Right of access to your personal data if processed by the Company, as Controller (Article 15 GDPR). The Company will provide a copy of the personal data upon your request.

3) Right to rectification of your personal data in case of processing inaccurate data concerning you and to completion of incomplete data (Article 16 GDPR).

4) Right to erasure of your personal data if they are no longer necessary for the provision of a service and subject to the Company's obligations and legal rights for their retention based on the applicable legislative and regulatory provisions (Article 17 GDPR).

5) Right to restriction of processing of your data if either their accuracy is disputed, or the processing is unlawful, or the purpose of processing ceases to exist but their erasure is not appropriate (Article 18 GDPR).

6) Right to object to the processing of your data for reasons relating to your particular situation where your data are processed for the legitimate interests of the Company (Article 21) and specifically to object to automated decision-making (Article 22 GDPR).

7) Right to data portability to another controller, i.e., your right to receive your data in a suitable format, so that their transmission to another controller is technically feasible if the processing is based on your consent and is carried out by automated means or for the performance of our contract. (Article 20 GDPR).

8) Right to withdraw your already given consent (Article 7 GDPR) at any time for processing based on consent.

The lawfulness of the processing of your data is not affected by the withdrawal of consent until the time you requested the withdrawal. Specifically, regarding the sending of promotional e-mails and/or SMS to you, you will always have the right to object to the processing of your personal data for promotional purposes, upon your request and without any financial charge, without any specific justification.

You can do this by using the "Unsubscribe" link that you will find in all e-mails and/or SMS you receive from us or by contacting us at the email address info@timberlandshop.gr. Following your action, your data will no longer be processed for this purpose.

In addition, you have the right to lodge a complaint with the competent supervisory authority. For more information, you can visit the website www.dpa.gr.

7.2. How to exercise your rights

You can exercise the above rights by sending an e-mail to the Company's email address info@timberlandshop.gr or by postal letter to our address (52 Aigialeias, 15125 Marousi, Athens).

MFSA will make every effort to take the necessary actions within one (1) month from the date of submission of your request, unless the work involved in satisfying the request is characterized by particularities and/or complications, in which case the Company reserves the right to extend the completion time of the actions for two (2) additional months. In any case, you will receive an update on the progress of your request within one (1) month of its submission.

 

  1. Processing Security

We inform you that we will process your personal data always securely, implementing and complying with the necessary technical and organizational measures aiming at protecting your data against accidental or unauthorized alteration, falsification or unauthorized disclosure or access to them, especially where processing involves transferring your data through a network, and against all unlawful forms of processing.

For example, there is an installed Antivirus in the IT infrastructure, a Firewall to protect the infrastructure from internal and external threats, regular updates of the operating systems of IT assets, access matrix (graded access), encryption of critical IT assets such as corporate devices, backups, files, etc., and relevant Security Policies are applied within the Company for the electronic and physical security of the infrastructure and data protection.

Specifically, regarding the mentioned website, it uses the secure communication protocol SSL (Secure Sockets Layer) with strong encryption, which enhances security during data transmission over the internet.

  1. Cookies

In the online store, we use cookies to facilitate your navigation on the Platform, to understand how you interact with us and, in some cases, to be able to show you advertisements based on your browsing habits. Please read the Detailed Description of Cookies to understand in more detail the cookies and their purpose, how to manage your preferences, as well as other information of interest to you.

1.      Programming Cookies

Cookie Name

Cookie Type

Duration

ASPSESSIONID*

Visit Identifier

As long as the browser is open

lang:

To remember the language selected by the customer on the site

5 months

sessionid :

Unique customer visit number

20 minutes

 

2.      Google Ads

Conversion tracking cookie

Name: _gcl_au, gclxxxx (e.g. gclid)

Function: Helps to understand if the user completed an action (e.g., purchase) after clicking on a Google Ads ad.

Duration: ~90 days
 

Google Ads remarketing cookies (via Google Tag Manager / Global Site Tag)

Names: IDE, ANID, NID, 1P_JAR

Function: Retargeting ads to users who have visited the website.

Duration: from a few days to 2 years depending on the cookie.
 

Google Analytics cookies

Names: _ga, _gid, _gat

Function: Traffic analysis and connection to Google Ads campaigns for reporting.

Duration: up to 2 years

 

 

3.      Meta Ads

The Cookies used by Meta are detailed at the following link. Meta Cookies Policy | Privacy Center | Manage your privacy on Facebook, Instagram and Messenger | Facebook Privacy

The following are indicative:

Cookie

Duration

c_user; xs

365 days

sb; dbln

400 days

datr

400 days

csrf

Session

fr

90 days

_fbp; _fbc

90 days

oo

400 days

presence

30 days

dpr; wd

7 days

 

4.      Email Marketing

Cookie Name

Cookie Type

Duration

Purpose

Type of data collected

Controller

__utmb,utmc

 

Temporary

Records the time visitors spend on each website. It serves to measure the effectiveness of each website as well as to improve/upgrade its structure and content and adapt it to the needs of visitors.

 

Google Analytics

cpab

Strictly necessary

Permanent

Assigned via the ContactPigeon agent and serves as the contact identifier for the entire session of the visit. It retains a constant value until all cookies are manually deleted from the browser.

GUID string

ContactPigeon

cp_sessionTime

Strictly necessary

Temporary

Records the start time of a session in unix timestamp format.

UTS in seconds

ContactPigeon

It is used to activate in-site popups based on the time delay set within the platform.

cp_total_cart_items

Strictly necessary

Temporary

Records the total number of items currently in the visitor's shopping cart. It is used to activate in-site popups based on the number of items in a contact's cart, as specified within the platform.

Integer

ContactPigeon

cp_total_cart_value

Strictly necessary

Temporary

Records the total value of items currently in the visitor's shopping cart. It is used to activate in-site popups based on the value of the items in a contact's cart, as specified within the platform.

Decimal number

ContactPigeon

 

5.      Best Price

Our company, aiming to improve the services it provides, has integrated the BestPrice 360º tool into this website, in order to extract statistics and performance data from the participation of its online store in the corresponding product price comparison platform BestPrice.gr, in which it participates.

The BestPrice 360º allows the transmission of anonymous data to BestPrice.gr, regarding the activity of visitors on this website (such as visits or online orders) for the extraction of corresponding statistical results and for the improvement of marketing activities.

In addition, only if you have given your consent for order storage through the corresponding option in your BestPrice profile, every order you place online will be automatically stored in your BestPrice profile.

This feature exclusively serves to store basic order details (such as order code, products, etc.) without transmitting any personal data contained in your order. This feature is not related to order processing, for which our company is responsible.

More information about the ability to store your orders on BestPrice.gr, click here.

 

  1. With whom we share your personal data

All your data is processed by our Company (Controller) as the primary recipient of this data within the framework of fulfilling its contractual and legal/regulatory obligations towards you, serving its legitimate interests, and in cases where it is authorized or has received your consent, and always in full compliance with Regulation (EE) 2016/679 and current legislation. Within the framework of our relationship, access to personal data concerning you will be granted to the following persons:

a) The Company's employees, who are responsible for evaluating your requests, managing and operating the contract(s) with the Company, for fulfilling the obligations arising therefrom, as well as the relevant obligations imposed by law, bound by absolute discretion and confidentiality.

b) Entities to whom the Company, in accordance with Article 28 GDPR, assigns the performance of specific tasks on its behalf (processors) and with whom it has ensured processing compliant with the Regulation (GDPR) for the protection of your data, by signing contracts and committing to adequate measures, in accordance with the corresponding provisions of the GDPR (Articles 28, 32 GDPR), such as, but not limited to, partner companies that carry out different actions within the framework of order execution (transport, storage, etc.), advertising companies and/or generally providers of promotional services, such as social networks, third-party partners-technical companies within the framework of supporting the company's websites and applications and investigating relevant market data and drawing statistical conclusions with the aim of providing proposals for the application of different technological solutions to enhance products and services, etc.

c) Public bodies, such as public services and agencies, regulatory authorities, police, etc., when we are obliged to do so by the applicable regulatory framework.

In any case, we are committed, also to these parties, that the relevant disclosure will concern only the necessary data for the purposes of their services and that the use of your data will be exclusively in accordance with the applicable legal framework.

If we change ownership, your personal information may be forwarded to the new owner.

With the exception of the above, your personal data will in no way be disclosed, published or sold to third parties, unless the procedure defined by law for lifting confidentiality (Law 2225/1994) or any obligations arising from the national implementation of Directive 24/2006 is initiated. In the latter case, the data stored by us may be disclosed to the competent authorities, prosecutors or other administrative services only in accordance with the rules and provisions provided for by the applicable regulatory framework.

However, you are also obliged to safeguard the confidentiality of your data and not to disclose it to third parties (even through your negligence) or to allow third parties to use this data. The Company reserves the right to claim compensation for any damage caused by your culpable breach of the above obligations.

  1. International Transfers of Personal Data

Our Company does not directly transfer your personal data to third countries (outside the EU or EEA) or international organizations, unless the transfer is foreseen or imposed by the applicable regulatory or legislative framework or adequate safeguards are provided for such transfer, in accordance with the provisions of Articles 44 et seq. of the GDPR. Any transfer follows and complies with the relevant provisions of the applicable legislative framework.

  1. Specific statements of the Company

The Company

  • Declares that it is not responsible for any damage (direct, indirect, positive, consequential) that may be caused to the visitor due to the website or its use. The visitor is solely responsible for protecting his/her system from viruses and other malicious software.
  • Declares that it does not make decisions or engage in profiling based on automated processing of your data.
  • Is entitled to modify these personal data protection terms at any time, within the framework of the applicable legislation, and each modification will be valid from its introduction on this website. No change to the above terms will have retroactive effect regarding the management of our personal data collected in the past, unless this is imposed by applicable law. In this specific case, we will inform all our registered users via the email addresses they have provided to us.
  • Since your personal data and contact information are extremely important for the execution of your online transaction, as, as you know, these are, among other things, the only way for us to communicate with you for the fulfillment of our obligations to you and for orders, you must be sure that the information you have provided to us is absolutely correct. Every possible care will be taken to ensure that correct information is received from you and, for this reason, we ask you to re-check this information at the end of filling in your details and then send it to us along with your explicit consent. Therefore, we bear no responsibility in case any of our contractual or legal obligations are not fulfilled correctly and/or in time due to the submission of incorrect personal data. Specifically, any notification made to the email address you have provided to us will be considered valid even if it is not delivered to you due to an error in the information provided. The same applies to the contact and shipping address of the products as well as to the contact telephone numbers. In any case, you are obliged to update your information every time there is a change.
  • The user/visitor of the website, by reading this, acknowledges the above processing, which is compliant with the GDPR and its recitals, the applicable national legislative framework for personal data protection, exclusively for the purposes mentioned above and for purposes compatible with them.

    13. Useful contact details:

1.      Controller's Details:
MFSA
Address: 52 Aigialeias, 15125, Marousi, Athens
Telephone: 2108771700 Email: info@mfsa.gr

2.      Details of the Hellenic Data Protection Authority (HDPA, competent national Supervisory Authority):
Offices: Kifisias Avenue 1 – 3, P.C. 115 23, Athens
Switchboard: +30 2106475600
Fax: +30 2106475628
Email: contact@dpa.gr