Privacy Policy

  1. GENERAL

NOTOS COM HOLDINGS S.A. (hereinafter referred to as the "Company") takes your personal privacy and trust very seriously. The following information on the protection of your personal data describes how we process your personal information when you communicate with us or use our services. This data protection policy is regularly updated to ensure that it is up-to-date and accurate. We encourage you to periodically read this policy to understand how your data is protected.

The personal data collected by Notos Com Holdings, processed, recorded, and stored confidentially by the Company itself as the Data Controller, complies with the applicable provisions on the protection of personal data, the General Data Protection Regulation (EU 2016/679), and Law 4624/2019. Personal data collected is never disclosed to third parties (except as required by law and competent authorities), but their personal nature is preserved. The Company maintains records of this information solely for communication purposes, marketing actions, statistics, and improvement of the services provided, as well as customer portfolio management.

Through the website www.thebostonians.gr, the Company has the ability to collect the personal data it needs from you (i.e., name, surname, mobile phone number, email address) to create an individual account on the website, through which you can receive updates.

 

  1. COLLECTION AND USE OF INFORMATION

 

  1. Purpose of processing: The collection and processing of personal data by the Company, in accordance with the provisions of law 2016/679, aim at creating/maintaining your personal consumer profile. The processing is intended for the development, improvement, and promotion of our products/gifts and services, as well as providing personalized suggestions/offers/gifts that meet the users' needs.
  2. Categories of data we will collect: If you consent to the processing of your personal data, the categories of personal data we will collect include: name, address, phone numbers, email address, information you provide through your orders, communications with Customer Service conducted either by phone or other means (e.g., email, letter, etc.), details and information from your online navigation (e.g., how often you visit the website www.thebostonians.gr and categories of gifts you choose), information from online surveys, contests, etc., and information obtained from the use of cookies. You can find the Cookie Usage Policy here. Note that the Company will process the personal data of natural persons - members in accordance with this statement and for the purposes mentioned therein.

  3. Processing security: The security of your personal data is extremely important to the Company. We take all appropriate organizational and technical measures to ensure that the data collected under this statement is processed in accordance with the legal requirements for the protection and retention of your personal data. One of the measures we take for the security of your personal data is the application of pseudonymization methods. Pseudonymization refers to the processing of personal data in such a way that it is no longer possible to identify a specific natural person without the use of additional information. This additional information is kept separately and is subject to technical and organizational measures to ensure that it cannot be attributed to an identified or identifiable natural person. Beyond technical security measures, the Company has Security Policies and Procedures to protect your personal data.

  4. Exercise of your rights: For any inquiries or to exercise the rights arising from the applicable data protection legislation, please contact us through the contact form or via email at customerservice@thebostonians.gr.

    It is noted that after May 2018, the new General Data Protection Regulation (EU) 2016/679 will be in effect. Under the new Regulation, you can exercise the following additional rights:

    • Right to information and transparency (Articles 12-14 GDPR): This is the right to know who processes your data, what data is processed, and for what purpose. Organizations processing your data must provide clear information in plain language.
    • Right of access by the data subject (Article 15 GDPR): You have the right to request free access to your personal data held by an organization.
    • Right to rectification (Article 16 GDPR): You have the right to request the correction of inaccurate personal data and the completion of incomplete information.
    • Right to erasure ("right to be forgotten") (Article 17 GDPR): You have the right to request the deletion of your personal data under certain conditions, such as when the data is no longer necessary, you have withdrawn your consent, the data has been unlawfully processed, etc.
    • Right to restriction of processing (Article 18 GDPR): You have the right to request the restriction of the processing of your personal data when the accuracy of the data is contested, the processing is unlawful, the data is no longer needed by the data controller, or you have objected to automated processing.
    • Right to data portability (Article 20 GDPR): You have the right to request the transfer of your data to another data controller in a suitable format, making it technically feasible to transmit.
    • Right to object (Article 21 GDPR): You have the right to object to the processing of your personal data by an organization, provided that the public interest is not affected.
    • Right to non-automated individual decision-making, including profiling (Article 22 GDPR): You have the right to object when a decision that concerns you is based solely on automated processing, including profiling, and this decision produces legal effects or significantly affects you.

    Additionally, you can withdraw your consent at any time (without retroactive effect) through customerservice@thebostonians.gr, and you maintain the right to submit a written complaint to the competent supervisory authority regarding the protection of personal data, namely the Hellenic Data Protection Authority (1-3 Kifisias Avenue, Postal Code 115 23, Athens, +30 210 6475600, contact email: complaintcomplaints@dpa.grs@dpa.gr).