Terms of Use

Intellectual Property (IP)

Healthy People IKE owns the exclusive copyright of the biofeminplus.gr website address, as well as all content that appears on the website, including text and any material that may be stored off the website. The copyright of certain digital material used to display messages or decorate specific sections belongs to their original owners and is used with their written permission. Any photographs, logos and information related to other companies that appear on this website are presented for marketing purposes and with respect to the copyright of the respective owners.

Any copying, reproduction or use of the content of this website is prohibited without the written permission of the owner.

Any copying, reproduction or use of content displayed on this website is prohibited without the written permission of the owner.

Personal Data Protection Policy

Introduction

Our Company in the context of its compliance with the General Data Protection Regulation EU 2016/679 (hereinafter “GDPR”), the  ν. 4624/2019, n. 2472/1997, n. 3471/2006 and in general the national and European legislative and regulatory framework for the protection of natural persons with regard to the processing of personal data, as applicable, is committed to the protection of personal data processed for the purposes of carrying out its business in the field of the items it trades.

Our Company attaches great importance to the protection of the personal data of its customers. For this reason, it has prepared this Policy in order to inform you about the way and means of processing your personal data when you visit, register or generally use our online store (e-shop) biofeminplus.gr provided that you are a natural person.

The personal data you provide us when you enter our online platform either for information purposes or for the purposes of executing a sales contract, are processed and kept on file under the responsibility of the Company.

 

General principles

The registration and personal/personal data of users of this website are stored and managed in accordance with European laws and all necessary measures are taken to prevent data leaks, such as email addresses, usernames and passwords in our database. Visitors who subscribe to any of the email lists that may appear on this website or submit information via a form, automatically accept the use of their email address by the owners of the website for the purpose of communication.

You can unsubscribe from our database by sending an email to info@biofeminplus.gr or, in the case of a mailing list, by using the “unsubscribe” link that appears at the end of each email you receive due to your subscription to our newsletter.

 

Definitions

“personal data” : personal data means any information relating to a natural person who is identified or identifiable (“data subject”).

“personal data subject”: the natural person for whom the controller collects and processes personal data (in this Policy, the data subject is the customer/user of the above website, whether or not identified for the use of the service).

“processing”: any operation or set of operations which is performed, whether or not by automated means, on personal data or on sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction,

“restriction of processing”: the marking of stored personal data with a view to restricting their processing in the future.

‘controller’ means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

‘processor’ means the natural or legal person, public authority, agency or other body that processes personal data on behalf of a controller.

‘recipient’ means the natural or legal person, public authority, agency or other body to whom the personal data are disclosed, whether or not a third party.

‘consent’ of the data subject: any freely given, freely given, specific, explicit and informed indication of his or her wishes by which the data subject signifies his or her agreement, by a statement or by a clear affirmative action, to the processing of personal data concerning him or her,

“third party”: Any natural or legal person, public authority, agency or body, with the exception of the data subject, the controller, the processor and persons who, under the direct supervision of the controller or processor, are authorised to process personal data.

‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access of personal data transmitted, stored or otherwise processed.

 

Data Processing Officer

The Company is the Data Controller of the Data it collects and generally processes.

Collection of Personal Data

The personal data collected are:  name, surname, home/work address, e-mail address and mobile phone number.

The personal data collected and stored are limited to the absolutely necessary, relate to your visit to our online store, the processing and completion of your order and their processing is solely for these purposes.

We collect preference and browsing data, i.e. we record the products of our online store that you place in your basket or in your favourites or have purchased in the past.

Also, if you have consented to the terms of use of our website, we register your email address on our “newsletter mailing list”.

 

When you register as a User on our Services:

a) create a user account in which you enter your email address and password of your choice; and

b) in the account you create, if you proceed with an order, you can additionally fill in the tab “Shipping Addresses” and “Billing Addresses”, in which the following data are mandatory: first name, last name, mobile phone, address (including city, region, postal code, country) and optionally: the name of the bell and/or address.

In case you wish to issue an invoice, the name of your company, your profession, your VAT number and your tax office are also required.

 

Upon completion of your Order:

 If you have created a user account, we will use the data you have registered when you register with our services.
If you do not wish to create a user account, each time you wish to place a new order, you will re-enter the data mentioned above to create and complete an account.
For the completion of the payment, we may require your “Paypal” account or credit/debit card details, which we do not collect as we do not collect the data.

 

Purpose of Processing of Personal Data

We collect your data exclusively for the purposes of the services provided by the e-shop and in particular for a) the management of the sale of our products, e.g. communication and informing you about the availability of products and the progress of your order, the execution of your order, the dispatch of the products to your address, the management of your debts to the Company, the realization of returns, the provision of guarantees, b) compliance with the obligations imposed by the applicable legislation, e.g.

 

Legal Basis for the Processing of your Data

The processing of applicant, contact, billing, shipping, transaction data is either done for the execution of the sales contract or based on the consent of the user himself.

Your data, such as your VAT number, your tax office and invoice details are collected and kept in the context of our compliance with our legal obligation imposed by the applicable tax legislation.

For your data related to the sending of newsletters, product promotion, satisfaction surveys and the use of cookies, the lawfulness of their processing is based on your consent.

 

Maintaining Confidentiality

The  Company  does not transmit, does not disseminate and does not make available, in any form  user data to third parties. Access to this data is only available to its authorized employees within the scope of their duties or companies cooperating with it in the context of supporting and completing your orders and always in accordance with our instructions.

The only time we may share or disclose your data is only when you have explicitly requested it or when required by law.

 

Ensuring the proper management of your data.

The Executors have agreed and committed to the Company:

maintain confidentiality,
not to send data to third parties without the Company’s permission,
to take appropriate security measures,
to comply with the legal framework for the protection of personal data and in particular the GDPR.

 

Personal Data Protection and Security Guarantee   

The personal data collected are recorded for the minimum period of time in systems that provide adequate safeguards and are used by specially trained and authorised employees, in order to achieve the maximum possible protection of the data recorded in the modern digital environment.

The security and protection of all data is enhanced by the use of  additional security programs.

In parallel, strict measures and procedures are in place to protect against possible alteration, loss, unintended or unlawful processing.

 

Rights of Data Subjects (Users/Customers)

The Company, in full compliance with the applicable legal provisions, satisfies and facilitates the exercise of the rights of the subjects, indicatively:

  • The right of access in order to be informed which data is processed by the Company, for what purpose, the recipients and the period of storage.
  • The right of correction in order to correct inaccuracies, errors or omissions in your data.
  • The right to erasure (“right to be forgotten”) of your data, subject to the conditions set out in the GDPR.
  • The right to restrict processing in case one of the conditions explicitly mentioned in the GDPR applies.
  • The right to portability in order to receive your data in a readable electronic format and transmit them to a third party or request that we transmit them to a third party.
  • The right to object to the processing of your personal data by withdrawing your consent, without this withdrawal affecting the lawfulness of the processing for the period of time elapsed before the withdrawal of consent. In this case we will immediately stop the processing, unless there are other legitimate reasons.

 

Sending Information Material by Consent 

Your consent to the sending of informative material (newsletter) is provided voluntarily and your details are registered in the list of “newsletter recipients” of our Company. If at any time you wish to be removed from the relevant list, you may, without any reason, declare this (also via the e-mails you receive by “clicking” on the “unsubscribe” link at the end of each message/email) and henceforth we will cease sending similar newsletters to you.

Our Company shall not be liable for any delay in the interruption of the delivery of the newsletter.

 

Data Deletion

The data provided by you will be kept/stored by us only for as long as required to fulfill the purpose for which you have provided us with your data and in compliance with the applicable legal provisions.

If you have given us your explicit consent to use your personal data for marketing purposes (subscription to our newsletter list), we will use your data for this purpose until you withdraw your consent. You can withdraw your consent at any time with effect for the future.

We delete the data collected by Cookies in accordance with our Cookies Policy.

 

Sending and Processing of Requests/Complaints    

If you wish to contact us for any issue related to the processing of your data and the exercise of your rights, you can contact the Data Protection Officer (DPO)  of the company at info@biofeminplus.gr

We do not make decisions, or carry out profiling, based on automated processing of your data.

 

Request/Complaint Service

We process your requests without delay, and in any case within (1) month of receipt. In case your request is complex, requires a lot of time or the number of pending requests, at the given time, is large, we will inform you in time for an extension of (2) two more months in sending our response.

If your requests are vague, inadequate, abusive or vexatious, the Company may impose a financial charge, taking into account the administrative costs of providing the information or performing the requested action, or refuse to comply with the request.

 

Competent Authority  

The Personal Data Protection Authority (DPA) is in charge of supervising the application of the provisions and regulations concerning the protection of individuals with regard to the processing of personal data and handles complaints lodged for violation of the provisions of the GDPR (D/Div: Kifissia 1-3, p.k. 115 23, Athens, Athens, telephone: 210 6475600, e-mail: contact@dpa.gr).

 

Amendments to the Existing Policy 

Whenever necessary, this Policy will be updated to reflect the current market conditions and legislation.

You will be informed of any changes by a special notice that will appear on the website.

In any case, we encourage you to come back to this page from time to time to ensure that you are kept up to date and informed about the protection of your data.