Privacy Policy

Privacy Policy

We would like to inform you about how we collect, use, and share personal data from and about you through this website and its associated mobile sites, applications, and widgets.

1. WHAT AND WHO DOES THIS PRIVACY POLICY COVER?
The Company acts as the Data Controller of the personal data (i.e., information that identifies a specific individual, such as full name or email address) that we collect from and about you through the Company's Services, which are processed in accordance with the terms of this Privacy Policy.

This Privacy Policy, alongside our Cookie Policy, applies to all users, including those who utilize the Company's Services without having registered or subscribed to a specific Service, as well as those who have formally registered or subscribed.

As explicitly stated in our Terms of Use, the Company's Services are intended for a general audience. They are not directed at children, and we do not knowingly collect personal data from children under the age of 16.

2. WHAT TYPE OF PERSONAL DATA DO WE COLLECT ABOUT YOU?
The Company collects: (1) registration data provided when you sign up for a Company Service; (2) public data and posts you share through the Company's Services; (3) data you have permitted social media platforms to share with us; and (4) activity data generated when you access and interact with a Company Service. Specifically, we collect the following types of data from and about you:

Registration Data: Information you submit to register for a Company Service, such as creating an account, posting comments, receiving a newsletter, or entering a contest. This may include your first name, last name, email address, gender, country, postal code, and date of birth.
Public Data and Posts: Comments or content you post on the Company's Services, along with the personal data accompanying such posts, which may include your pseudonym, username, comments, likes, status, profile information, and photograph. Public information and posts are always visible to everyone and may appear in external search engine results.
Social Media Data: If you access or log in to a Company Service through a social media platform or connect a Company Service to one, the data we collect may also include your user ID and/or username associated with that platform, any information or content you have permitted the platform to share with us, your profile picture, email address, friend lists, and any personal data you have made public in connection with that service. By accessing our Services via social media, you authorize the Company to collect, store, and utilize the relevant personal data and content in accordance with this Privacy Policy.
Activity Data: When you access and interact with the Company's Services, we may collect specific information regarding those visits. For instance, to facilitate your connection, our servers receive and record information about your computer, device, and browser, potentially including your IP address, browser type, and other software or hardware details. If you access our Services from a mobile or other device, we may collect a unique device identifier, geolocation data, or other transactional details for that device. We may also utilize cookies and other tracking technologies (such as browser cookies, pixels, beacons, and Adobe Flash technology). These are used to collect and store information about your usage of our Services, such as pages visited, content viewed, search queries submitted, and advertisements seen. For further details, please refer to our Cookie Policy.
Information from Other Sources: We may supplement the data we collect with information from other sources, such as publicly available information regarding your online and offline activity from social media services and commercially available sources.
What we do NOT collect:

Financial Information via Payment Providers: In certain instances, we may use an unaffiliated payment service to allow you to purchase a product or make payments ("Payment Service"). If you choose to make a purchase via a Payment Service, you will be redirected to their webpage. Any information provided to a Payment Service will be subject to their respective privacy policy, not ours. We have no control over, and are not responsible for, any use of information collected by the Payment Service.
Sensitive Information: We kindly request that you do not send or disclose sensitive personal data (such as social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background, or trade union membership) on or through the Company's Services or otherwise.
Linked Services Lastly, the Company's Services may link to external websites, including social media platforms, operated by unaffiliated entities. These may offer content, functionality, newsletters, contests, or applications developed and maintained by third parties. The Company is not responsible for the privacy practices of these unaffiliated entities. Once you leave the Company's Services or click on an advertisement, we advise you to review the applicable Privacy Policy of the other service.

Functionality Cookies These cookies "remember" your preferences while browsing our site, enabling us to recommend the perfect products based on your refined needs. With these cookies, you enjoy a personalized version of The Greek Designers Store, making it effortlessly easy to find exactly what you are looking for.

3. HOW DO WE USE YOUR PERSONAL DATA?
We utilize the personal data we collect from and about you to:

Provide you with the Company's Services and Features.
Measure, analyze, and elevate these Services and Features.
Enhance your experience across our Services (both online and offline) by delivering content tailored to your unique interests.
Allow you to comment on content and participate in online activities, contests, or premium reward programs.
Provide exceptional customer service and promptly respond to your inquiries.
Protect the rights of the Company and others. For example, we may use your data when we hold a good-faith belief that such processing is necessary to: (i) protect, enforce, or defend the legal rights, safety, or property of the Company, its affiliates, employees, agents, or suppliers (including enforcing our agreements and terms of use); (ii) protect the safety and privacy of our users or the public; (iii) protect the Company and other involved third parties against fraud or for risk management purposes.
Comply with applicable laws, legal processes, and/or respond to requests from competent government authorities.
Complete a corporate transaction, such as a proposed or actual reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of the business, assets, or stock.
Facilitate social sharing functionality. If you connect a social media account to our Services, we may share your username, photo, likes, and comments with other users and your social network friends. We may also share this data with the social media service provider.
Send you (via email, SMS, telephone, chat, and social media), with your prior explicit consent, highly curated offers, promotions, and commercial communications regarding the Company's Services.
Send you, with your prior explicit consent, commercial communications tailored specifically to your bespoke interests and needs via the communication methods mentioned above.
We may also use anonymized data or data that no longer identifies you personally (e.g., statistics) for any purpose or share it with third parties.

4. ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA?
The processing of your personal data is based on the following:

Section 3, points a) to f): Processing is necessary for the provision of the requested services and is therefore mandatory.
Section 3, point g): Processing is mandated by applicable laws and is thus mandatory.
Section 3, point h): Processing is executed based on the legitimate interest of the Company and its counterparts to conduct economic activities. This interest is sufficiently balanced against your own, as data processing is strictly limited to what is necessary. This is not mandatory, and you may object at any time as described in Section 11.
Section 3, point i): This is at your discretion. However, without your consent, it is impossible to connect a social media account to the Company's Service.
Section 3, points j) and k): This is at your discretion. Without your consent, the Company cannot provide you with personalized commercial communications and exclusive offers based on your interests.
You may withdraw your consent for the processing of your data for the purposes of Section 3, points i) to k) at any time by sending a notice to the email address specified in Section 11.

5. HOW DO WE PROCESS YOUR PERSONAL DATA?
Your personal data is processed using both electronic and manual methods. It is safeguarded with state-of-the-art security measures, taking into account implementation costs, the nature, scope, context, and purpose of the processing, as well as the varying likelihood and severity of risks to your rights and freedoms. Specifically, the Company employs stringent administrative, technical, personnel-related, and physical measures designed to protect your data against loss, theft, and unauthorized use, disclosure, or modification.

6. WHO CAN ACCESS YOUR PERSONAL DATA?
The Company may share your personal data for the purposes outlined in Section 3 with the following categories of recipients, located within or outside the European Union, in accordance with Section 7 below:

Third-party service providers entrusted with processing activities and duly appointed as data processors when required by law (e.g., cloud service providers, IT support, consultants, and legal advisors).
Affiliated companies acting as data controllers or processors.
Competent authorities for compliance with applicable legal obligations.
You may request a complete list of appointed data processors by contacting the Company at the address provided in Section 11.

7. IS YOUR PERSONAL DATA TRANSFERRED ABROAD?
Your Data may be transferred to countries within and outside the European Economic Area (EEA), particularly to the United States. The European Commission recognizes that certain non-EEA countries provide an adequate level of data protection. For transfers to countries not deemed safe by the European Commission, we have implemented appropriate safeguards, such as standard contractual clauses approved by the European Commission under Articles 45 and 46 of the GDPR, ensuring your data remains protected.

You have the right to request a copy of these measures by contacting the Company at the address listed in Section 11.

8. WHAT ARE YOUR RIGHTS REGARDING YOUR PERSONAL DATA?
At any time, you hold the right to:

Receive confirmation as to whether your personal data exists and be informed of its content and origin, verify its accuracy, and request its correction, update, or modification.
Request the deletion, anonymization, or restriction of processing of your data if processed in violation of applicable law.
Object to the processing of your personal data for legitimate reasons.
You may send your request to the address mentioned in Section 11. Please include your email address, name, physical address, and telephone number, explicitly specifying the information you wish to access, alter, update, or delete.

Please note that even after account cancellation or a deletion request, certain copies of your data may remain visible (e.g., if shared on social media) or be retained on our servers for a specific period for legal compliance and backup purposes.

Marketing Opt-Out Options: You may withdraw your consent regarding:

Receiving electronic communications from us: You can opt-out by following the unsubscribe instructions in our emails, updating your user profile preferences, or using the consent management tool on our website.
Sharing your personal information with affiliates/partners: You may opt-out of this sharing through your user profile settings, our consent management tool, or by sending a formal request.

9. WHAT APPLIES FROM MAY 25, 2018?
Since May 25, 2018, the General Data Protection Regulation (GDPR) has been in effect, bringing the following provisions:

Retention Periods: We retain your data only for the period necessary to fulfill the purposes for which it was collected.

Data collected for purposes in Section 3, points a) to h) is retained for the duration of the Service provision, plus the statutory limitation period under applicable law.
Data collected for Section 3, point i) is retained as long as required to keep your social network connected.
Data for points j) and k) is retained in a form allowing identification only as long as necessary for processing purposes, unless prolonged storage is required for archiving in the public interest, scientific/historical research, or statistical purposes, safeguarded by appropriate technical measures.
Additional Rights: Under the GDPR, you additionally have the right to:

Request restriction of processing if you contest data accuracy, if processing is unlawful, if data is no longer needed by us but required by you for legal claims, or pending verification of overriding legitimate grounds following an objection.
Object to processing.
Request erasure of your personal data without undue delay (Right to be Forgotten).
Receive an electronic copy of your data for data portability to yourself or another provider.
Lodge a formal complaint with the competent data protection supervisory authority.

10. UPDATES TO THIS PRIVACY POLICY
The Company may elegantly refine or update this Privacy Policy for any reason, including changes in applicable law or legal interpretations.

Please refer to the Effective Date at the top of this Policy to see when it was last revised. Any material changes that alter the nature of processing or expand our rights to use previously collected data will be communicated in advance, and you will be provided with a choice regarding the future use of your data, as required by applicable law.