ΔΩΡΕΑΝ ΜΕΤΑΦΟΡΙΚΑ ΑΝΩ ΤΩΝ 55 € ΓΙΑ ΕΛΛΑΔΑ

Aqua Purest

B2B

Aqua Purest

B2B

ΕΠΙΚΟΙΝΩΝΙΑ
CONTACT US

GDPR

Data Protection

Our business respects the personal data of its customers and all individuals it interacts with. This Privacy Policy outlines the Personal Data Protection Policy we follow as a business, regarding the conditions of collecting, storing, and using personal data we maintain for individuals, customers, employees, and partners, in accordance with the General Data Protection Regulation (GDPR) 679/2016 and the Greek Law 4624/2019 on measures implementing the European GDPR.

The terms of this Policy may be updated or modified. Therefore, it is advisable to regularly review its content.

Through this Privacy Policy, we inform you about the manner and purpose of collecting, processing, and storing your personal data, the duration of their retention, and your rights regarding them. We collect, process, and store your personal data either during your visit to our company’s premises, your telephone communication with us, or through the contact form on our company’s website www.aquapurest.com.

What is Personal Data?

“Personal Data” is any information that identifies the data subject, i.e., any individual, whether private or professional. Examples of personal data include: full name, father’s name, postal address, email address, contact phone number, Tax Identification Number (TIN), Social Security Number (AMKA), etc.

What Constitutes Processing of Personal Data?

Processing of Personal Data includes the collection, recording, organization, storage, adaptation, alteration, retrieval, information search, use, transmission to third parties, dissemination, correlation, combination, restriction, deletion, and destruction of Personal Data of individuals.

What Personal Data Do We Collect?

We collect and process the following personal data:

A) Contact and Personal Information: full name, phone numbers, fax number, email address, postal code, billing address for orders and product shipments, date of birth, gender, email address, login password, IP address during the communication session, TIN, Tax Office, etc.

B) Website Usage: how you use our website and whether you open or forward our communications.

C) Sales and Service Information: information related to purchases, customer identity, service provision, purchase and shipment of our products, including complaints and claims.

We collect the above data only if our customers voluntarily provide it to us.

How Do We Collect Your Personal Data?

Our business may collect your personal data through the following, non-exhaustive methods:

  • Visits to our company’s headquarters and branches,
  • Membership registration on the Website www.aquapurest.com,
  • Sending a contact form,
  • Telephone communications with the Company,
  • Purchasing products and services,
  • Communication with a Company representative via email, phone, or mail,
  • Subscribing to the Company’s newsletter,
  • Cookies stored on your computer or mobile device when you visit our online locations.

Regarding Product Sales and Service Provision

The personal data of the customer and/or user of our website will be stored and accessible for the execution of the contract and provision of the selected services in an efficient manner, so that the competent personnel and any strictly authorized partners can perform or monitor the progress of each project.

Regarding Product Purchases

Our business collects data during the electronic ordering process through the shopping cart on our website. This data includes personal information such as shipping details, customer-buyer details, and the products or services selected by the visitor or User of our website. This data is used for the secure completion of the transaction and to keep the User informed within the context of executing the contract.

Retention Period of Personal Data: We store your personal data for as long as necessary to serve the aforementioned processing purposes, for which we have your consent, and as required by applicable law in Greece. All personal data of prospective private customers and prospective employees and partners (e.g., resumes, etc.), included in printed documents, electronic media, and/or databases (computerization), are deleted within two (2) months, unless they are included in sales receipts or (co)operation contracts. All relevant documents are destroyed.

We do not collect payment data, such as bank account numbers, credit, or debit card numbers. If the user chooses “card payment,” they will be required to enter the necessary payment card details on the secure website of the cooperating bank (ALPHA Bank) to which they will be automatically redirected to complete the payment.

Regarding purchases made through telephone communication with our representative at the phone number +30 2315114542, we inform you that it is necessary to collect your personal data, i.e., full name, address, postal code, city, country, and contact phone number, in order to be able to subsequently send you the ordered product and contact you if required. Therefore, placing the order implies your automatic consent to the collection, processing, and storage of your personal data, exclusively for the above purpose and in accordance with the terms stated in this Privacy Policy.

Regarding the provided consent, our company representative will mention or remind you of it during your telephone communication with us.

Regarding our website, there is a contact form available for you to fill out, entering your full name, address, city, country, postal code, phone numbers, fax, email, URL, and the text you wish to address to us.

Additionally, in the “Member Login” field, you can register as a new member on our website by submitting your details, i.e., the username and password you choose, password confirmation, first name, last name, address, city, country, postal code, phone numbers, email, URL, and the text you wish to address to us. These specific details are absolutely necessary for member identification. The aforementioned personal data is stored in our website’s software only if the user/prospective member provides their consent to the processing of their personal data. In the corresponding form-field, a relevant link is provided with information on Personal Data Protection.

For simple visits and browsing of our website, no personal information is requested from you.

Why and for what purposes do we collect, process, and store your personal data?

The personal data you provide us, through any of the above-mentioned ways, is used by us, with your consent, exclusively for purposes related to your transactions with us, i.e., to fulfill your requests and provide the services you choose under the best conditions and most efficient manner. These purposes include:

  • Communicating with you,
  • Promoting and advertising our products.

We collect only the personal data necessary for the aforementioned purposes, ensuring personalized service, consistent product delivery, secure payment of your order, and timely updates about various offers and conveniences we periodically provide to our customers. Through your subscription to our website’s newsletter, you give us your consent to receive informational bulletins, offers, and updates via email about relevant products and services, including personalized offers, discounts, etc.

If additional information is required, you will be informed at the time of data collection and your explicit consent will be requested again.

To whom do we disclose your personal data?

We share and disclose the information we collect from you only within the framework of the aforementioned processing purposes, with authorized and essential personnel of our business and partners, including accounting departments, external accountants, or accounting companies, and system support service providers. These parties are bound by confidentiality agreements, privacy, and secrecy obligations.

For example, our business may assign the processing of your personal data to specialized companies to fulfill these purposes. These companies are authorized to process your data in compliance with this Privacy Policy and applicable laws.

These data are processed exclusively within the European Union (EU).

The business will disclose personal data only when necessary to complete a transaction and/or when required by law. Our company agrees with all its corporate partners to restrict the purposes for which your personal data can be disclosed and processed, as defined above, and to ensure adequate protection of your personal data.

Our business may store your personal data in the cloud. This means that the processing of your personal data may be carried out by a cloud service provider on behalf of the company, and your personal data may be stored in different locations worldwide. The company uses organizational and contractual measures to protect personal data and enforce similar, but no less restrictive, requirements with our cloud service providers, including requirements related to the exclusive processing of your personal data for the purposes mentioned herein.

While browsing the company’s website, you may encounter links to other online sites for practical and informational purposes. These websites may operate independently of our business and have their own privacy policies. We recommend that you read them to understand how your personal data is processed on those sites, as we are not responsible for the content, practices, or privacy policies of websites owned or managed by other companies.

For how long do we store your personal data?

We store your personal data for as long as necessary to fulfill the purposes of processing mentioned above, for which we have your consent, and as required by applicable law.

All personal data of prospective customers and prospective employees or partners (e.g., CVs, etc.) included in printed documents, electronic media, or databases (computerized systems) are deleted within two (2) months unless they are included in sales receipts or employment contracts. All relevant documents are destroyed.

Safeguarding Your Data

We take appropriate organizational and technical measures, both physical and electronic, to ensure that the personal data we hold is secure and protected against unauthorized processing, unauthorized access and disclosure, accidental or unlawful destruction, loss, alteration, leakage, and theft.

In the event of a breach of your personal data, we will follow the GDPR’s requirements for notifying you and reporting the breach.

Security is achieved through the following methods:

Identification: Two fields are used to identify the user: the Login Identifier (email or username) and the Personal Secret Security Code (password). These credentials provide secure access to the user’s account. The user is solely responsible for maintaining the confidentiality of their password and is liable for its disclosure to third parties. In case of loss or leakage, the user must immediately notify the business; otherwise, the company will not be held responsible for unauthorized use. For security reasons, we recommend that users change their passwords regularly and avoid using easily detectable codes (e.g., birth dates or phone numbers). It is also advised to use a combination of letters, numbers, and symbols (e.g., $^*#@!_) when creating passwords.

Confidentiality of Data Transfer: To ensure the confidentiality of data transfer, SSL encryption protocol with RSA 2048-bit keys (e 65537) is used. Additionally, all backup systems are encrypted (AES-256) before being transmitted to authorized cloud providers via SSL connection as an extra security measure. The backup providers currently used for data storage are:

Controlled Access: All websites/eshops are hosted in Data Center infrastructures that meet ISO 27001 security standards and comply with GDPR data protection requirements. Access to our company’s systems (servers) is controlled by a firewall, allowing users to access specific services while prohibiting access to confidential company data and systems.

Our web hosting providers currently used include:

Encryption: Through specialized software, the company’s electronic system first decrypts the information it receives before processing it. Our systems send information following the same encryption procedure. Wherever you enter personal data (password, email, addresses, phone numbers, credit card numbers, etc.) on the Website, SSL encryption with RSA 2048-bit keys (e 65537) is applied.

Privacy of Transactions: Confidentiality is inherent in our operations. The principles governing traditional transactions apply equally to electronic transactions with the company. All information transmitted by the user is confidential, and the company has taken all necessary measures to ensure that this information remains secure and is used only to the extent necessary to complete the transaction.

For added security, all payments made through cards (debit, prepaid, or credit) are processed via the ePOS PayCenter service of Piraeus Bank. We ensure your transactions are secure, and we do not store or process your card data.

Your Rights Regarding Your Personal Data:

You have the following rights over your personal data that we process and store:

a) Access to your personal data: You can request information on the categories of data we process, the purposes of processing, the data recipients, the storage period, and the criteria for storing them. You can also ask for details regarding your right to rectification, deletion, or restriction of your data’s processing, or your right to object to the processing.

b) Rectification of inaccurate data and the completion of incomplete data concerning you.

c) Restriction of processing your personal data.

d) Deletion of your personal data, provided that the data is not maintained for a specific legal and declared purpose.

e) Data portability: You are entitled to receive or request the transfer of your data, in a machine-readable format, from our company to another data controller.

f) Withdrawal of your consent for the processing of your personal data. This withdrawal will only apply going forward and will not affect the legality of the processing up to that point.

To exercise any of the above rights, you can contact us via email at [email protected], providing your full details and the reason for your communication. Following a review of the relevant request and identification of the sender, our business will act upon the request within a reasonable period, provided that the request is legitimate and justified.

You always have the right to file a complaint regarding any right or request with the Hellenic Data Protection Authority (address: Kifisias 1-3, P.C. 11523, Athens, tel: +30 210 6475600, email: [email protected]).

How Can We Improve Our Services?

Our business collects information about how you use our services through your online visits and communications with us. This includes the type of content you view, the frequency and duration of your activities, and information about the devices (e.g., smartphones, laptops) and browsers through which you access the services. These details help us customize your online experience, improve website performance and usability, and assess the effectiveness of our marketing activities.

Specific Information Collected During Website Visits

In particular, we collect connection information such as:

  • The name of your mobile carrier or Internet Service Provider (ISP),
  • The language and time zone settings of your browser,
  • The geographic location of the device accessing the site and the type of browser used (e.g., Google Chrome, Safari),
  • The IP address of the device you are using to access the website. An IP address is a number assigned to your device each time you connect to the internet. For security and system diagnostic purposes, we collect these details when you visit our website.

User Rights

You have the following rights concerning your personal data that we process and store:

a) Access to your personal data: You can obtain information about the categories of data we process, the purposes of processing, the recipients, the storage period, the criteria for storage, and details on the right to rectify, erase, or restrict processing, or object to the processing.

b) Rectification of incorrect/inaccurate data and the completion of incomplete data concerning you.

c) Restriction of processing of your personal data.

d) Erasure of your personal data, provided that the data is not retained for a specific lawful and declared purpose.

e) Data portability: You are entitled to receive or request the transfer of your data in a machine-readable format from our company to another controller.

f) Withdrawal of your consent to the processing of your personal data. The withdrawal will apply only moving forward and will not affect the legality of the processing carried out until the withdrawal of your consent.

To exercise the above rights, you may contact us via email at [email protected], providing your full details and the reason for your inquiry. After reviewing the request and verifying the sender’s identity, our business will proceed to satisfy the request within a reasonable time, provided the request is legitimate and valid.

Submitting a Complaint

In the event of non-compliance by our company with any of the above requests or with the general principles and provisions of the GDPR, you retain the right to submit a complaint to the Hellenic Data Protection Authority (HDPA) at the following address: Kifisias 1-3, P.C. 11523, Athens, Greece, telephone number +30 210 6475600, email: [email protected].

Amendment of Data

You have the right to correct inaccurate or incomplete personal data concerning you. Additionally, you may request the restriction of the processing of your personal data, its deletion (provided it is not retained for a specific lawful purpose), and the portability of your data. You are entitled to receive or request the transfer of your data in a machine-readable format from our company to another controller.

To exercise any of the above rights, you can contact us at [email protected], providing your full details and the reason for your inquiry. Following the review of your request and the verification of the sender’s identity, our company will respond within a reasonable time, provided that the request is legitimate and valid.

Withdrawal of Consent

Furthermore, you have the right to withdraw your consent to the processing of your personal data at any time. The withdrawal will only apply moving forward and will not affect the lawfulness of processing before the withdrawal. You can revoke your consent by contacting us at [email protected], stating your full details and the reason for your communication.

Complaint Submission

If our company does not comply with any of the above requests or the general principles and provisions of the GDPR, you always have the right to submit a complaint to the Hellenic Data Protection Authority (HDPA) at the following address: Kifisias 1-3, P.C. 11523, Athens, Greece, telephone number +30 210 6475600, or via email at [email protected].

How We Enhance the Services Provided to You

Additionally, our company collects information when you visit our website, as well as through the emails we may exchange, regarding how the user utilizes the services (e.g., the type of content viewed or the frequency and duration of activities). Moreover, the company collects information from or about the type of devices (e.g., smartphones, laptops, etc.) and browsers you use to access the services, depending on the rights you have granted. The company may correlate the information collected from various devices, which helps maintain consistency in the services provided. Collecting such data enables us to personalize your online experience, enhance the website’s performance, usability, and effectiveness, and assess the success of our promotional and marketing efforts.