The purpose of this privacy notice is to help you understand the reason that we collect your personal data, and the ways in which we use them. We hope that you will take some time to read carefully. This privacy notice is addressed to everyone who interacts and/or makes online purchases through www.gaspatchmodels.com (hereinafter the “website”).
1. Controllers of personal information
For the purpose of the EU General Data Protection Regulation 2016/679 (the GDPR), the data controller is Gaspatch Models Ltd, having its registered office at 74 El. Venizelou Str. GR - 17676, Greece (hereinafter “Company/we/us”).
2. Data collection
2.1. What personal information do we collect and when/how do we process it?
When you visit and sign in/register to our website, we ask you to provide some information about you. This information includes:
a) Full name, company title, address, email address, phone number (mobile and/or landline), when you create an account with us, in order for you to be able to check out faster, save shipping addresses, access your order history, and track any new orders
b) Email address, when you subscribe to our newsletter, in order to be able to email you with news, new products, offers and discounts
c) Full name, company title, email address, delivery address, billing address, Paypal details, when you make a purchase from us, in order to be able to accept the order and the payment, to deliver your order to you, to resolve any problems that may occur concerning your order, to manage returns and refunds, to ask for your feedback regarding your experience in purchasing from our website.
d) IP address, technical information about the device you use to access our website, search history on our website, your basket contents when you use our website, in order to be able to prevent payment fraud when you make purchases, to tailor the website and product suggestions to your interest, to carry out market research.
2.2 Non - personal information
We may automatically collect non-personal information about you such as the type of internet browsers you use or the site from which you linked to our Site. You cannot be identified from this information and it is only used to assist us in providing an effective service on our Site. We may from time to time supply the owners or operators of third party sites from which it is possible to link to our Site with information relating to the number of users linking to our Site from their sites. You cannot be identified from this information.
2.3 How long do we store your personal information?
If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We will not keep your personal information for longer than is necessary for the purpose or purposes for which they are collected, unless there is another legal reason for us to retain the information. We will take all reasonable steps to destroy or erase from our systems all data which is no longer required. We will keep your personal information for the duration of your account being active and for 5 years after our contract with you has terminated. We will keep your personal information for as long as we have your consent, for the reasons that it was provided by you.
2.4 With whom do we share your personal data?
We may share your personal information with third parties, on the condition that they take security measures to ensure the safety of your information. We work with a number of trusted businesses in order to provide you the high quality goods and services you expect from us, such as delivery and IT companies amongst others. Other than the disclosures referred to in this policy, we will not disclose any personal information without your permission unless we are legally entitled or obliged to do so (for example, if required to do so by Court Order or for the purposes of prevention of fraud or other crime). We will only disclose and/or transfer your personal information to a third party having ensured that steps have first been taken to ensure that your privacy rights continue to be protected.
2.5 Transferring your personal data outside the EU
We may have to transfer your data to service providers outside the European Economic Area (“EEA”). However, we will only do so, after we have made sure that these third parties can provide adequate data protection and comply with the law. Before transferring your data to countries outside the EEA, we are obliged to verify that your information will be protected the way it would be if it were transferred to a third party from within the EEA.
4. What is the legal basis for the collection and process of your personal data?
Data security legislation dictates several reasons for which a company is allowed to collect and process customers’ personal information, including contractual relationship, your legal consent, and the company’s legal obligations and legitimate interest.
5. What are your rights?
We are obliged to be mindful of your legal rights when collecting and processing your personal information. In particular, you have the rights to:
a) Withdraw your consent to our processing your personal information at any time, by contacting us at email@example.com
b) Ask us to correct any inaccurate information or update your information
c) Ask us to erase your personal Information.
d) Restrict processing of your personal Information where, for example, the data is inaccurate, being processed unlawfully or where the data is no longer relevant to the specific purpose for processing. In such cases, We would retain the data but We would not process it further without your consent, or if processing your Information is for establishing, exercising or defending a legal claim, or for the protection of rights of other individuals, or for public interest reasons.
e) Request access to your personal Information
Please be aware that we will need to verify your identity before providing any personal information to you. We do this to protect your information. We may also ask you to provide us some additional voluntary information to help us process your request more efficiently.
If you wish to exercise any of the aforementioned rights, you can do so by contacting us via email, at firstname.lastname@example.org, or via post at GasPatch Models, El. Venizelou 74, 17676 Kallithea, Greece.
6. Security measures
We employ the proper technology and security policies to ensure that your data is protected and safe from any unauthorized and improper use.
If you have any complaints regarding our handling of your personal Information, we would appreciate the chance to deal with your concerns in the first instance. However, if you wish, you may contact the Hellenic Data Protection Authority (at dpa.gr)