Privacy Policy
1. Privacy Policy Scope
The company named “LEONIDOPOULOS VASILEIOS” with the distinctive title “Videotooth” based in Ilioupoli, Attica, Chalkokondili 30 street, 16326 (hereinafter as “Company”) through this Policy, aims to inform the users of this website https://videotooth.com/ (hereinafter as “website”) regarding their personal data. The Company as a Data Controller, collects and processes user’s personal data, with absolute transparency, for certain and legal purposes and in accordance with the applicable data protection legislation.
2. Definitions
For the purposes of this Policy, the following terms have the following meaning:
“Applicable legislation”: The national and EU data protection legislation and in particular the General Data Protection Regulation (EU) 2016/679, the Law 4624/2019 as well as the Decisions, Guidelines and Opinions of the Hellenic Data Protection Authority.
“Personal Data”: Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing”: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Data Controller”: The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
3. Collecting and Processing User’s personal data
Purpose |
Personal Data |
Legal Basis |
Creation /Management of User’s Account |
Username, password, email address, registration date, registered orders, billing/shipping address, first name, last name, wishlist products |
Article 6 para. 1(f) GDPR: the processing is necessary for the purposes of the legal interests pursued by the Company, which aims to improve the user’s shopping experience and to facilitate order’s management. |
Purchases/Order Management/Receipt Issuance (either in physical or online store) |
Name, Surname, Country, Region, City/Town, District, Address, Postal Code, Apartment, Phone Number, Email Address, Company VAT number and Company Name (for purchases by invoice), Voucher Code, Item, Quantity and Price of Product/s, receipt/invoice, transaction date, payment method (Credit/Debit Card, bank account deposit, cash at physical store location, Viva Wallet), order code, order comments. |
Article 6 para. 1 (b) GDPR: The processing is necessary for the performance of a contract to which the data subject is a contracting party or to take measures at the request of the data subject prior to the conclusion of a contract. Article 6 para. 1© GDPR: the processing is necessary to comply with a legal obligation of the Company. |
Aftersales support (withdrawals, returns, product guarantees, etc.) |
Name, Surname, Country, Region, City/Town, District, Address, Postal Code, Apartment, Phone Number, Email Address, Company VAT number and Company Name (for purchases by invoice), Voucher Code, Item, Quantity and Price of Product/s, currency, receipt/invoice, transaction date, payment method (Credit/Debit Card, bank account deposit, cash at physical store location, Viva Wallet), order code, order comments, warranty period, complaints, withdrawal requests, product replacement/repair requests, defective products reports, content of communication between the Company and the user. |
Article 6 para. 1(b) GDPR: The processing is necessary for the performance of a contract to which the data subject is a contracting party or to take measures at the request of the data subject prior to the conclusion of a contract. Article 6 para. 1(c)GDPR: the processing is necessary to comply with a legal obligation of the Company. |
Contact form |
Name, surname, email, phone number, company, further personal data that may be included in the user’s message/question. |
|
Use of Cookies in order to improve the functionality, the services provided to you, as well as the analysis of website traffic. |
Please visit our Cookie Policy |
Your free express consent (Article 6 para. 1 (a)GDPR) which you grant by accepting cookies, with the exception of necessary cookies which are permanently installed and are absolutely necessary for the operation of our website, for the which legal basis for processing is Company’s legitimate interest (Article 6 para 1(f) GDPR) |
Sending Newsletter emails, a) to customers whose emails have been collected from previous purchases, b) to users who have expressly consented to their registration to the Newsletter recipient list |
User’s email |
Article 6 para. 1(f) GDPR: the processing is necessary for the purposes of the legal interests pursued by the Company, in the context of maintaining the commercial communication/relationship with the user. Article 6 para. 1(a) GDPR: the consent of the Data Subject, consisting of an explicit positive action by the user when subscribing to the Newsletter. You can unsubscribe from the Newsletter recipient list at any time by selecting the “unsubscribe” or “unsubscribe” hyperlink at the bottom of all newsletter emails |
Using a video surveillance system (CCTV) for the protection of Persons and Goods |
Image data |
Article 6 para. 1(f) GDPR: the processing is necessary for the purposes of the legal interests pursued by the Company, which in this particular case aims to protect persons and goods |
Social Media Plugins |
Through the specific plugins, we can only access publicly shared information on the respective social networking platforms. The operation of the plugins is governed by the terms of the Privacy Policy of the respective platform. |
Article 6 para. 1(a) GDPR: the consent of the Data Subject, consisting of an explicit positive action by the user (selection of the respective social networking icon that takes the user to the corresponding platform). |
4. Data Retention Period
Your personal data is retained for a limited period, depending on the purpose of the processing, after which the data is deleted from our records. When the processing is imposed as a legal obligation, your personal data is kept for as long as the relevant obligations impose. Where processing is based on your consent, your personal data will be retained until you withdraw such consent.
5. Data Security
Considering the latest developments, the cost of implementation and the nature, scope, context and purposes of the processing, as well as the risks of different probability of occurrence and severity to the rights and freedoms of users from the processing, the Company take all necessary technical and organizational measures to protect your personal data. Although no method of transmission over the Internet, or electronic storage is completely secure, the Company takes security measures for your data.
6. Recipients
The staff and the administrative officers of the Company may gain access to your personal data, in order to achieve the above purposes, as described in section 1 of this Policy. Also, your personal data may be transferred to third parties, who have been entrusted with the processing of your personal data on behalf of the Company, such as shipping-courier companies for the delivery of your products, digital service providers (e.g. cloud, website hosting), to Company’s suppliers, in order to register the warranty of the product you purchased, etc. Both employees and the external partners/suppliers of the Company, to whom user’s data may be transferred, are contractually bound to the Company, with confidentiality clauses. Also, your personal data may be transferred to public authorities, independent authorities, etc. in order to the exercise of their duties ex officio, or at the request of a third party who has legitimate interest.
7. International Data Transfers
Your personal data collected are not transmitted to any third country outside the European Union (EU), or the European Economic Area (EEA). However, in case your personal data is transferred to a country outside the European Union (EU), or the European Economic Area (EEA), the Company will ensure that any of the special exemptions provided by the GDPR, applies.
8. Minors Data
The Company does not seek or obtain personal data directly from minors (i.e. under the age of 18). However, as it is impossible to always determine the age of persons who access and use our websites, we encourage parents or guardians to contact us if they notice any case of unauthorized data provision by minors in order to exercise accordingly their rights such as deletion of their data.
9. Your Data Protection Rights
As a user you have the following rights:
1)To request information about your stored personal data and the way it is processed
2)Teo request access to your personal data. More specifically, you can request a copy of your personal data held in order to check the legality of the processing.
3)To request rectification of inaccuracies or errors, correction of incomplete data or an update of your data.
4)To request erasure of personal data, if no longer retained for specific, legal or stated purposes.
5)To request restriction of processing a) when the accuracy of the personal data is contested, b) when the processing is unlawful (but you oppose the erasure of the data), c) when the data is no longer needed for the purposes of the processing, and d) for as long as the verification whether the legitimate grounds of the controller override those of the data subject are still pending.
6)To object on grounds relating to your particular situation, at any time, to processing of personal data, especially when this data is processed for direct marketing purposes or profiling.
7)To receive your personal data in a structured, commonly used and machine-readable format or transmit this data to another controller at your behest, where technically feasible and at all times under the specific conditions of the law.
8)To revoke your once granted consent for your data processing at any time. As a result, we will not be allowed to continue the data processing based on this consent in the future.
9) To a decision based solely on automated processing. In such a case, you may exercise your right of intervention.
You may address your requests via email info@videotooth.gr. We shall answer all your requests within one (1) month. In the extremely rare cases that such a fulfillment is proven unfeasible, we shall immediately inform you explaining the reasons in detail. If you believe that the provisions for personal data are being violated, you may file a complaint to the Hellenic Data Protection Authority (DPA).
10. Privacy Policy Updates
The Company may modify/revise this Privacy Policy in the future, in order to comply with its legal compliance obligations and to upgrade its website services.
Latest Update: April 2023