Protection Policy

The societe anonyme with the name “MACEDONIAN CLOTHING MANUFACTURING SOCIETE ANONYME” and distinctive title “MEKE SA”, attaches special importance to the protection of privacy and personal data of the subjects or employees or employees.

The Website www.redrockjeans.gr, is the official website and online store. The Administrator / s of the Website is Mr. Malamas Manafis (hereinafter referred to as the “Administrator or webmaster”).

 

Responsible for personal data processing :

Responsible for processing is the societe anonyme with the name “MACEDONIAN CLOTHING MANUFACTURING SOCIETE ANONYME” and distinctive title “MEKE SA”, with TIN: 094220832: 094220832, of FAE THESSA LASKARATOU number 11, phone: 2310310041 and e-mail address: meke@otenet.gr (hereinafter referred to as “Company” or “Processing Manager”).

1. How and what Personal Data we process through the website ;
   • Personal data is usually collected actively, ie it requires positive action of the data subject.
   • In general, the individual subject (eg customer, website user, etc.) may provide us with personal data orally (in person or by telephone), in writing (by sending or delivering documents or any other physical material) or and electronically (by registering on the website, as well as by sending a message to the relevant e-mail address or by filling in an existing contact form on the website or creating an evaluation) .
   • For example Electronics (will be analyzed below): we collect the data that you actively provide to us when you complete your order through the online store, or proceed to the registration process on the site, or when you participate in any various promotions that the company may conduct from time to time us (eg contests, draws, etc.)
   • In the above ways we actively collect and process, any personal data that is necessary, for the management and maintenance of the relationship between us, for the preparation and fulfillment of the contract between us, the pricing of the provided products and the execution of the purposes described below (see par. 5) .
   • Indicatively, the following table categorizes the data that we collect either actively in the ways mentioned above or passively through cookies (see par. 2)

 
Personal Data Table  

	Customer VAT (consumer)	Customer VAT (business)	Registered User	simple user
IDENTIFICATION DETAILS
[a] Name, Surname, Username, email	Χ	–	Χ	–
[b] Name, username, name of representative, email	–	Χ	Χ	–
CONTACT INFO
Address / headquarters (street, number, city, area, Region), telephone, e-mail	Χ	Χ	Χ	–
PRICING DETAILS
[a] Name, surname, address	Χ	Χ	Χ	–
[b] TIN, IRS, registered office, name	–	Χ	–	–
CONSUMER PREFERENCES / SHOPPING DETAILS
[a] Purchase products, products in cart, wish list, website language, browser details, selection of cookies	Χ	Χ	Χ	Χ
[b] Order history	–	–	Χ	–

  

1. How is passive data collection done?

• Both the regular and the registered user are informed, already upon their first login to the site with a pop-up window for Cookies and the Privacy Policy.
• The user can activate or deactivate cookies both in the environment of the website, through an automated tool (activation / deactivation) included in the above-mentioned pop-up window during the user’s first visit to the website, and through the browser used by user (like Google).
• Cookies are short texts of software code, which are sent for storage by the web server (server) of the sender of the cookie in the user’s terminal equipment, and have as basic function the recording and sending of stored data of the browser, to the sender. The use of cookies facilitates the access of the visitor / user to the website and the use of specific services, the areas that are useful or popular are determined and the effectiveness of the website is evaluated.
• From the company’s website, among other things, passive, personal data is collected regarding the user’s choices regarding the presentation of the website in order to understand how visitors use our website and to improve its structure and content, in order to reflect the special needs and their interests but also cookies necessary for the processing of your online purchases.

• Cookies table

Name	Features – Function	Duration
wordpress_logged_in	Used by WordPress to authenticate passwords and authenticate logged in users	ONE SESSION
woocommerce_cart_hash	Records and stores basket information, as a whole, when making a purchase, and detects when changes are made to the cart	ONE SESSION
woocommerce_items_in_cart	Records and stores information about the cart, as a whole, when making a purchase	ONE SESSION
wp_woocommerce_session_	It assigns each customer a unique code, so that the details of this cart can be found in the database when making a purchase.	ONE DAY
woocommerce_recently_viewed	Enables the operation of the “Recently Viewed Products” widget.	ONE SESSION
moove_gdpr_popup	Detects and stores the extent of the user’s consent to the passive collection of personal data through cookies	ONE YEAR
wp-wpml_current_language	Returns the user’s current language	ONE SESSION

 

1. Are children’s personal data collected?

• The Website is neither intentionally designed nor intended for minors under 18 years of age.
• The company policy is to never collect or knowingly store data about any person under 18 years of age.

1. What are the Purposes of Data Processing and Legal Bases?

• Any user can at any time refer to this full text of the Civil Protection by selecting the relevant link at the bottom of the site to be able to provide or not his consent, when required as well as to remove it at any time or to exercise the his other rights.
• In case you withdraw any given consent, we inform you that the company may continue to process some of your data, if there is another legal basis e.g. statutory obligation
• If you consent or there is some other legitimate reason (eg legal interest, contract, legal obligation, etc.), both we and the other recipients process your personal data for the following purposes and any other compatible purpose.

• Table Processing Objectives (indicative recording)

 

PURPOSES	COLLECTION AND PROCESSING ACTIONS	PROCESSING BASE
Compliance with the Legislation	E.g. Issuance and maintenance of a file of financial data and documents, delivery of documents to any control of the competent service, etc.	Obligation by law
Website functionality	E.g. Enter an email address in order to send a message, use cookies in order to complete the online purchase or keep the products in the cart, etc.	Legal interest
Preparation and Execution / Fulfillment of a Contract	E.g. Receiving and storing an order, Completing an order form, storing identification data / order products / shipping address, sending an email for order acceptance and updating its progress, completing and archiving a voucher for sending products, issuing and maintaining data (archiving documents) etc.	Contract Legal interest
Communication Service, Responding to requirements, fulfilling requests	E.g. Telephone or electronic communication on our part at a conventional and pre-contractual stage for information purposes, answering questions and complaints, etc.	Contract Legal interest Consent
Optimization and Upgrading of services provided	E.g. Market Data Analysis in terms of anonymity and confidentiality in order to draw conclusions and improve the services provided, Conduct tenders, etc.	Legal interest Consent

 

• The processing of your personal data is based on one of the restrictively mentioned bases of legality of the processing (Consent, Contract, Legal obligation, Vital Interest, Public Interest).
• More specifically, we collect and process your personal data in accordance with the following legal processing bases:

a. Processing for the execution of the contract (article 6 par. 1b GKPD):
For example, under this legal basis, we process your personal data:

• when accepting your proposal for concluding a contract between us and informing you about the availability and delivery time of the products
• when preparing and shipping the products you have selected
• when issuing financial data
• when completing a product shipping voucher

b. Legal right / obligation to process (article 6 par. 1c GKPD):
For example, under this legal basis we process your personal data:

• during the issuance and maintenance of the tax data / documents provided by law
• when disclosing information about your transactions with us to the tax authorities

c. Legal interest (article 6 par. 1f GKPD):

For example, under this legal basis we process your personal data:

• when we respond to questions or complaints that you submit to us through any available communication channel, such as, for example, via email or social media
• when we look at our customers’ consumer preferences to upgrade the services provided
• in resolving any legal dispute between us
• when after a previous transaction between us we send you advertising messages to your declared email address, explicitly reminding you of your right to oppose it

d. Consent (article 6 par. 1a GKPD):
For example, under this legal basis we process your personal data:

• when and if we provide them to third parties for other purposes
• when we examine the result of a competition in which you participate
• when we publish any of your ratings

1. Who has access to your personal data (recipients)?

• The company adheres to the rule of classified access to personal data. Your personal data is processed only by the staff of the company which is responsible for the respective responsibilities of the data processing purposes.
• In addition, some data may be processed by external collaborators and other processors (eg the accountant processes the issued documents) if this is necessary to meet the above purposes, and provided that the latter meet the specifications sets the GPA for the protection of personal data, undertake to maintain the necessary confidentiality, respect the rights of data subjects provided for in the Regulation and process them exclusively for the above purposes.

1. How long do we keep the data?

• Your personal data is kept only for the period deemed necessary to serve the above purposes of the collection and are deleted safely immediately afterwards, unless the current legislation provides for their continued maintenance (eg obligation to keep documents and accounting documents).
• In the event that the legal reason for processing them is the contractual relationship between us, if for any reason it is terminated, we may, in addition to the above, retain your personal data for as long as necessary until the relevant limitation period expires.
• Regarding the data that are collected passively, through cookies, the exact table for which they are kept is indicated in the above table (see par. 2).
• In case the legal reason for processing your data is the consent given by you, if it is revoked, within 5 days we will delete them, unless there is another legal basis e.g. a legal obligation, in which case we continue to maintain them for as long as necessary.

 

1. What general principles do we use when processing your personal data?

• In the course of our work, we ensure that the processing of personal data is based on one of the restrictively mentioned bases of legality of the processing (Consent, Contract, Legal obligation, Vital Interest, Public Interest) and on the other hand is in accordance with them. rules and principles provided by Regulation (EU) 2016/679 and Law 4624/2019.
• The purposes of the processing are clear, legal and known in advance to the data subject, while the data collected is as much as is required for these purposes and is retained as long as is required for their implementation.
• We take adequate organizational, technical and physical security measures to prevent risks such as loss, unauthorized access, destruction or illegal use.

 

1. What are the rights of the data subject and how can he exercise them?

• Right of Access: Each subject has the right to request confirmation whether or not their personal data is being processed, and if so, access to information concerning the purposes of the processing, the categories of data and their recipients. If the personal data is processed by electronic means and in a structured and commonly used format (eg collection through the website), the user receives a copy of the data that equally concerns him in a commonly used electronic format.
• Right of Correction: Any subject may request the correction of inaccuracies or the completion of incomplete personal data
• Right to Oblivion: Any subject may request the deletion of his personal data by revoking his consent, unless the obligation to retain personal data is imposed by applicable law or their processing is based on a valid legal reason other than consent (e.g. . Legal interest).
• Right of Portability: Each subject has the right to request and within a reasonable time to receive personal data provided to the controller to read it to another controller
• Right to Object and Restrict Processing: Any subject may intervene by suspending the processing of his data, if verification of its accuracy or the legality of the processing is pending.
• Right to file a complaint: Any subject can file a complaint before the Personal Data Protection Authority (Personal Data Protection Authority, Offices: 1-3 Kifissias, PC 115 23, Athens Call Center: + 30-210 6475600, www .dpa.gr), if he considers that his rights are violated in any way, after having previously exercised them before the controller, without a satisfactory response within a reasonable time.
• In order to exercise the above rights, the data subject may contact the controller via e – mail. Further specifically with respect to the personal data of the subject collected through the website, the access and deletion rights can be exercised through an automated process, by clicking on a relevant link at the bottom of the website and registering the relevant request. In this case, the user receives a copy of the data concerning him in a commonly used electronic format.
• These rights are exercised free of charge, unless they are repeated frequently and due to volume have administrative costs for us, in which case the subject will be charged with the relevant costs. The controller complies as soon as he has become aware and within a reasonable time with the exercised right, while he has the right to refuse to comply with it if his exercise is contrary to the law, or conflicts with another superior.
• Compliance with certain rights may lead to unjustified inability to fulfill contractual or pre-contractual obligations of the company.

 

1. What security measures are taken by the company?

• The company receives appropriate organizational (Indicative: Data access classification, proper physical file management which is maintained only when necessary due to the nature of the data, insurance for loss), technical (Indicative: Authentication – User authentication, backup, encryption, firewall ) and physical security measures (prohibition of access by unauthorized persons) in order to ensure the security of the personal data processed, as well as their protection against accidental or unlawful destruction, loss, alteration, prohibited dissemination or any other form of unlawful processing.

 

1. Protection Policy Updates
   

• The company may update, supplement or modify this Personal Data Protection Policy, in accordance with the applicable regulatory and legislative framework, at which time it will post it on the website redrockjeans.gr