Privacy Policy

What are personal data?

Personal data are data that can be used to identify a natural person and the protection thereof is important for us. Our aim is to show the maximum honesty and transparency possible regarding the personal data we collect as well as the way we process them pursuant to the EU General Data Protection Regulation (GDPR). Our e-shop bonatsahouse.com fully shares your concerns regarding your personal data.

How we collect or obtain personal data?

Our website “Bonatsa House” collects or obtains data from you through our websites as well as through forms, applications and devices, product websites on social media or in other ways. These personal data are either provided directly by users or collected (e.g. by using cookies in order to understand how our websites/applications are used) or by third parties. The legal basis for the processing of the personal data of the users of “Bonatsa House” website is:

  1. Users’ express consent and agreement to process their personal data (e.g. when you choose to receive a newsletter).
  2. Legal grounds: when processing is required by law or is necessary for the data processor in order to conform with a legal obligation
  3. Legitimate interest: In certain cases, we collect users’ data in order to achieve our company’s legitimate interests, provided that the data subjects’ interest, fundamental rights and freedoms do not take precedence over them

Purpose of personal data processing

“Bonatsa House” website processes your personal data for the following purposes:

  • to contact users
  • to inform users about the websites activities (e.g. newsletter)
  • to conclude and execute contracts with users
  • to exercise its legal rights and to conform with its legal obligations
  • to upgrade the website’s products and services as well as to optimize the website functions.

Subjects’ rights and choices

“Bonatsa House” respects its users’ right to the protection of their privacy. The subjects’ rights are as follows:

1. Right to information

Users have the right to receive concise, transparent and intelligible information about the way we use their personal data and the way they can exercise their rights.

2. Right to access

Users have the right to access the personal data concerning them that are kept by the website (subject to certain limitations).

3. Right to rectification

Users have the right to request the rectification of their personal data if the latter are false or not updated or/and to complete them if they are not complete.

4. Right to erasure/right to be forgotten

Users have the right to request the erasure of their personal data pursuant to the provisions of article 17 of the GDPR. It is noted that this is not an absolute right, since the e-shop may be reserve legal or reasonable grounds to keep the personal data pursuant to article 17 of the GDPR.

5. Right to withdraw

At any time their consent for the processing of their data that is performed on the basis of their consent. Users can withdraw their consent for the processing of their data by the website when such processing is based on their consent. Withdrawal of their consent does not affect the legality of any processing performed on the basis of their consent before the withdrawal.

6. Right to file a complaint with a supervisory authority

Users reserve the right to contact the Hellenic Data Protection Authority (HDPA) and file a complaint regarding the practices of data and privacy protection implemented by the e-shop.

7. Right to data portability

Users have the right to move, copy or transfer data from our database to another one. This applies only in the case of data processing under a contract or on the basis of their consent or when such processing is performed with automated means. This right is exercised subject to article 17 of the Regulation and cannot affect negatively the website’s or any third parties’ rights and freedoms.

8. Right to object to direct marketing purposes, including profiling

Users may at any time delete their subscription to the website or social media or object to receiving notifications for direct marketing purposes or profiling.

9. Right to restriction of processing

Customers reserve the right to request the restriction of processing of their data. This right means that the processing of users’ data is subject to limitations, and, thus, from now on it is possible to store but not to use or further process such data.

This applies to limited cases set out in the General Data Protection Regulation and are as follows:

  • the accuracy of the personal data is contested by the data subject, for a period enabling the data processor to verify the accuracy of the personal data;
  • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
  • the data processor no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;
  • the data subject has objected to processing pursuant to the data processor’s legitimate rights pending the verification whether the legitimate grounds of the data processor override those of the data subject.

The aforementioned subject’s rights are subject to the limitations set out in article 23 of GDPR. In order to process such requests, our website “Bonatsa House” is obliged to request the confirmation of the subject’s personal details and identity before it may proceed to satisfy such requests.

Retention period of personal data

Our website “Bonatsa House” retains users’ personal data for as long as needed and for the purpose for which it retains such data, in the context of providing its services or conforming with our legal obligations.
Our website “Bonatsa House” may retain some users’ personal data in order to conform with legal or regulatory obligations (e.g. tax and commercial law) as well as in order to be able to manage its rights or for statistical or historical reasons.

Data processor

Responsible for processing the users’ data, whether by automated means or not, whether himself or by appointing and authorizing any other person who will do so on his behalf, is mr. Fakos Vassilios.

Changes to protection of personal data policy

This protection of personal data policy may be amended at any time. Therefore we recommend that you should refer to it regularly. In the event of any amendment, the date thereof will be mentioned. The protection of personal data policy, as it has been amended by the latest amendment, is considered always applicable.

Contact Details

For any questions or concerns about the way our website “Bonatsa House” manages and uses personal data or if you wish to exercise any of the aforementioned rights, contact our office by sending an e-mail to INFO@BONATSAHOUSE.COM.

About the server of this website

All traffic (file transfer) between this website and your browser is encrypted and transferred through HTTPS protocol using SSL (Secure Sockets Layer).

Why this website collects personal information?

This website collects and uses personal information for the following reasons:

1. Monitoring visits to websites

Like most websites, this website uses Google Analytics (GA) to monitor users’ activity. We use these data to identify how many persons use our website, to better understand the way they find and use our web pages and to see their path through the website. Although GA records data such as your geographical location, your device, your browser and your operation system, none of this information reveals your personal identity to us. GA also records your computer’s IP which could be used to identify you, but Google does not give us access to this. We believe that Google is a third-party data processor compliant with the requirements of the European legislation.

2. Contact forms and e-mail links

If you choose to contact us through a contact form or our e-mail link, none of the data you provide will be stored in this website or transferred or submitted to processing by any third-party data processor, as defined in section “Our third-party data processors” below. On the contrary, these data will be sent to us by e-mail through SMTP protocol (Simple Mail Transfer Protocol). Our SMTP servers are protected by TLS security protocol (also known as SSL), which means that the e-mail content is encrypted before sent through the Internet. The e-mail content is decrypted by our local computers and devices.

More From Antiparos Lifestyle