Information about your Data Controller
- The kind of data we collect for you and the collection methods.
- The purpose of collecting and processing your personal data and the legitimate basis for processing.
- The security measures we take to protect your data.
- The retention period of your data.
- Your rights and how you can access them, as well as your choices regarding collection and processing of your data.
- Protection and storage of your data.
Data Controller: Wild Souls (Areti Kyriotou), 36 Voulis Str., Athens, 105 57, contact number: 210 323 1438, e-mail:
Information we collect
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”). We collect such information when you use, or interact with it through our website. Specifically:
- If you visit our website, official social media accounts or if you open a member account.
When communicating with us in the Company’s social media (Facebook, Instagram, etc.), you provide us with your personal information, such as ID, contact, or transaction details, which shall be used on a case-by-case basis only to process your request.
While browsing the site, you may be asked to submit some personal details (such as your identification and contact details, e.g. full name, home address, e-mail, contact number, etc.) in order to ensure that you shall take advantage of certain benefits. For example, when you consent to promotional communication (newsletter) and updates on our activities.
In addition, when creating a personal account through our website, you are required to enter your name, e-mail and a password. Through your personal account you can create your wish list for your favorite products.
- If you are a supplier, please click here.
- If you are a customer or prospective customer.
When submitting your online order, you must provide us with your name, shipping address, email, contact number and payment details (credit / debit card, etc.). Furthermore, to complete the purchase we need your ID card number, Passport Number, TRN, and the competent Tax Office. The date of purchase, as well as the method of payment and shipping shall also be stored upon purchase.
Wild Souls collects the above data when provided through the conclusion of a product sale contract or when you use the online store (e-shop) of our company to make your purchases.
Specifically, secure transactions are ensured by use of a credit/debit card: our online store accepts Mastercard, American Express, Visa, Maestro, or any other bank using the SSL (Security Certificate & SSL Technology) Security Protocol, the confirmation of which is achieved using the 3D Secure Network by VISA and MASTERCARD.
All card payments are processed through Stripe, Paypal, Vivawallet e-payment platform and bank transfer, and they use TLS 1.1 encryption with Secure Sockets Layer (SSL) 128-bit encryption protocol. Encryption is a way of coding the information until it reaches its recipient, who shall be able to decode it using the appropriate key.
Our online store shall not collect or store your credit card details in any way, thus you need to re- enter them each time you use your credit card for transactions through our website.
In case you become our customer, Wild Souls would like to inform you that it shall process customer data that has been provided to us during a purchase or any other transaction for direct commercial communication on relevant products or purposes. In particular, we shall process your email and mobile phone to send you emails, SMS/VIBER messages or any other multimedia regarding promotional activities, provided you are not opposed to receiving such commercial communication. In such a case, you may require such a communication to be stopped (opt-out) by pressing the “unsubscribe” button in the relevant email or by contacting us otherwise.
Data collection by automated means
When you interact with our website, we also collect certain information from your device or the web browser you use by automated means (“cookies”). By using cookies and other similar technologies we collect and/or generate data about your preferences, which newsletters you open and which you don’t, their content and your interaction with us after each newsletter, data about the devices through which you visit our Website, for example the Internet Protocol (IP) address, browser type and version, operating system and platform and other technology on the devices used to access our Website, data about the page from which you signed up and the page you visited when you left, etc. For more information on how we use “cookies”, please click here.
Information concerning minors
This site and its services are not intended for minors (aged under 16 years). We shall not collect personal data from children under 15 years of age without the consent of their parents or guardians, while any personal information submitted by minors aged under 13 shall be deleted. If you are a parent or a guardian of a child aged under 13 and you are worried that your child has provided us with their personal details, please contact us at firstname.lastname@example.org.
Why do we use your personal data?
We use your data to:
- contact you about issues related to the sales of our products to you;
- receive your orders, process them, and ship the products to you;
- manage, handle and process your payments, including the security of our financial transaction and issue of invoice;
- handle any complaints you may have;
- serve you as a Member by opening an Account with us;
- create, keep, maintain and analyze a clientele database;
- have commercial communication through newsletters, SMS, or other multimedia (VIBER) regarding our Company news, products, offers, and promotions;
- understand and analyze the results of our ads and promotional activities;
- handle your requests, such as withdrawal, product replacement etc.;
- enforce your rights regarding your personal data;
- secure your transactions;
- analyze and improve business activities, such as marketing and optimizing our products, streamlining your experience and service in our Online Store, as well as update your experience in our Online Store
- carry out market research, statistical analyzes, marketing strategies, as well as manage marketing campaigns; inform you about potential opportunities to participate in marketing or promotional initiatives;
- detect, prevent and deal with fraud or other illegal activities;
- protect our or any third parties’ rights and assets.
Other purposes: we may use your data in other ways. In such a case, we shall promptly notify you when collecting the data, while we shall make sure we have your consent, where required, before processing.
To fulfill these objectives, we shall collect and process only the data that are compatible with the purpose of processing.
Who are your personal data disclosed and/or transferred to?
The personal data collected may be disclosed to third parties. More specifically:
- To any competent supervisory, public or judicial authority, where the applicable legal framework or a court decision so requires.
- To other cooperating third parties, entrusted with processing on our behalf and committed to providing an equivalent level of data protection, such as law firms, business consulting firms, accountants, advertising companies, IT product suppliers and/or service providers and/or support service providers of all kinds of computer-based information systems or electronic systems and networks, courier service companies, etc.
We shall not disclose your personal data to third parties outside the European Union in countries that do not offer an adequate level of data protection. However, in the event that such data transfer is required, we shall take take all possible measures to safeguard your data.
Legal basis for the processing of your personal data
Processing of your data has the following four legal bases:
- Execution of a contract: when data processing is essential in order to fulfill our obligations pursuant to a contract.
- Legal Obligation: when processing is necessary so that we can comply with obligations established by the law, such as maintaining financial data of transactions for tax purposes, or providing information to a public body or law enforcement authority.
- Legitimate interest: we may process your data when we have a legitimate interest in carrying out a lawful activity in order to ensure the continuity of such activity, provided that it does not override your interests.
- Your consent: we may occasionally ask for specific authorization in order to process some of your personal data. Processing of your data shall be carried out only after being given your explicit and informed consent. You may withdraw your consent at any time, with no retroactive effect, by contacting us at email@example.com.
Pursuant to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation [GDPR]), your rights are the following:
- Right of access to personal data being processed.
- Right to rectification of inaccurate or incomplete data.
- Right to erasure (“right to be forgotten”) of your personal data.
- Right to limitation of data processing.
- Right to data portability to you or to third parties. You shall have the right to receive the personal data concerning you, in a structured, commonly used and machine-readable format, or request that it be forwarded, under the conditions authorized by the law, to another data controller, as long as this shall not adversely affect the rights and freedoms of others (only for the automated processing of information that you consented to provide or for the execution of the contract between us).
- Right to object, at any time, to processing of your personal data. We may not satisfy this right of yours if the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
- Right to lodge a complaint before the Data Protection Authority (www.dpa.gr), if you consider that your rights have been violated in any way (Right to lodge a complaint with a supervisory authority). Postal Address: 1-3 Kifissias Avenue. P.C. 115 23, Athens, Call center: +30 210 6475600, e-mail: firstname.lastname@example.org
For further information, as well as the exercise of the above rights, please contact Wild Souls – Areti Kyriotou, 36 Voulis Str., Athens, 105 57 in writing or at email@example.com. Normally, your request shall be granted within one month of receipt. Information, notifications, and all actions taken under Articles 15 to 22 and 34 of the GDPR, shall be free of charge.
Personal Data Security & Retention
Your personal data shall be retained only for the time required for the purposes of processing, i.e. for the duration of our contract, your consent, our legal obligations (such as compliance for tax purposes) and our legal interest in each case.
The procedure of personal data processing shall be carried out in a way that ensures its confidentiality. Appropriate technical and organizational measures shall be applied to ensure the appropriate level of security of your data against accidental or unlawful destruction, accidental loss, alteration, unauthorised disclosure or access or any unauthorised form of processing.
The data provided shall be protected by appropriate information security techniques to ensure both their secure transmission via the internet and their secure storage in Information Systems. For your safe navigation in our online store (e-shop), as well as for the security of your transactions, the Company shall take all appropriate measures by adopting modern, high quality security standards according to market trends, such as the high level encryption technology SSL (Secure Socket Layer), enabled during the input of sensitive personal data, offering 256-bit encrypted communication.
All third parties who may receive your personal data shall be required to have all the appropriate technical and operational security measures in place to protect your personal data, in accordance with Greek and EU legislation on data protection.
Special Data Categories
You are kindly requested not to disclose your banking details, or any sensitive personal data via e-mail. In no way shall the processing of such data serve the purposes of processing, as set out above.
Our website contains links to other websites. This privacy statement on the protection of personal data shall not apply with regard to access of users to other websites.
Please refer to the privacy policies of these websites for more information on how they handle your data.
This policy was last updated on November 4, 2020.
- We would like to inform you that this policy may change from time to time. In such cases, you shall be informed through push-notifications on our site.
- If there are any substantial changes to your data processing, you shall receive prior notice or –where required- you shall be asked for your consent before the new policy is implemented.
For any queries or comments regarding this Policy, as well as the practices we follow, please feel free to contact us at firstname.lastname@example.org.