1. Personal-date protection and data protection & cookies
Data have to be collected as an obligation when it is necessary that they are collected and processed.
Our company shall never sell, lease or distribute in any way or publish your personal data.
. Cookiesare small text files stored in our browser during our activity on the Internet. Their purpose is to notify the website visited by the user about their previous activity. Usually, if not always, they describe our information such as user name and password* in order that upon our next visit to the website we shall be “remembered” and no login shall be required.
Cookies may come from the website that we have visited or a different one (third-party cookies), for instance through advertising. There are programs able to clean the system from malicious software and if the user wishes to delete them, this feature is offered through the browser.
*nakascheese.gr website does not require or use your personal information such as user name and password.
2. Relevant legislation
This site is designed to comply with the following National and International laws/regulations regarding data protection of users’ privacy:
- EU Data Protection Directive 1995 (DPD)
- General Data Protection Regulation 2018 (GDPR)
- United Kingdom Data-protection Act 1988 (DPA)
3. Personal information collected by this site and why we collect it
This site collects and uses personal information for the following reasons:
3.1 Website traffic monitoring
Like most sites, this site also uses Google Analytics (GA) to monitor user activity. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and see their movement through the website.
Despite the fact that GA records data such as your geographic location, your device, your browsing software and operating system, none of this information shall reveal your personal identity to us. GA also records your computer IP that could be used for your identification but Google does not provide us with access to it. We consider that Google is a third-party institution of data processing.
Disabling cookies in your browser shall prevent GA from monitoring any part of your visit to this website’s pages.
3.2 Forms of communication and email links
If you choose to contact us using the contact form “Contact Us” or a similar email link, none of the data you provide shall be stored from this site or transferred or processed by any third-party data processor as defined below in the section 6.0. Instead, these data shall be sent to us via an SMTP protocol (Simple Mail Transfer Protocol).. Our SMTP servers are protected by a TLS security protocol (sometimes known as SSL), meaning that email content is encrypted using SHA-2, 256-bit-type encryption before being sent over the Internet. The content of the email is decrypted by our local computers and devices. Also, our e-mail platform is hosted by Microsoft using Office 365 which is fully compatible with GDPR.
3.3 E-mail newsletter
If you choose to participate in our e-mail newsletter, the email address you submit shall be forwarded to MailChimpthat provides us with marketing services for our e-mail. We consider MailChimp to be a third-party data processor (see section 6.0). The e-mail you submit shall not be stored in the database on the website or on any of our computer systems.
Your e-mail address shall remain in the MailChimp database for as long as we continue to use MailChimp’s email marketing services for our e-mail marketing or until you explicitly request it to be removed from the mailing list. You can do this by using the delete link that contains all the e-mail newsletters we send you.
If you are under 16, you MUSThave your parents’ consent before signing up for our email newsletter.
As long as your e-mail address remains in the MailChimp database, you shall be receiving periodic (about once a month) e-mail newsletters from us.
4. How we store your personal information
As described in detail in Section 3 above, some personal information shall be stored in the database of this site. This data is stored in pseudonymous form, that is, the data require additional processing using a separately stored ‘key’ before they can be used to identify a person.
Pseudonymization is a GDPR requirement that we have implemented on this site.
5. About the server of this site
All web traffic (file transfer) between this site and your browser is encrypted and transferred through the HTTPS protocol (SSL).
6. Our third-party data processors
We use a number of third parties to process personal data for us. These two entities have been carefully selected and all comply with the legislation set out in section 2. Both of these entities are based in the United States and are in agreement with the EU-US Privacy Shield.
7. Data breaches
All necessary steps shall be taken to secure any of your personal information stored in this website or database of any third-party data processor to anyone and to all relevant stakeholders as well as authorities within 72 hours of the violation if it is obvious that the personal data that is stored in recognizable form, have been stolen.
8. Data controller
The editor of this site is: N. Nakas & Sons CO , Kampos Ampelakiou Amfilochia, 30500, Greece