The protection of your personal data is very important to us. This notice aims to inform you about the type of personal data we collect, how we process them, how they are protected and your rights against this processing, regarding the services we provide or during your visit to our website.
Definitions
The terms “we” and the “Company” refer to the single-member private company under the name “VENDORA B.V.”, based in Athens, Odysseas Androutsou street no. 35. The terms “you” and “user” refer to any person who visits or uses this website.
The terms “website” and “website” refer to this website, which, along with its entire content, belongs to the Company.
The term “GDPR” refers to the General Data Protection Regulation, namely Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC.
Import
In our effort to protect and safeguard the privacy and personal data of users/visitors of this website, we have so far implemented a series of actions, rules and procedures to ensure our full compliance with applicable European and national legislation. This Privacy Notice (hereinafter referred to as the “Notice“) aims to inform the data subjects, in accordance with Articles 12-14 of the GDPR and the relevant articles of the Law (art. 31 et seq.).
Please read the Notice carefully in order to be informed about the data processed by our Company, how they are protected and what your legal rights are.
Our Company processes your personal data based on the performance of the contract and/or compliance with other legal obligations. In addition, our Company may process your personal data based on the consent provided through our website and provided that you have been previously informed, in accordance with this Notice, about the type of data, the purpose/purposes, the extent of processing and any recipients thereof. Your consent can be withdrawn at any time by contacting us at support@vendora.gr.
In any case, by visiting our website and/or using our services, each natural person accepts this Notice, which is an integral part of the Terms of Use, in conjunction with which it should be read and interpreted, and is bound by these terms.
What are “Personal Data” and “Processing of Personal Data” (Article 4 GDPR)
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available; association or combination, restriction, deletion or destruction.
Personal data we collect and purpose of processing
In order to safely use the services provided by our website, you will need to create an account. By creating the account, we collect, at least, name and e-mail address. In addition, we collect on a case-by-case basis the following personal data of users:
- In case you wish to use our services as a potential buyer: name and e-mail address.
- In case you wish to use our services as a seller in order to post an ad: name, e-mail address, area of residence and telephone number. Optionally, you can also enter your street and/or street number and photo.
- If the transaction occurs through the use of the Escrow & Payments Application (EPA) as provided in the Terms of Use, you must also provide us with your bank account number (IBAN), full address (i.e. street, number, zip code, city, country), telephone number and a copy of your passport or ID card in the “Identification of Information” (KYC) box. Please note that when you use EPA we act as processors on behalf of Mangopay, which is the controller of your data, in the context of providing its services, as detailed in the Terms of Use.
- By filling out the contact form on our website just to contact us, whether you have an account or not, and with your consent: name and e-mail address.
Please note that we may keep a record of e-mails, other messages and generally any written communications you have exchanged with us for any reason, for a period of five (5) years, unless otherwise specified or required by applicable law. In addition, your communication with other users through the website is not private and we may record and keep it on file for security reasons and in order to ensure compliance with the Terms of Use.
All information provided through the website (except credit card information) is entered into our databases by electronic automated means or otherwise.
The aforementioned personal data is processed only for the following purposes: a) contacting us, upon your request, b) receiving information about our services and any other information you wish to know, including website updates, with your consent, c) fulfilling the purposes of providing services as described in the Terms of Use, d) administering the website and improving the services provided, in order to prevent any prohibited or illegal activities, e) compliance with obligations imposed by laws, regulations or Community legislation (including anti-money laundering laws) and the establishment or defence of a legal claim, f) sending promotional, advertising and information messages about our services with your consent, g) to create anonymous information files and/or providing benchmarking and aggregated statistics about our services to third parties and h) to enforce the Terms of Use. Your personal data will not be used for purposes other than those set out above, unless we obtain your prior permission or unless required or permitted by applicable law.
We do not publish or disclose your personal data to third parties, unless it is necessary for the provision of our services, the performance of the contract and/or with your consent.
Rights of the data subject:
If you have provided us with your personal data, you can exercise your rights (art. 15 et seq. GDPR and art. 33 et seq. of the Law), including the right of access, the right to rectification, the right to restriction of processing, the right to be forgotten and the right to data portability, where technically feasible, by contacting us via email at support@vendora.gr . Where processing is based on your consent, you may revoke it at any time, without affecting the lawfulness of processing based on consent before its withdrawal. We inform you that you have the right to appeal to the Hellenic Data Protection Authority (HDPA) for issues relating to the processing of your personal data. For more information, you can visit the Authority’s website using the following link www.dpa.gr.
In case of exercising one of the above rights, we will make every effort to respond to your request in writing, within one (1) month, otherwise the reasons why a right cannot be exercised or a request cannot be satisfied in accordance with the GDPR will be explained.
We advise you to keep your personal settings and personal data complete, accurate and up to date. In case it is found or reasonably considered that your personal data is not true, accurate and up to date, we reserve the right to reject your request for registration or suspend or terminate your account immediately without notice, in order to protect other users/visitors.
Where required by applicable law, we will ask you to opt-in or affirmatively consent to the processing of your personal data.
Transfer and retention of personal data
Our Company does not disclose or transmit your personal data to third parties, unless this is required by law or constitutes a necessary action in order to provide you with our services. The servers that make this website available, as well as the databases in which the information is stored, may be located outside Greece, but always within the European Union. The Company has created a circle of reliable partners, properly trained in protecting your privacy and personal data and constantly improving the measures to protect your personal data from unauthorized use, accidental loss, dissemination or destruction.
Personal data retention period
We retain your personal data for as long as your account and/or the contract between us is in force and provided for by applicable law. If we have no legal obligation to do so, we will delete your data as soon as it ceases to be necessary for any of the above purposes. The data you communicate to the Company through the contact form is stored for a period of one (1) year, unless otherwise specified or required by applicable law.
Safety
Our Company implements appropriate technical and organizational measures to protect your personal data. Regarding the processing of your personal data, our Company selects persons with relevant professional qualifications, who provide sufficient guarantees in terms of technical knowledge and personal integrity to maintain confidentiality. Our Company uses a range of security technologies and organizational procedures to protect your personal data, such as encryption methods, firewalls, antivirus.
In particular, in order to protect our website, we use encryption methods when personal data is transmitted between your system and ours, and we install firewalls and intrusion detection systems to prevent unauthorized access to your information. Through continuous checks, we ensure the secure transmission of information and the uninterrupted use of the website, free from possible malware (e.g. viruses) and from possible unauthorized access to users’ personal information.
Children
Our website is a general traffic area and we do not intentionally collect personal data from children under the age of 15. Children should always obtain their parents’ permission before disclosing any personal data about themselves (such as names, email addresses, etc.).
Cookies
Cookies are small data files, consisting of texts and numbers, that are stored in the browser you use (eg Chrome, Mozilla Firefox, Internet Explorer) and contain information that allows the website to memorize important information in order to make the use of the website Vendora.gr more effective and useful for you. Cookies allow us to activate certain information to facilitate your navigation regarding the provision of the service. For more information on the use of cookies, please consult our Cookies Policy.
Third Party Websites
During the online use of our website, you may encounter links to other websites for your convenience and information. These websites may operate independently of our Company and may have their own notices, statements or privacy policies. We recommend that you review them in order to understand how they may process your personal data in relation to these websites, as we are not responsible for the content of non-Company websites or for managed websites or for the use of privacy policies of these websites.
Updates in Notification
The Company reserves the right to change or modify this Notice at any time, without notice, in order to monitor and ensure ongoing compliance with the requirements of the GDPR.
Such changes, modifications, additions or deletions to the Notice will take effect immediately, i.e. from the moment they are posted on the website. Any use of the website after such change or modification is considered as acceptance by the user / visitor of changes, modifications, additions or deletions.
Contact us
For any further questions or comments regarding this Notice and how we handle your personal data, please contact us by email at support@vendora.gr email address.