Who we are
– What personal information do we collect from the people visiting our website?
✓When browsing our site, you may enter your name, surname and email and submit a message by using a form which appears at the bottom of the website. ✓When you sign up to abr.gr you must provide your full name, telephone number, email and password. ✓In case you want to buy an advertised item or place an order, you will be prompted to provide more information about yourself -such as, the address of your residence (road number, road name, city, ZIP code, country), the shipping address of your choice so as to receive your order, and your VAT number in case you are a trader.
– When do we collect the above information?
✓We collect information from you when you fill out the form which appears at the bottom of the Home Page and Contact Page of the website (titled “Contact Us Now”). ✓We also collect information when you fill out the form which pops up after you click the Register button -which appears at the top and bottom of the homepage. ✓More information is collected by our e-commerce platform when you decide to place an order and buy an advertised item. ✓In addition, we may collect your name and email address from third parties when you register and login to abr.gr using single sign-on (SSO) -such as Facebook and/or Google.
– How do we use your information?
✓We may use the information we collect from you (your name, surname and email) when you send us a message so as to stay in touch with you. ✓We use your information in order to send our newsletters, receive marketing communications about us and our clients or learn more about our affiliated websites. ✓We may also promote our marketing efforts, promotional campaigns and events by sending to you relevant information and asking you to participate. ✓When you register to abr.gr, we use your personal information in order to create your personal account. ✓You may access your account by using an email/password combination. Your password is only visible by you -that is, the administrator of abr.gr can not access it or read it. ✓You are advised to use a complicated password in order to make it difficult for others to guess or find. Avoid numbers in sequence (e.g. 123456, your date of birth and any other simple, easy or evident combination of words or letters. Try to use a complex combination of number, letters, or characters so as to come up with a unique and difficult-to-guess password. ✓In order to register, you may also use your Google or Facebook account information and establish a secure or faster connection -this is called single sign-on (SSO). You may then access your abr.gr dashboard by using your Google or Facebook account information. ✓When you place an order or want to buy an advertised item, we use your personal information to process your order and issue a receipt or invoice. We may only pass your personal information to those third parties involved with order processing, payment or dispatch (such as a shipping company, a postal or courier office). In case you submit your credit card details, all such information is encrypted and safely handled by the payment platform you choose (e.g. VIVA Payments or PayPal).
– How do we protect your information?
Our website is regularly scanned for security gaps or vulnerabilities so as to ensure that your visit to our site is as safe as possible.
Your personal information is kept behind secured networks and is strictly accessible by only a limited number of persons who have special access rights to such systems, and who are required to keep the information confidential.
Your information is protected by a secure connection -for example, passwords or credit card numbers remain safe thanks to an encrypted connection. We are using security protocols to ensure the security of data. This is why our domain name starts with https:// (letter “s” stands for “secure” after the “http” prefix). For example, Chrome (Google’s browser) identifies our site with a “green” lock as SECURE (you may find the SECURE “green” lock in Chrome’s address bar).
Each registered user has access to a personal dashboard after signing up or logging in. If you exchange messages via your dashboard, your e-mail remains invisible while you communicate with others. It will only be revealed if you decide to send it to those interested in your ad. Our system will never reveal or show your e-mail to others unless you include it in the ad’s description or a message (an action which is not recommended).
– About Third-party Disclosure
We do not sell, trade, or otherwise transfer to non-affiliated parties your personal information. This does not include website hosting partners and other parties who assist us in operating or maintaining our website, running our business, or serving our users. We agree with these parties to keep this information secure, confidential and private. In addition, we do not provide non-personally identifiable visitor information to other parties for marketing, advertising, or other purposes.
– Third-party Disclosure for Joint Marketing Events & Digital Assets
If we send to you an email and invite you to register and participate in a joint marketing event or digital asset, you will be prompted to opt-in and give us your consent before we provide your registration information to third parties & partners. If you give us your permission we may then pass your information so as to be used by third parties in marketing and in designing or providing their own services, to send you information about their products and to notify you if you win a contest. You may opt out of abr.gr providing such information by opting out of our email newsletter and/or not registering for joint marketing events. You have the right to contact the third party directly who may already be sending you messages and request that these communications stop, and to review their privacy policies.
– Third-party Links
We may include or offer third-party products or services on our website. You are reminded that these third-party websites have separate and independent privacy policies. As a result, we can not assume any responsibility or liability for the content and activities of these linked sites. However, we are particularly careful about the integrity of our site and would thus ask from you to provide your opinion about these sites if anything goes wrong or looks suspicious.
– Children Online Privacy
We do not specifically market to children under the age of 16 years old. If you are under 16 you may browse our website with the presence and supervision of your parents or guardians only, otherwise we assume that you are above the age of 16 years old.
– Contacting the Data Protection Officer (DPO)
The owner of the website abr.gr is based in Greece. Our full address is: SAVAS KALFAS-abr.gr, 24, V. Kornarou Street, Thessaloniki GR 54655, email: email@example.com, website: www.abr.gr, tel. no. +302152154903. We are actively seeking to respect and comply with all the rules prescribed by the new GDPR. If you have any questions or complaints about how we process data and information, you may contact abr.gr’s Data Protection Officer (DPO): Mr. Savas Kalfas, email: firstname.lastname@example.org.
– Filing complaints
You also have the right to inform the Data Protection Bureau of your country or the respective Greek Bureau if you think that abr.gr is not complying with GDPR guidelines.
– Data subject rights
Every data subject whose information is kept and processed by abr.gr has the following rights:
1) Right to information
This right provides the data subject with the ability to ask abr.gr for information about what personal data (about him or her) is being processed and the rationale for such processing.
2) Right to access
This right provides the data subject with the ability to get access to his or her personal data that is being processed. This request provides the right for data subjects to see or view their own personal data, as well as to request copies of the personal data.
3) Right to rectification
This right provides the data subject with the ability to ask for modifications to his or her personal data in case the data subject believes that this personal data is not up to date or accurate.
4) Right to withdraw consent
This right provides the data subject with the ability to withdraw a previously given consent for processing of their personal data for a purpose. The request would then require abr.gr to stop the processing of the personal data that was based on the consent provided earlier.
5) Right to object
This right provides the data subject with the ability to object to the processing of their personal data.
6) Right to object to automated processing
This right provides the data subject with the ability to object to a decision based on automated processing.
7) Right to be forgotten
Also known as right to erasure, this right provides the data subject with the ability to ask for the deletion of their data.
8) Right for data portability
This right provides the data subject with the ability to ask for transfer of his or her personal data. As part of such request, the data subject may ask for his or her personal data to be provided back (to him or her) or transferred to another controller.
– How long do we keep your personal data?
Depending on the nature and stage of our relationship with website visitors, prospective clients, active clients, vendors or partners, personal data are kept no longer than is necessary for the purposes for which the personal data are processed. The length of time varies accordingly. For example, if data are captured for marketing purposes, we store the data for as long as the individual can be considered a customer. In such a case, we will continue to inform you about our goods or services until you decide to opt-out and ask to delete your data. For recurring clients, data are necessary in order to issue invoices or send physical or email notifications. Likewise, if we have a contract, data are retained until the expiration of that contact.
– Notification of a personal data breach to the supervisory authority
In the case of a personal data breach, abr.gr shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55 of GDPR -unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.