(Last modification: 15/4/2019)
The Nikou company (referred to as "we", "us" or "company") is bound to the users of this site (referred to as "users", "visitors", "customers", "you", "yours") to protect their personal data and processes their personal information (referred to as "personal information", "personal data", "pp" or "pd") in a transparent manner.
"Personal data" means any information relating to an identified or identifiable natural person ("data subject"); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity. Personal information means the information that relates to you and includes, for example, your name, your email address, your physical address, your tax ID, the IP address (only when we have collected it in conjunction with direct identification information) or the information you submitted by contacting us.
The personal data we collect and process depends on the purpose of your visit and the services or products you have purchased or agreed to receive from us.
This privacy statement:
- is addressed to natural persons who are mere visitors to the website of Nikou, existing or potential customers of the Nikou or authorized representatives of existing or potential customers of the Nikou.
1. Who we are
Nikou is a company registered in Greece for the purpose of creating premium organic cosmetics. The business details are:
Distinctive title: Nikou - Foreign Languages
Business Name: Spyridoula Nikou
Address: G. Papandreou 58, Chaidari, P.C.12462, Greece
2. Which personal information we process and from which we collect it
We collect personal information about our current and future clients through our website. We never collect personal information by other means or by using a third party.
In accordance with local tax laws and EU VAT and invoicing directives, we collect the following personal information: your name, your phone number, your email address, your physical address, the name of your Nikou and its tax information (if applicable), the IP address, the country, the User Agent string of the browser you used when you signed up. This information is used to create a legal invoice after successful payment of your purchase and to prove your country of origin if required under the EU VAT directives.
The IP address is collected temporarily whenever you access our site and is in the web server logs, security software logs, and communication forms. This information is used to ensure the safety of our site and to prevent abuse. IP address information is not immediately identifying information, but if stored in conjunction with the user account, it may be an indirect identifier.
Contact or bid form information
Any information you provide by voluntarily submitting a contact form or form to receive a bid. We use this information to respond to your requests.
3. Personal information of minors
We do not allow minors (people under the age of 13) to use our site. Any account found to be in violation of this term will terminate without a refund and all information related to this user account will be deleted.
4. If you are legally obliged to provide us with your personal information
The provision of your invoicing information is legally required in accordance with the EU Taxation Regulation and its incorporation into local tax laws. It is illegal to allow you to make a purchase without issuing an invoice that requires this information. For the same reason, information that is not printed on the invoice (IP address, country based on the IP address and the User Agent string) is also required to prove your country of origin for applying the correct VAT rate.
Your IP address in the context of security and abuse prevention is specifically exempt from the requirement of your consent under the European Union GDPR. We are legally required to ensure the security of your personal information through any appropriate technical means and which includes collecting your IP address in this context.
Any other personal information is voluntarily offered by you so that we can provide our services to you. You are not legally obliged to provide it, but only if you do, we will be able to serve you and provide you with the agreed services. Simply put, if you do not tell us what the problem is and do not give us the means to understand it, we can’t do anything to help you.
5. Who are the recipients of your personal information
Depending on your actions on our websites, your personal information may be transferred to some of our partners and subcontractors below. These providers and suppliers are in agreement with Nikou with which they are required to keep confidentiality and protection of your personal data in accordance with local data protection laws and GDPR.
The recipients of your personal information are as follows.
We receive billing information to fulfill the obligations to tax laws. They also receive voluntary contact information and quote information to help you.
Provides statistics for our site. Only anonymous information is sent to Google. It is unclear whether Google should be mentioned as a data processor. The only way to resolve ambiguity is to record Google here, but to state clearly that, based on our best level of knowledge and technical abilities, we do not send personal information.
It provides information on the Nikou account on Facebook and statistics between this account and our site. Only anonymous information is sent to Facebook and may be combined with information you have already provided to Facebook through your own account. It is unclear whether Facebook should be referred to as a data processor at our own fault. The only way to resolve ambiguity is to record Facebook here, but to state clearly that, based on our best level of knowledge and technical abilities, we do not send personal information.
6. Transferring your personal data to a third country or international organization
Your personal information may be transferred to third countries (countries outside the European Union) in some cases, such as payments made through a payment processing Nikou outside the EU, or providing support to you from our third-country partners, or whenever required by law, or if you have explicitly agreed. All Processors are required to comply with the EU data protection rules and provide appropriate assurances regarding the management of your personal information in accordance with Article 46 of the GDPR.
7. Automated decision making
In general, we do not use automated decision making when creating and running a business relationship with you. The only automated actions are:
- Apply the correct VAT rate. This is legal, necessary and based on your country of origin. Your personal information is used (IP address and country maintained in your profile).
8. How long do we keep your personal information
We keep your personal information as long as we have a business relationship with you, as evidenced by actions you take on our site or by physical actions between you and Nikou.
We are legally required to maintain billing information, both for security and organizational purposes, and due to the oversight of our tax auditors, for up to ten (10) years after your purchase.
After twelve (12) months from the end of our business relationship (the expiration may be expressly stated or automatically implied by the date of your last login on our site or the last physical contact / web contact with Nikou, whichever date is the latest), the following measures will be taken:
- Your invoices and invoicing information will be removed from our site (we will keep the physical copies as explained above). A pseudonym, an unrecognizable record of your purchase, will be stored for statistical purposes.
- The user account will be deleted.
- Any personal information you have stored on the site (e.g., contact / quote forms) will be deleted.
We may keep your personal information more than stated for practical, technical or legal reasons. For example, your personal information may be stored more than what is mentioned in encrypted backups.
9. Your rights to your personal data
You have the following rights as it concerns the personal identification information we hold for you:
- Have access to or know the personal information we hold for you. This allows you, for example, to receive a copy of the personal data we hold on your behalf and to confirm that we process it legally.
- Ask for the correction of your personal information. This allows you to correct incomplete, inaccurate or outdated information we hold for you. Please note that invoice pricing can only be corrected when purchasing a service or product and applies only to newly issued invoices. This is a legal requirement.
- Ask for the deletion of your personal information ("the right to be forgotten"). This allows you to ask us to delete your personal information when there is no real reason to process it.
- Stop processing your personal information ("right of objection") because there is something special in your situation that makes you want to oppose processing. If you object, we will no longer process your personal data unless we can prove binding legal grounds for processing that is against your interests, rights and freedoms. Please note that this is largely unusual in our business relationship, as we process either on a legal basis or on your explicit consent, or are exempt from GDPR (eg by maintaining an IP log for security reasons).
- You have the right to object to cases where we process your personal information for direct marketing purposes. This also includes profiling, as it is used for direct marketing.
- Request limitation on the processing of your personal information. You are allowed to ask us to restrict the processing of your personal information in specific cases such as when:
- personal data is inaccurate,
- personal data has been used illegally but you do not wish to delete it,
- personal data is no longer necessary, but you want to keep it for use in potential legal requirements,
- you have asked us to stop using your personal information but you are waiting for us to confirm if we have legitimate reasons to use them.
- Request a copy of your personal information in a structured, widely used form to pass this information to other organizations and companies. You can also request that we transfer the file directly to another organization of your choice. This is also known as the "data transfer right".
- Revoke your consent to the processing of your personal information at any time. Please note that your revocation of consent at any time does not invalidate the legitimacy of processing based on your consent before being withdrawn or withdrawn by you.
In order to apply any of the above rights, please use the form "Request for personal data" below. Alternatively, or if you have questions about the use of your personal information by us, you can contact us through the contact form.
By law, we will respond directly to your requests within 30 working days. If you have not received an answer from us for more than three weeks (21 days), please try again by contacting us by alternative means. Probably your request never arrived at us. Please note that we reserve the right to direct you to our site tools and / or the Privacy Statement if your concern is directly addressed by them. By law, we reserve the right not to respond to your requests if they are very often or abuse the provisions of the law.
10. Changes to this Privacy Statement
We may periodically modify this privacy statement.
When this happens, we will change the date to the top of the page. We do not have the technical means to alert our customers to any changes. We recommend that you review this statement periodically so that you are always informed about how we process and protect your personal information.
Our site uses small text files, known as cookies, to improve your experience and work better.
An HTTP cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing.
The main purpose of a cookie is to identify users and possibly prepare customized web pages for them.