fb pixel image

Privacy Statement

Privacy Statement of the COMPANY: MARIA TZARATZOURI & Co GP

The protection of your personal data is important to us. This privacy statement explains what kind of personal data we collect from you through our websites you visit and how we lawfully use that data.

Who we are and how to contact us

The website www. careandmore. gr belongs to the company MARIA TZARATZOURI & Co GP based in Glyfada, Lazaraki street no. 35 which is also the Controller for the Personal Data we process.
Responsible in our company for personal data protection issues is Maria Tzaratzouri, telephone 698 1983 584 e-mail: info@careandmore. gr

You may contact us for any questions or other questions regarding the collection and use of Personal Data or this privacy statement and for the exercise of your rights under the law on the protection of personal data in the above e-mail.

What is Personal Data and its processing?

1) Personal data (or personal data) is any information relating to an identified or identifiable natural person (called a "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

(2) Processing of personal data is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission; dissemination or any other form of disposal, alignment or combination, restriction, erasure or destruction;

Generally, about the Personal Data we collect when you visit our website and the purposes of their collection and processing.

Like all businesses that have an online presence on the internet, we collect data to make our website work efficiently and offer you the best possible experience and information you are looking for while browsing. Some of this data is provided directly by you, such as when you create a personal account to use our website by filling out a relevant form or contact us for support or information. With your consent, we obtain certain data by recording how you interact with our website, for example, using technologies such as cookies and the data  we collect may include the IP address or browser information  you use during navigation on our website and the links selected. To collect data through cookies  We ask you for your explicit consent when you enter our website in accordance with the cookies policy  that you can see below.

Personal data we collect when you contact us and the purposes of their collection and processing.

When you contact us by email or  telephone e.g. to request information about products, about your order, prices, offers or descriptions for products or other material we may collect from you your full name, address, shipping address of your order, your VAT number and email address  , telephone number or other contact details as well as the content of the e-mail  that you have sent us in order for us to execute the transaction with you or because this is necessary to communicate with you and to take the necessary steps prior to entering into the contract.

You can unsubscribe from our company’s email list by following the relevant unsubscribe instructions included in each email.

Personal data we collect when you make transactions through our online store (e-shop) and the purposes of their collection and processing.

In addition to the above data, if you use the e-shop of  our business, we collect from you and process the necessary data for the purpose of executing the transaction with you which you provide to us through the completion of the relevant registration form.

These data may be as follows:

Your full name, address, shipping address of your order, VAT number, email address, telephone number or other contact information.  Also, credentials including the password to  our e-shop, security questions or other security information

When you use your credit card to pay for your orders through our online store, your credit card number and your information are not collected by us but are collected directly from the special application of the organization that issued your credit card. Specifically, we have proceeded with the adoption of the Piraeus Paycenter service in  order to securely carry out card charges in the electronic payment system of Piraeus Bank.

Informing you about your Rights.

The legislation provides for data subjects the existence of the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or the right to object to the processing, as well as the right to data portability, as well as to withdraw any consent you have given with future effect.

For relevant issues you can contact the "Personal Data Protection Authority: Kifissias 1-3, 115 23 Athens, Greece"

In detail about the rights of the data subject:

Right of access by the data subject

1. The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data relating to him or her are being processed and, if so, the right of access to the personal data and to the following information:

(a) the purposes of the processing.


(b) the categories of personal data concerned.


(c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;

(d) where possible, the period for which the personal data will be stored or, where that is not possible, the criteria used to determine that period;

(e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;

(f) the right to lodge a complaint with a supervisory authority;

(g) where the personal data are not collected from the data subject, any available information as to their origin;

(h) the existence of automated decision-making, including profiling, provided for in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

2. Where personal data is transferred to a third country or to an international organisation, the data subject shall have the right to be informed of the appropriate safeguards in accordance with Article 46 in relation to the transfer.

3. The controller shall provide a copy of the personal data undergoing processing. For additional copies that may be requested from the data subject, the controller may charge a reasonable fee for administrative costs. If the data subject makes the request by electronic means and unless the data subject requests otherwise, the information shall be provided in a commonly used electronic format.

4. The right to obtain a copy referred to in paragraph 3 shall not adversely affect the rights and freedoms of others.

Right to rectification

The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Having regard to the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of a supplementary statement.

Right to erasure

1. The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall be obliged to erase personal data without undue delay where one of the following grounds applies:

(a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

(b) the data subject withdraws consent on which the processing is based

(c) the data subject objects to the processing and there are no compelling legitimate grounds for the processing

(d) the personal data have been unlawfully processed;

(e) the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject.

(f) The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.

The right to erasure of data shall not apply to the extent that processing is necessary:

(a) for exercising the right to freedom of expression and the right to information;

(b) for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

(c) for reasons of public interest in the area of public health in accordance with Article 9(2)(h) and (i), as well as Article 9(3) GDPR;

(d)for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes.

(e) for the establishment, exercise or defence of legal claims.

Right to restriction of processing

1. The data subject shall have the right to obtain from the controller the restriction of processing where one of the following applies:

(a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;

(b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;

(c) the controller no longer needs the personal data for the purposes of the processing, but these data are required by the data subject for the establishment, exercise or defence of legal claims;

(d) the data subject objects to the processing pursuant to Article 21(1) GDPR, pending the verification of whether the legitimate grounds of the controller override those of the data subject. 

Right to data portability

1. The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller without hindrance from the controller to whom the personal data have been provided, when:

(a) the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1) GDPR, and

(b) the processing is carried out by automated means.

Right to object

1. The data subject shall have the right to object, on grounds relating to his or her particular situation, to processing of personal data concerning him or her by automated means at any time.

2. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, including profiling, if it is related to such direct marketing.

3. Where data subjects object to processing for direct marketing purposes, the personal data shall no longer be processed for those purposes.

Transfer of data to third countries

Our company does not transfer your data to third countries.

Transmission of data to third parties.

Our company does not transmit your data to third parties unless this is mandatory by law or is
mentioned in the exceptions below.

As a pharmaceutical company/pharmacy, our business is subject to special rules such as pharmacovigilance. Some of these laws require us to send reports to regulators or other authorities. Your Personal Data for this purpose may be transmitted by us to the authorities if this is mandatory by law especially in case you report an adverse reaction from a medicine you have purchased.

Exceptions: Part of your data may be transmitted to our partner companies that perform certain tasks for our company, such as an accounting firm, marketing company, etc. and for this purpose it is necessary to perform the processing of the data on our behalf. In this case we have taken all necessary legal measures by signing special terms with these processors for the protection and security of your data.

We may also transfer this data to cooperating companies, in order to send you advertising material and personalized offers or to evaluate the quality-of-service provision and evaluate products. If you are a registered user and do not wish to transmit your personal data in order to send you promotional material and personalized offers, you can stop your communication by clicking on the link "Unsubscribe" that exists in each email with promotional material (Newsletter).

How long do we store Personal Data?

Your Personal Data will be retained for as long as necessary for the specific business purpose or for the purposes for which it was collected.

If no transaction has been made with us and there is no particular reason, your Personal Data will be deleted 1 year after your last communication with us.

If you have made a transaction with us, your data will be deleted no later than 20 years after the last transaction with us.

How we secure Personal Data

Our company, taking into account the latest developments, the cost of implementation and the nature, scope, context and purposes of the processing, as well as the risks of different probability of occurrence and severity for the rights and freedoms of natural persons from processing, effectively implements, both at the time of determining the means of processing and at the time of processing,  appropriate technical and organizational measures, in such a way as to meet the requirements of the law and to protect the rights of data subjects in accordance with our company's security policy.

Specific security measures we take for your data that we process through our website are the following:

Access to the personal account created on our website is done through special passwords / login that you create. The codes used to identify the user / customer are two: the Username and the Personal Secret Security Code (Password), which each time he enters them provide him with absolute security access to his personal information.

It is forbidden to disclose your password to anyone.

The password you will create must consist of 5 elements and must also include letters of which at least 1 lowercase and 1 uppercase and numbers.

You should avoid creating a code that is easy to find like your name, date of birth, etc.

You should not keep your password written in paper or electronic form.

In case of loss or leakage of the password, you must inform us immediately at the e-mail address we mention at the beginning of this policy.

Ensuring the Confidentiality of the Transfer of Your Personal Data:

To ensure the confidentiality of data transfer, www.careandmore.gr uses the  128-bit SSL encryption protocol. In addition, it has a digital protection certificate of the Geotrust group, recognized as a leader in the field of transaction security.

3 D Secure: Our company has adopted the 3 D-Secure protocol in order to offer users increased protection against unauthorized use of their card during the process of processing their transaction. Bank card holders who support the 3 D-Secure protocol  have the ability to integrate Visa or MasterCard  their cards in  the Verified by Visa or SecureCode programs  respectively. Membership means that cardholders choose a security code for each card that only they will know. Thus, every time the registered user makes an online transaction using his card, he will be asked for the security code. In the cases of customers whose cards either do not support the services  Verified by Visa and SecureCode of MasterCard, or have not joined them, card payments are processed, without the need to use an additional code.

Encryption:
From the cart until the end of the purchase process in the online store of the pharmacy, all information and personal data of the user / customer are encrypted based on the  128-bit SSL encryption protocol. Encryption is essentially a way of coding the information until it reaches its intended recipient, who will be able to decode it using the appropriate key. During the ordering process  In the online store of the business, all communication between the user's computer and its systems is encrypted using an encryption key. That is, every time  it sends information to the system, the browser first encrypts it using an encryption key and then sends it to the system. The  company's system first decrypts the information it receives using the same key (which is predetermined when the user starts connecting to the service) and then processes it. The systems of the enterprise, send information by following the same encryption process.

What happens when we change this privacy statement?

We may update this statement from time to time for any reason. We will notify you of the changes to it by posting the new statement here or, if the changes to the statement are material in relation to the information we collect from you, by posting a prominent notice on our website or if necessary by sending an email to the  address you have provided to us before these changes take effect. If required,  We will ask for your consent.

COOKIES POLICY

Cookie Notice.

This website uses a technology called "cookies". 

What are Cookies

A cookie is a  small text file that is placed on your hard disk by a server.  Cookies  do not pose a risk to the computer of the user / visitor of our website.

Cookies are divided into the following categories:

Absolutely necessary

These cookies are necessary to enable you to browse our business website and use its features, e.g. to access areas of the website or store products in a shopping cart.

Useful for site performance

These cookies collect information about how visitors use a website, e.g. which pages visitors go to most often. They are used to improve how a website works in future releases.

Useful for the functionality of the site

These cookies allow the website to remember the choices you have made, e.g. your username, language or the region you are in and provide a better personal experience.  

Useful for displaying content relevant to your interests.

These cookies are used to offer content that is more relevant to you and your interests.

Consent to the use of cookies by the website.

You have the ability to accept or reject cookies  (except those that are technically necessary for the operation of the website) by following the instructions that appear when you enter this website. If you choose not to accept cookies, you may not enjoy all the interactive features of this website and other websites you visit.

Specifically, when you enter this website you are asked whether or not you want cookies by receiving on your screen a pop-up window with the following content:

"We use cookies to personalize content and ads, provide social media features, and analyze our traffic. In addition, we share information about how you use our website with social media, advertising and analytics partners, who may combine it with other information you have provided to them or which they have collected in connection with your use of their services. If you continue to use our website, you consent to our use of cookies .

By clicking on the "I agree" button you accept the use of all cookies on the website.  In more detail through the "View details" button you can enter your choices. At any time you are given the opportunity to change your choices through the "Cookie Preferences" link at the end of the website."

You can learn more about how to manage cookies by going to the Help section of your web browser.