Principles of Processing
GLTY processes personal data in accordance with the following principles and in compliance with the requirements of the GDPR:
Lawfulness, Fairness, Transparency: Personal data is processed lawfully, fairly and in a transparent manner.
Purpose Limitation: Personal data is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
Data Minimization: Processing relates to data that is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
Accuracy: Personal data is accurate. Every reasonable step is taken to ensure that any personal data that is inaccurate is rectified without delay.
Storage Limitation: Personal data is held for no longer than is necessary for the purposes and scope of processing. However, in some cases GLTY may hold the personal data for longer periods in order to comply with its legal obligations.
Confidentiality and Integrity: Personal data is processed in a manner that ensures appropriate security, including protection against unauthorized and unlawful processing, access, loss, etc.
Accountability: GLTY complies with transparent data protection processing and adheres to its legal obligations in relation to data protection and privacy.
We collect several types of data from and about the users of our website and others, including:
Contact details such as your name, postal address, e-mail address or telephone number, username (if you register as a user). If you are connecting into the GLTY website via a social media platform such as Facebook or Google, we may collect your account username and/or profile picture ("personal information");
In connection with any transaction and payment services, data including but not limited to, bank account numbers, credit/debit card numbers, expiration dates and security codes. We do not store or process your card details ourselves, they are processed and stored via one of our contracted third-party service providers.
Information to assist us in detecting, preventing, and/or remediating fraud or any other harmful actions: we will verify the personal information you provide (including, but not limited to your name, address, details of user funding instruments, and details of payment transactions) with the relevant payment processors and/or credit reference and fraud agencies.
History of your orders placed via glty.gr.
Details of when we contact you and when you contact us. We keep a record of any e-mail correspondence you send us or any other conversation with us, so we can track any problems or concerns you have had with any of the retailer's products or stores operated through the sites
We collect this data when you navigate through our website and/or when you provide it to us.
Use of Information
We use information that we collect about you or that you provide to us, including any personal information in order to: present our website and its contents to you; send you our newsletter, presenting any updates of our website; provide you with information, products or services that you request from us; offer and carry out our core business purposes, which include electronic commerce, online services, allowing you to participate in interactive features on our website, processing and managing your order so as to complete the sale to fulfil your order, verify your identity and your payment method or credit card account for the detection, prevention, and/or remediation of fraud, terrorism or any other harmful or criminal actions, carry out research and customer surveys where we have your consent, provide customer service and respond to your queries, feedback, claims or disputes, and for any other purpose where we have your consent.
Disclosure of Information
Personal data collected and processed by GLTY is not disclosed to third parties unless such disclosure is expressly required by law.
In order to comply with the principle of transparency, and so as to provide you with our services effectively, we may need to pass on your personal data to certain third parties, such as:
Contractors, service providers and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them; logistics and other shipping and delivery service providers; payment processing and technology services; regulatory or government authorities if doing so is required by law or in order to exercise, establish, defend our legal rights or protect your vital interests; and to payment processors, auditors, customer service providers, fraud agencies, credit reference agencies, financial product providers, credit card associations, commercial partners, etc., when required to do so.
Your personal data rights
Right of Access
You have the right to obtain from us a confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and a receipt of a copy.
Right to Rectification
You have the right to obtain from us the rectification of inaccurate personal data concerning you.
Right to Erasure
You have the right to request that we erase personal data concerning you. GLTY will proceed to delete your personal data, where at least one of the following grounds applies:
The personal data are no longer necessary in relation to the purposes for which they were collected.
You have withdrawn your consent on which the processing is based.
You object to the processing and there are no overriding legitimate grounds for continuing such processing.
The personal data have to be erased in order to comply with a legal obligation.
Right to Restriction of Processing
You have the right to request that GLTY restricts the processing where one of the following applies:
The accuracy of the data is contested.
The processing is unlawful and you oppose the erasure of the personal data.
GLTY no longer needs the personal data for the purposes of the processing.
Right to Data Portability
You have the right to receive the personal data concerning you and which you have provided to GLTY, in a structured, commonly used and machine-readable format where at least one of the following applies:
The processing is based on consent, or on a contract.
Right to Lodge a Complaint
Without prejudice to any other administrative or judicial remedy, the data subject shall have the right to lodge a complaint to the Hellenic Data Protection Agency (www.dpa.gr) if the data subject considers that the processing of personal data relating to him/her infringes his/her rights under the General Data Protection Regulation.
If you would like to exercise any of the rights set out above, please contact us at email@example.com
Data Retention and Destruction
GLTY will keep your personal data only for as long as is necessary in order to carry out the scope of the data processing. Nevertheless, there may be times when we are required to store your personal data for longer periods in order to comply with a legal obligation.
Retaining personal data for a period longer than is actually necessary, contravenes the principles of data minimization and proportionality and therefore once the data processing is complete, or the time period set by Law has passed, we will proceed to delete your personal data.
If you have any queries or concerns about our privacy protection practices or believe we have not adhered to this Policy, please do not hesitate to contact us at firstname.lastname@example.org
What are cookies
Cookies are small text files stored in your computer's web browser while browsing our website. A cookie file is stored in your web browser and allows our website to recognize you and make your next visit easier and more user-friendly to you.
When you use and access the GLTY website, we may place a number of cookies files in your web browser.
Specifically, GLTY uses the following categories of cookies:
currency - cookie that stores the currency being viewed and used
language - cookie that stores the language being viewed and used
PHPSESSID - cookie that stores a customers’ current session
loaded – Data informing if this is the first time the user visits the site, (in order for the preloader to pop up)
_ga - Google Analytics tracking code, in order record website visitor statistics
GLTY stores cookie for a 12-month period (in the case of currency and language), whereas PHPSESSID, loaded are kept as long as the users’ session (until the browser is closed). Tracking cookies by Google expire after 2 years.
In addition to our own cookies, we may also use various third parties’ cookies to report usage statistics of the website, deliver advertisements on and through the service, and so on.
What are your choices regarding cookies
Please note, however, that if you deactivate cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.