Privacy Policy – Phos Byzantino

1. WHO WE ARE (DATA CONTROLLER)
The Data Controller responsible for your personal data is:
PHOS BYZANTINO (trading name of FOTIOS KONTOS, sole proprietorship)
Address: 12, D. Areopagitou St., Athens, Greece, 10558
VAT No.: 027564327 (5th Tax Office of Piraeus)
Phone: +30 2103252739
Email: phosbyzantino@gmail.com
Website: www.phosbyzantino.shop

2. WHAT DATA WE COLLECT
Depending on how you interact with us, we may collect:
A. Account & order data: name, billing/shipping address, phone number, email, order details, invoices/receipts.
B. Payment-related data: transaction references and payment status. Card payments are processed by Alpha Bank and PayPal; we do not store full card details.
C. Communications: messages sent to us via email, phone, contact forms, or social media (where applicable).
D. Technical data: IP address, device/browser information, basic usage data, and logs necessary for security and site operation.

3. WHY WE USE YOUR DATA (PURPOSES & LEGAL BASES)
We process your personal data for:
A. Order processing and delivery (contract performance): to confirm and fulfill your order, manage shipping, provide customer support.
B. Legal obligations: accounting/tax compliance, invoicing, fraud prevention where required by law.
C. Legitimate interests: to protect our Site, prevent abuse, improve our services, and handle disputes/claims.
D. Marketing communications (consent): newsletters and promotional updates only if you have given consent. You can withdraw consent at any time.

4. WHO WE SHARE YOUR DATA WITH
We do not sell your personal data. We share data only with service providers necessary to operate the Site and fulfill orders, such as:
– Courier and postal providers (ACS for Greece, ELTA for international shipments) for delivery.
– Payment processors (Alpha Bank “Alpha e-Commerce”, PayPal) to process payments.
– Hosting, security, and technical support providers that keep the Site running.
These providers process data under confidentiality and security obligations.

5. INTERNATIONAL TRANSFERS
Some service providers (e.g., PayPal or technical providers) may process data outside the European Economic Area. Where applicable, we use appropriate legal safeguards (such as standard contractual clauses) or rely on providers’ GDPR-compliant frameworks.

6. HOW LONG WE KEEP YOUR DATA
We keep your data only as long as necessary:
– Order, invoice and tax records are retained for the period required by Greek tax/accounting law.
– Account data is kept while your account remains active; you may request deletion subject to legal retention obligations.
– Communications are retained as needed to handle support requests and any potential disputes.

7. YOUR RIGHTS (GDPR)
You have the right to:
– Access your personal data.
– Correct inaccurate or incomplete data.
– Request deletion (where applicable).
– Restrict or object to processing (in certain cases).
– Data portability (where processing is based on contract or consent).
– Withdraw consent at any time for marketing communications.
To exercise your rights, contact us at phosbyzantino@gmail.com. We may request verification of identity to protect your data.

8. MARKETING MESSAGES (NEWSLETTER)
We send marketing emails/SMS only with your consent. You can unsubscribe anytime:
– via the “unsubscribe” link in our emails, or
– by emailing us at phosbyzantino@gmail.com.

9. SECURITY
We implement reasonable technical and organizational measures to protect your personal data. However, no online system can be guaranteed 100% secure.

10. COOKIES
The Site may use cookies necessary for core functionality (such as cart and checkout). If additional cookies are used for analytics or marketing, they are managed via the Site’s cookie banner/settings (where applicable).

11. COMPLAINTS
If you believe your data protection rights have been infringed, you can contact us first at phosbyzantino@gmail.com. You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA):
Website: www.dpa.gr
Address: 1-3 Kifisias Ave., Athens, Greece, 11523
Call Centre: +30 210 6475600
Fax: +30 210 6475628
Email: complaints@dpa.gr