Privacy Policy | Personal Data Protection at SHOWOOD

1.1 Who We Are

SHOWOOD is a company that imports and distributes impregnated and non-timber products and wooden garden items. The Company has been operating since 2007 and has facilities spanning 15,000 square meters. SHOWOOD sells its products directly to customers throughout Greece and through selected partners such as garden centers and timber stores.

The Company has a reputation for professionalism and quality. It is comprised of a dynamic and organized team of experienced executives dedicated to meeting the modern demands of the market. SHOWOOD is known for maintaining its creativity and has grown to become one of the largest companies in the industry.

SHOWOOD follows the international quality standard ISO 2015: 9001, ensuring it provides services of the highest standards.

The Company always aims to foster a cooperative relationship with its customers, and its culture is centered around the human factor. SHOWOOD values personal contact with its customers, and its excellent relationships with them have resulted in stable, long-term ties.

1.2 Protection & Processing of Personal Data

Personal Data is any information concerning an identified or identifiable natural person. An identifiable natural person is one whose identity can be verified, directly or indirectly, in particular by reference to an identity identifier, such as name, identity number, location data, online identity, or one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

But even more personal information such as habits, preferences, and biometric data.

Every Company that handles personal data concerning living natural persons within the EU is obliged from 25 May 2018 to fully comply with EU Regulation 679/2016 for the protection of personal data. The Regulation is valid in all EU Member States.

Personal Data collection is a form of processing, such as storage, organization, structuring, modification, retrieval, information retrieval, use, disclosure, deletion, or destruction.

The Company, through the Privacy Policy, informs individuals about the processing of Personal Data, thus helping individuals to make informed decisions about their relationship with the business.

1.3 Privacy Policy

The Company must collect Personal Data (i.e., personal information) for the efficient execution of day-to-day business operations and services and, in some cases, for its compliance with the requirements of the legislation and regulations it applies.

The Privacy Policy indicates our compliance with the Privacy Policy and our respect for protecting privacy and security of personal data.

In addition, it aims to:

Inform the natural persons (you) about the Personal Data we collect and process, for what purpose, in what way, and for how long.

Ensure that individuals know their rights and our obligation to be accountable and safe.

It provides an easy means of securing your consent as a legal basis for processing Personal Data and simultaneously enables you to withdraw it whenever you wish.

This Privacy Policy was posted on the Company's website on 10.05.2019 and replaces an earlier post/issue. The Privacy Policy applies, in general, to any natural person who has or intends to have any cooperation with us.

What Personal Data do we process

When you call us, visit our website, cooperate with us, ask questions, or request our cooperation, we may ask you for information (such as name, address, email, phone) depending on the type of relationship between us.

You may also provide us with additional Personal Data (as in the case of sending a CV) or additional information (such as tax or business information in the context of your briefing or cooperation investigation).

We collect information, directly or indirectly, in the following ways:

Information you send or give us when contacting us or visiting our website electronically or otherwise.

Information we receive from your use of our services or the services of our partners.

We use various technologies to collect and store information, including using technologies such as cookies (see also §7).

Our site does not collect visitor information (e.g., IP address, search engine) other than data collected by Google Analytics (configured not to record visitor IP.

For more information on how to access, manage, modify, or delete information, see sections 5 and 6 below.

How we use Personal Data

We use the information we collect (as described above), and by the consent you have given us, to:

we process your order and complete the shipment of the product,

we can provide you with personalized and up-to-date services and products,

we contact you to inform you about new services or products that may interest you,

process your payment or prevent or detect possible fraud,

answer any questions you may have,

implement the framework of this Privacy Policy.

When you contact us, we keep a file of the communication messages so that we can resolve any issues you face.

We do not allow unauthorized entities to access your information without your consent.

For all the above, the necessary condition is your consent (see sections 5 and 8 below).

With whom do we share your Data?

We do not disclose or share IFRS with companies, organizations, and individuals outside our Company unless one of the following applies:

With your consent: We share your personal information with companies, organizations, and individuals with your explicit consent (see sections 5 and 8 below).

For external processing: We provide personal information to our external partners and companies or individuals we trust to process it based on our instructions, our Privacy Policy, and any other confidentiality and security measures, such as the EU Regulation 679/2016.

For lawful purposes: We share personal information with competent public services when this is reasonably necessary and to comply with laws, regulations, legal procedures, or government requests.

Your rights, our obligations

5.1 Your rights

Our customers, users of our services, and visitors to our website have rights within the Regulation for the Protection of Personal Data (which should not conflict with the relevant legislation). These rights of natural persons (you) are:

Right of access to their IFRS
Right to correct their IFRS
Right to cancel their IFRS
Right to restrict the processing of IFRS
Right to information regarding the correction de, lotion, or restriction of processing of their IFRS
IFR portability right
Right to object to the processing of IFRS
Right to object to automated individual decision making including profiling.

5.2 Our obligations

Our obligations include:

The principle of accountability is one of the six principles that govern the processing of personal data. These principles include legality, objectivity, transparency, purpose limitation, data minimization, accuracy, storage period, security, integrity, and confidentiality.

Any IFRS processing is legal only if one of the following six conditions applies:

the data subject has consented to the Personal Data processing
the processing of Personal Data is necessary for the performance of the contract, where the subject is a party
processing is required to comply with the legal obligation of the controller
processing is necessary to safeguard the vital interest of the natural person
processing is required for the performance of a duty in the public interest, or the exercise of public authority delegated to the controller
the processing is necessary for the legitimate interests pursued by the controller or a third party unless the interest or the fundamental rights and freedoms of the natural person prevail.

In addition, we implement the appropriate technical and organizational measures to protect the Company and our partners from unauthorized access, alteration, violation, or destruction of the IFR we have in our possession.

Specifically:

We encrypt many of our services.

We monitor data collection, storage, and processing practices, including physical security measures, to protect against unauthorized access to systems and processes.

Access to personal information is restricted and controlled, and these individuals are subject to strict contractual confidentiality obligations.

In case external partners (for reasons of maintenance or support) have, potentially, access to Personal Data, relevant appendices to the existing cooperation agreements cover the requirements of the Regulation.

Throughout the Personal Data processing cycle (from collection to IFRS destruction), we take appropriate technical and organizational measures to ensure IFRS's confidentiality, integrity, and availability. We require similar measures from third parties handling or processing IFRS.

Our services, products, and website are not intended for children under 16. To our knowledge, we do not process IFRS for children under 16.

Access to your Data and your information

Within the rights provided to you by the Regulation, you can request information about your own IFRS or request a correction or restriction on the processing or deletion of IFRS (see your rights in detail in section 5.1).

You must complete a SAR (subject access request) in such cases. We are obliged to respond to you within one month of receiving the SAR.

DO YOU WANT TO COMPLETE A SAR APPLICATION? Download here

The exercise of the natural person's rights can always be done within the framework of the existing legislation (such as the tax or labor legislation).

Every time you use our services, we aim to provide access to your Data. If this information needs to be corrected, we strive to provide you with ways to quickly update or delete it - unless we retain it as required by applicable law or for legal purposes.

Information about cookies

We use cookies (Session or transient/permanent, persistent or stored / Flash cookies) whenever you visit our website to improve the speed and quality of service.

A cookie is information, in the form of a file, stored on your computer and improves the website's performance about your service.

The user is informed about the use of cookies. The continued use of the website indicates his consent to their use. If, despite the above, the user does not want to use them, he can disable them. Disabling them reduces the performance of certain features of the website.

8. Your Consent and withdrawal

Our Company in the context of:

Its compliance with the Regulation on Personal Data Protection (EU 679/2016) and the relevant national legislation

Respect for protecting the privacy and security of personal data may require your written consent (opt-in) to collect and process your data according to what is stated in this privacy policy.

Your consent is given for distinct purposes and can be revoked (by purpose and in total) at any time by contacting the information mentioned in the next paragraph (Ways of Communication).

The Company will collect and process Personal Data only where it can legally do so, such as:

Requirement of relevant legislation.
Processing is necessary to perform a contract to which the natural person is a party.
Processing is required to comply with the legal obligation of the controller.
Processing is required to safeguard the vital interests of the natural person.
Processing necessary for the legitimate interests pursued by the controller or a third party's rights and freedoms.

You may be asked to provide additional consent if Personal Data are to be used for purposes not listed in this Privacy Policy.

Ways of communication

Company: SHOWOOD IKE

DPX Processing Manager: Giovanna Tsiori

Address: L. Karamanli 186, 136 78 Acharnes

Email: info@showood.gr

Phone: 2102478811

Fax: 2102478812

Web: www.showood.gr

Cookie name	Provider	Purpose	Expiry
cookiesplus	showood.gr	Stores your cookie preferences.	1 year
PrestaShop-#	showood.gr	This cookie helps keep user sessions open while they are visiting a website, and help them make orders and many more operations such as: cookie add date, selected language, used currency, last product category visited, last seen products, client identification, name, first name, encrypted password, email linked to the account, shopping cart identification.	480 hours

Cookie name	Provider	Purpose	Expiry
collect	Google	It is used to send data to Google Analytics about the visitor's device and its behavior. Track the visitor across devices and marketing channels.	Session
r/collect	Google	It is used to send data to Google Analytics about the visitor's device and its behavior. Track the visitor across devices and marketing channels.	Session
_ga	Google	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.	2 years
_gat	Google	Used by Google Analytics to throttle request rate	1 day
_ga_#	Google	Used by Google Analytics to collect data on the number of times a user has visited the website as well as dates for the first and most recent visit.	2 years
_gd#	Google	This is a Google Analytics Session cookie used to generate statistical data on how you use the website which is removed when you quit your browser.	Session
_gid	Google	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.	1 day

Cookie name	Provider	Purpose	Expiry
fr	Facebook	Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.	3 months
tr	Facebook	Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.	Session
_fbp	Facebook	Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.	3 months