PRIVACY POLICY

This Privacy Policy (from now on “Policy”) is about the way we process your personal data and especially the requirements of collecting, saving and using them, while you visit, register or use the website https://www.yesterdaysbread.gr/ (from now on “Website”) and our Facebook page ‘’Yesterday’s Bread ”.

The management and protection of your personal data as visitors and users of the website and Facebook page services, are governed by to this text and the relevant GDPR provisions [679/2016 GDPR] and Greek law [4624/2019 legislation]. The specific terms are subject to the existing law. In any case the process manager maintain the right of changing them in order to comply we the dynamically developing Greek and European legal frame.

Process Manager

Process Manager of your personal data is Βilolmas Efstratios, single business, Kallidromiou 87-89, 10683, Athens, which is the proprietor and beneficiary of using the website.

Definition of Personal Data and its processing

Personal data are information as name, address, email, phone number etc., which define or could- combined with other information- define the identity of a person, visitor/user of the website or Facebook page. Process of personal data is the collection, record, organization, save, adjustment, modification, retrieval, quest of information, use, transmittal to third parties, dissemination, interrelation, combination, limitation, erasure and destruction of someone’s personal data. Processing includes every action of the Process Manager on website’s or Facebook page’s users’ personal data.

Collection of your personal data

We mostly collect your data directly from you, while you register on services or communicating with us. Furthermore, we collect your data passively through tracking gear, such as cookies or beacons. Finally, we collect your data from third parties, such as social network platforms [Facebook, Instagram, Twitter, YouTube]. The ways of collecting your personal data are imprinted as below:

  • While visiting and navigating on the Website, your data are collected only through cookies, which you have already have allow to be used, and are specifically referred on “Cookies Policy” here:(https://www.yesterdaysbread.gr/cookies)

  • In order to communicate with us you fulfill the relevant communication form, your full name and email, which are collected- including your comment- to respond.

  • In case you participate in any competition we organize, we will collect and save some of your personal data, which are necessary for the purposes of the competitionand the reward granting to the winners (such as full name, email, phone number).

  • In case of electronic order, we also collect communication data, address data, and data that are necessary for the charge, payment and invoicing. Personal data collected for orders to take place and invoices to be issued, are maintained for the necessary time to deliver the order and as long as the fiscal law requires (5 years). After this period personal data will be erased, unless their maintenance is required for reasons of civil law claims

  • In order to deliver user’s order and only for this specific reason, user’s minimum necessary personal data (first & last name, address, phone number) are conveyed to third party (courier). This action is necessary for the order’s delivery and can not be omitted, otherwise user will not get his/ her order delivered door to door.

In case user does not consent, he/ she has to collect his/her order from store, after communicate specifically for the above reason with us.

In any case user has the right to ask for couriers data (brand name). Only in this case we are obliged to notify user for the courier’s brand name.

In case that the receiver is a different person from the user, he/she declares that he/she has the third person’s full consent and approval for using and registering necessary personal data in order to deliver the order, to issue the invoice on the name and at the address of the third person (including his phone number). In case we get in position of defendant on a civil claim related with issues of third persons’ personal data as above, user absolutely declares by accepting these terms, that he/she had third person’s full approval and consent and he/she gets in position of our legal escrow and that he/she covenant to every damage caused to us by any unauthorized use of third person’s personal data, plus any payments of legal expenses even any claim against the user, including non pecuniary damage.

  • notice that a non adult tries to provide his/her personal data, we will immediately remove it from our archive. If you are a parent/guardian of a non adult who has provide us his/her personal data please contact us in order to delete We do not collect personal data from non adults without approval of their guardian. If we it.

  • Web site uses external services of recording footfall, such as Google Analytics. Google Analytics provides us anonymously data in order to define the number of persons that use our website, to know better the way they find and use our website and to notice their route in the website. Even though Google Analytics uses cookies in order to record data, such as your geographic place, your device, the browser and your functional system, non of these data connects with you and ID you. We also refer that Google is a third party of data processing.

  • In order to announce information relevant to products, services, presentations and other promotion purposes: With your approval we send you newsletters with our products, services, competitions and promotion acts of the business. You can anytime repeal your provided approval. If you have already buy our products we may use your provided communication data in order to send you promotion information of other relevant products. This is lawful, except the case you have declare not to send you newsletters. In any other case we will request of your approval before sending you any promotion information.

Purpose and legal Base of Processing your Data

We process your Data for the below purposes and mainly for:

  • Your information about new products, our offers and events or any other actions related to our products

  • Your purchases to take place and get delivered and invoices to be issued

  • The website’s and its connected applications’ management

  • The website footfall’s surveillance, may get collected automatically specified information that could directly or indirectly identify you, such as:

  1. Basic information of net connection

  2. Information collected through HTML cookies, Flash cookies, web beacons etc.

  • The enhancement of the website’s navigation and the visitor’s /user’s of the services experience

  • The visitors’ communication and notification

  • Competitions and awards’ rewarding to the winners

  • Your promotion to the specific advertising places of the website

  • Any legal right of ours

Any process of your personal data requires specific and legitimate reason according the law. For this reason we take care that your data use relies on one of the below legitimate bases:

  • User’s approval in case of registering in the website’s services, and the use of cookies

  • Contract’s implementation, the way it is created by visitors’ participation in Competitions of the Website or Facebook page, products’ purchase and order according to the relevant legislation.

  • Securing our legal interest, without encroaching on the users’ rights, as happening in civil law claims

  • Compliance with the law, such as the case of denouncing illegal activities of a user to the authorities

Access and Impartation of your Personal Data

 Only the necessary staff of the Process Manager have access to your Personal Data and also our contributing businesses, which process your Data as Actors of the Process for our account and according our orders. These businesses offer management services of the website and social network platforms, tech and maintenance support, management of comments, competitions’ prosecution and awards giving, data and business acts analysis, or /and it support and marketing, counting analysis. Those are obliged by our contract to be discreet, not to announce data to anyone third without our approval, to take any safety measure, to comply with the law for the personal data protection and especially GDPR. Furthermore, we may announce your data when you have asked so or it’s a law obligation, for example if the police authorities ask us to do in order to investigate illegal activities.

Your data are not announced out of the European Economic Space. In case that such an announcement is necessary we will ensure your rights and freedom relevant to your personal data process are protected under any circumstances. In the measure that is our obligation, we will ensure that this announcement will take place through contract agreements using formulaic contract clauses approved by the EU or other insurance safety measures according the law.

Maintenance and Safety of your Personal Data

Your personal data are maintained as long as the legal purpose for its process, for which had been collected after user’s approval, lasts. For the data’s maintenance we use the appropriate security level and we have done physical, electronic and administrative procedures in order to avoid any random or illegal destruction, loss, deterioration, non authorized announce or access on personal data that getting announced, saved or are in any form object of process. Our information security policies and procedures are mostly aligned with the international formulas

and often are getting reviewed and updated, whenever it is necessary in order to comply with our business needs, technology changes and regulative demands.

We delete data, which collect from you, if it is not necessary to fulfill the goals for which they got collected at the first place. Data that have been collected exclusively for the communication with the user or the briefing of those who interest in commercial from relevant forms of collection of the website, are maintained during the contact and get deleted in the duration of three (3) months from its pause. Although, it may ask from us to maintain your personal data for more time through law ordinance. Data collected by cookies are getting deleted according to (https://www.yesterdaysbread.gr/cookies)

User’s legal rights

 As data subject you have specific legal rights, as far as your collected from us personal data concerned:

Access: You have the right to be informed if and how we process your personal data at any time and without any charge.

Update: You can ask your personal data to be corrected in case of false or deficiency.

Deletion: You can ask your data deletion if it is not further necessary for the purposes for which it collected at the first place or if you wish to repeal your approval and there is not another legal base process. In case user wants all of his personal data to be deleted, may contact us through email, in order to exercise his/ her right of oblivion over his/her account’ s electronic trace and over the data produced by signing in and interacting with our website, secured on our server. All of those data will be erased in a period of 7 days. At any time user has the right to re-sign in as a new account.

Confrontation: You can at any time confront to your personal data process, something that we respect under the condition of non-existing other legal reasons.

Process limitations: You can ask the limitation of your personal data limitation, if you dispute its accuracy or legitimacy.

Portability: You can ask to get in text form the data you have provided or ask us to send it to another process manager.

Right to repeal your approval: You have the right to repeal your approval at any time, without being affected the legal base of your data process from us according the approval before its repeal.

In order to proceed to any of your legal rights, please contact at ……….. in written form through email. We will try to satisfy your request on a time of 30 days. Although, this deadline may be extended for particular reasons which concern the specific legal right or the complexity of your request. We may ask for your identification, for reasons of identify you, before responding to your request. In some cases, we may not allow the access to specific personal data (for example if your personal data are affiliate with other persons’ personal data or for legal reasons).

You have the right toy fulfill a denouncement in Hellenic Data Protection Authority (Kifisias 1-3, 11523, Athens, tel. 210 6475600, email: contact@dpa.gr), if you consider that your personal data process has violated the national and regulative context law for the personal data protection.

Private Policy Changes.

 The standing legislation and our practices can be changed through time, and for so we please you to visit this page in order to be always informed.

If we make fundamental changes on the way processing your personal data, we will send you first notification or if it is legal obligatory we will ask for your approval in order to make those changes. We recommend to read our privacy policy and to get informed regularly over our practices. This private policy modified for the last time on March 2021.