PRIVACY AND PERSONAL DATA PROTECTION POLICY
INART recognizes the importance of the security of your Personal Data and your electronic transactions as well, and takes all the necessary measures, using the most up-to-date and advanced methods, to ensure maximum security. INART has taken all necessary actions to be fully complied with the General Data Protection Regulation 2016/679 and to be able to guarantee the security of all information relating to your personal information and transactions.
Personal data, as defined in Article 4 of the GDPR, is the information that can be used for your identification and to communicate with and deal with you, in particular your name and surname, postal address, e-mail address, your phone number and other information when combined with your personal information.
INART, in the course of its business activities, processes the personal data of its customers and partners and is the Controller according to the definition given in Article 4 of the General Data Protection Regulation 2016/679 (GDPR).
- 1. Personal Data Protection
Personal data protection is governed by the new General Personal Data Protection Regulation 2016/679 (GDPR), which is the new European Union (EU) regulatory framework in the area under consideration. The purpose of the law is to lay down the conditions for the processing of personal data, the protection of the rights and freedoms of natural persons, and in particular the right to the protection of personal data.
1.1 Collection of your Personal Data
The website www.inart.com is designed so that users can visit it without having to reveal their identity and without having to give personal data unless they wish for it themselves. During your visit to www.inart.com, we will need to collect and process some of your personal data in order to provide you with specific services and to be able to respond adequately to your needs. More specifically:
a) Personal data you provide us with for the creation of an Account and the INART product orders.
- In order to become a partner, you can contact us either by phone, by email or by completing the "COOPERATION APPLICATION" form at www.inart.com . INART, after the collection of the necessary information in order to start our cooperation, will provide you with a username and password to have your own Account on our website. At first, you need to use the username and password we have given you and then you will be prompted to select a password of your choice. After creating a personal account at www.inart.com , you can by clicking "Connect" to browse our website and proceed to order the products you want.
- If you would like to contact us, you will need to fill in the required fields with details regarding the name, surname, company, e-mail address, stable and mobile phone, city, country and postcode, in order to identify you and be able to answer and serve you properly.
- If you wish to subscribe to our Newsletter, you must fill in your email address in order to send you informative and promotional emails.
- Periodically, INART organizes surveys, promotions, business meetings to present and evaluate its products and services. It also participates in exhibitions, conferences, business events in Greece and abroad. The personal information we consider to be voluntarily provided to us in the context of business cooperation (business cards, contact information forms) may be posted to our information systems for communication and information purposes about the company's products- services, by phone or / and email. Personal data for the above purpose are: name, surname, email, mobile / stable phone, profession, job.
b) Personal data from the use of electronic services on our website.
- We may also collect other information about you, your device or the use of services, in the manner described at the collection point or otherwise with your consent. You may choose not to provide us with certain types of information, but your ability to use certain services may be affected.
c) Personal data published by third parties.
- In the context of INART's legitimate interest in generating market interest in its products and services, we may process information published on the web in search engines and social media applications (Google, LinkedIn, Facebook, Twitter, Instagram) in order to create customized promotion and updating of the potential customer by phone and / or email for the above commercial purpose. INART has accounts on various social media tools such as Facebook, Tweeter, Instagram, etc., which often include functionality so you can declare your liking, share or comment on our publications, or participate in competitions through third-party social media applications. These social media applications can collect and use information about the use of our website on behalf of you. Any personal information you provide through such social media applications may be collected and used by other members of that application, your interaction via email, and generally the messages you send us through social media applications, details of your communication with our company such as the date, time and reason for contacting us, device IDs, or other unique identifiers. These exchanges are governed by the privacy policies of the companies providing each social media applications. A legal basis is the voluntary publishing of your information on search engines and your subscription to social media services where it is taken as an explicit consent to publish information depending on the settings of the applications you manage. INART does not control and is not responsible either, for how these social media applications collect and process your personal data.
- If you decide to take part in a competition which is running by INART on a particular social media platform, your participation requires some personal information to be filled in to qualify for the competition and to inform you in case you win.
(d) Personal data on commercial transactions.
- We maintain in our information systems a record of your transactions with our company, contracts with our customers and suppliers, personal data on commercial transactions (sales, purchases, payments, etc.), contact details for these processes as well as information on the reports we are carrying out.
In summary, we ask for as much information as we need in order you to enjoy a distinct buying experience, consistent delivery of the products you ordered, secure payment of your order and personalized service based on your needs and preferences. Legal bases for maintaining and processing a file with your personal data from INART are your explicit and free consent (GDPR Article 6 (1)(a)), which is granted by voluntarily filling in your personal data, the performance of your contractual obligations (GDPR Article 6 (1)(c)) and the legal interest of INART (GDPR Article 6 (1)(f)).
1.2 Access and Use of Your Personal Data.
Any personal data you declare anywhere on the pages and services of the www.inart.com websites are strictly for the sole purpose of dealing with us, improving the service provided, and ensuring the operation of the relevant service, and not may be used by any third party (except as provided by the Law to the competent authorities). INART may not share your personal data with others without your consent, unless this is legally required.
Please be advised that under certain conditions permitted or required by law or judgment, the collection, use, and disclosure of your personal data collected online without your consent.
In any case, the employees of INART who have access to your personal data are specific and unauthorized access to your personal data is prohibited. Only authorized employees have access to information of your transactions and only when necessary, e.g. to handle your requests. The company requires its officers and website maintainers to provide their users with the security level mentioned in this privacy statement.
In cases where INART uses third parties to support its systems and for the uninterrupted operation of some electronic services (datacenter, hosting, etc.) special reference is made to the relevant service contract and the company ensures the confidentiality. Third-party recipients of your personal data may be INART Partners (Controllers) who undertake the task of implementing and supporting INART's products and services and may therefore use some of the information you provide us to provide these services. There is always a contractual relationship between INART and its associates, with the necessary confidentiality commitments and appropriate organizational and technical measures to protect personal data. In the shipping company with which we cooperate, we will disclose the name, surname, phone number and place of products’ consignments you have indicated in order to send them to the correct recipient, always ensuring the contractual obligation of the shipping company to ensure the protection of confidentiality and your personal data. In addition to the disclosures described in this Privacy and Data Protection Policy, we may share information about you with third parties if you give your free and explicit consent. INART does not provide your personal data to recipients residing outside the European Union or the European Economic Area. In addition, personal data you provide to us may be disclosed to the Personal Data Protection Authority in the event of a breach of your personal data.
Confidentiality is self-evident. The same basic principles governing classic transactions also apply to e-commerce. All information transmitted by the user / member to INART is confidential and INART has taken all necessary measures to use them only to the extent necessary in the context of the services provided. For your own security, you should also handle all information provided through the service as confidential and not make any disclosure to third parties.
1.3 Basic Principles of Processing Your Personal Data.
- Your personal data processing takes place in a lawfully, fairly and transparent manner
- The collection of your personal data is only for defined, explicit and legitimate purposes
- The collection of your personal data is sufficient and relevant
- Personal data is accurate and up-to-date
- Personal data that are not accurate are rectified and erased
- Personal data is kept confidential and stored securely
- Your personal data will not be shared with third parties unless it is necessary to offer them services on a contractual basis
- In case of a breach of your personal data, INART will notify the incident without undue delay to the Personal Data Protection Authority, and when necessary to you as well, and will take all reasonable measures to prevent / limit you further damage.
1.4 Duration of processing your personal data.
When processing is required as an obligation under provisions of the applicable legal framework, your personal data will be stored for as long as required by the relevant provisions. When processing is performed under a contract you have entered into with us (eg ordering, selling), your personal data will be stored for as long as it is necessary to perform the contract and to establish, exercise, and / or support legal claims based on the contract. For marketing purposes, products and services promotion, your personal data is retained until the Opt-out of your consent, which can be done by you freely at any time. So if you have previously registered to the Newsletter of INART, giving your consent to send informational and promotional emails, you have the opportunity to Opt-out and unsubscribe from the mailing list either in your profile or as a link deletion of e-mail sent by INART. If you have created an account on our website, your personal information, without prejudice to your right to request their erasure, it will not be deleted automatically after the execution of your contractual obligation, in order to offer you a more complete picture of the markets and your preferences on INART's products as well.
1.5 Your Rights.
INART respects and safeguards all rights derived from the GDPR in relation to the protection of your personal data. In particular, you have the right to be informed at any time by INART about issues related to the way, purpose, duration of your personal data processing, and how to exercise your rights.
Your rights under the GDPR are as follows:
Right to information:
You have the right to be informed about our identity or our representatives identity and contact details, the contact details of the Data Protection Officer (DPO), the purposes of the processing for which the personal data are intended, and the legal basis for the processing, the recipients or categories of recipients of the personal data. Under the principle of transparency governing the operation of INART, you can contact us by asking for further information on how your personal data will be processed and how to exercise your rights by submitting the appropriate requests. Your requests will be answered without delay and in any case within one month of the receipt of the request. This period may be extended by a further two months if necessary, taking into account the complexity of the request and the number of requests.
Right of access:
You have the right to be aware of and verify the legitimacy of the processing and ask us for copies of the personal data processed. So, you have the right to access the data and get additional information about how to process them. You also have access to more specific information about the content and how to exercise your individual rights.
Right to rectification:
You have the right to consider, rectify, update or modify your personal data.
Right to erasure:
You have the right to request the erasure of your personal data when we process them based on your consent or in order to protect our legitimate interests. In all other cases (such as, for example, when there is a contract, the obligation to process personal data required by law, public interest), this right is subject to specific restrictions or does not exist as the case may be (for example, we are entitled to refuse to erase your personal data in order to establish, exercise or support our legal claims).
Right to restriction of the processing:
You have the right to request restriction on the processing of your personal data in the following cases: (a) when you contest the accuracy of your personal data and until it has been verified, (b) when you object to the erasure of personal data, c) when personal data are not needed for the purposes of the processing, however, they are required by you for the establishment, exercise, defence of legal claims, and (d) when you object to the processing and until it is verified.
Right to object:
You have the right to object at any time to the processing of your personal data where, as described above, it is necessary for the purposes of legitimate interests we seek as controllers, as well as for processing for direct marketing purposes. In particular, you have the right to oppose any decision taken solely on the basis of automated processing, including profiling, which produces legal effects affecting you or significantly affecting you. Exceptionally, you cannot object to the automated decision making that concerns you when that decision is either necessary for the conclusion or performance of the contract we have entered into with you, or is based on your explicit and free consent.
Right to portability:
You have the right to receive your personal data free of charge in a format that allows you to access, use, and edit them with commonly used editing methods. You also have the right to ask us, if technically feasible, to transfer the data directly to another controller. Your right to do so exists for the data you have provided to us and is processed by automated means based on your consent or performance of a relevant contract.
Right to complain to the Personal Data Protection Authority
In the event of a breach of your personal data you have the right to file a complaint with the Personal Data Protection Authority (www.dpa.gr): Telephone Center: +30 210 6475600,
Fax: +30 210 6475628,
To report problems with the operation of the website or to make any inquiries or to exercise your rights do not hesitate to contact with INART via the website www.inart.com or by e-mail to firstname.lastname@example.org .
1.7 Third-party websites.
This Data Protection Policy applies only to the website www.inart.com and does not cover links to other websites, and therefore, the information collected by the parties owning and controlling such websites, or the use of their Cookies.
- 2. The security of our e-shop.
INART is committed to ensuring the security and integrity of the data it collects in relation to the users of www.inart.com . INART has adopted procedures to protect your personal data that are either submitted to the website or provided by telephone. These procedures protect your personal data from any unauthorized access or disclosure, loss, misuse or destruction. They also help to verify that these items are accurate and are used correctly. This security is achieved by the following methods:
2.1 Customer Recognition.
The codes used to identify you are two: Entry Code (E-mail or username) and the Personal Security Password, which each time you enter them give you access with absolute security to your personal information.
You have the ability to change your Personal Security Password and your e-mail address as often as you like. The only person who has access to your information is you through the above codes and you are solely responsible for maintaining the secrecy and hiding it from third parties. In case of loss or leakage, you must immediately notify us, otherwise INART's online store is not responsible for the use of the password by an unauthorized person. For security reasons, we recommend that you change your password at regular intervals and avoid the use of the same and easily detectable codes (e.g., birth date). We also recommend that you use not only letters and numbers but also symbols and password creation.
2.2 Ensuring the Privacy of Your Personal Data Transfer.
To ensure the confidentiality of data transfer, we use the SSL-128bit encryption protocol. The system has been certified by ESET, which specializes in transaction security issues.
2.3 Controlled Access (Firewall).
Access to INART (servers) systems is controlled by a firewall, which allows the use of specific services by customers / users, while prohibits access to data systems and databases with confidential data and company information.
The INART system first decrypts the information it receives using the same key (pre-defined at the start of your connection to the service) and then processes them. INART systems send you information by following the same encryption process.
Encryption is essentially a way of encoding the information until it reaches its intended recipient, which will be able to decode it using the appropriate key. When ordering and if the user / customer is logged in with their username and personal code at the INART online store, all communication between your computer and INART systems is encrypted using a 256-bit key. That is, every time you send information to the system, your browser encrypts it first using a 256-bit key and then sends it to the system.
The INART system first decrypts the information it receives using the same key (pre-defined at the start of your connection to the service) and then processes them. INART systems send you information by following the same encryption process. At any point of the www.inart.com website you enter personal data (password, addresses, phones, credit cards, etc.) there is SSL encryption 256 bits.
By providing your consent, you declare responsibly that you are over 16 years of age. If you are under 16, you can use our website and its services only with the participation and approval of a parent or guardian.
- 3. Updates and changes.
Unfortunately, no security system is guaranteed 100% safe. Therefore, we do not take responsibility for access, alteration or loss of your personal data, which is due to external factors beyond our sphere of influence or for reasons of force majeure. By using this website, or by providing personal information to us in any way, you agree that we may contact you electronically with regard to security, privacy and administrative matters relating to the use of the Site by you.