Information

Shipping/Delivery

Orders are shipped within 2-4 business days (Monday to Friday). National holidays and cases of force majeure are excluded. Remote areas are shipped in 3-5 business days.

Once the order has been shipped, you will receive an email with tracking information. If you have not received a shipping confirmation within a few days of placing your order, please check your spam folder. In case of any delay, we will contact you. Please note that we do not deliver to PO Boxes.

Time of day delivery cannot be supported. Comments to the courier company regarding specific delivery times are not binding, although an effort is made to satisfy them in the best possible way.

Shipping charges

GREECE

Shipments are made with ELTA Courier.
For purchases of any products, the customer is charged shipping costs of 2 euros (2.00).

General information

You can also choose collection from our store, without shipping and without a cash on delivery fee.

You can at any time be informed about the progress of your package by clicking on the link in the email you receive when we deliver your package to the courier company. (In case you do not receive your order confirmation email, you should check your spam folder.). To contact us please reply to the email info@alloufashion.com

For any delay in receiving your order, please contact us so that we can resolve any problem that may arise.

Payment is made before delivery of the products and can be made in one of the following way:

By debiting Credit or debit and prepaid cards through the secure environment of Nexi Payments Greece S.A.

All payments made using a card are processed through the electronic payment platform “Woo Commerce” and uses TLS 1.2 encryption with a 128-bit encryption protocol (Secure Sockets Layer – SSL). Encryption is a way of encoding information until it reaches its intended recipient, who will be able to decode it using the appropriate key

Payment method in the store by card and cash.

Contact:

ALLOU FASHION G.P.

11hs Noemvriou st. 24, 52100, Kastoria, Greece

Tel: +30 2467100355

www.alloufashion.com

REFUNDS

RETURN POLICY

In case you are not satisfied with your purchase, you reserve every right to return your order or part of it, within 14 working days from the date of delivery of the order.

REFUND CONDITIONS

– Returns are only accepted if the product is unused and in its original condition and its packaging has not been tampered with.

– The product must be accompanied by the relevant proof of transaction (Retail Receipt or Invoice – Shipping Note).

* In the event of unauthorized or unacceptable returns, Allou Fashion reserves the right to refuse the return and products will be returned to the shipping address of the original order.

RETURNS PROCEDURE

Before returning the products, please contact us via email at info@alloufashion.com
Then please pack the product with the packaging that was sent to you, to avoid damage during transport. Products must be returned in the original condition in which they were delivered to you and you must ensure that the products have not been altered or used.

The ways in which you can return a parcel are as follows: a) If in case you wish to exchange a product, the exchange will be done hand in hand with the new delivery from the carrier. b) You can go to any ELTA store or any other carrier of your choice and have your parcel sent to the address listed on our website.

ATTENTION: The costs of returning a product change concern the customer and not the company. Only if the product is damaged, you will not be charged for shipping.

In the event that the products are returned damaged or missing, the Online Store has the right to credit the customer only for the perfect products.

MONEY REFUND

As long as the return process is completed correctly and the return conditions are met, as described above, our company is obliged to return your money to you within 14 working days from the date of receipt.

Your refund is carried out as follows:

– On your debit / credit card, in case the payment of the order has been made through it.

– To the bank account you have sent to us via e-mail, in case the payment of the order has been made by cash on delivery. The additional initial cash on delivery fee (€2), the shipping fee (€2) and the bank transfer reservation are non-refundable.

This website (hereinafter for the sake of brevity “Website” ) of the company under the name “ALLOU FASHION OE” (11hs Noemvrioy 24, Postal Code 52100, Kastoria, tel.: 2467100355, email: info@alloufashion.com) [hereinafter for the sake of brevity “Company” or “We”] is used in accordance with the following terms and conditions (“Terms” or “Terms of Use”), which the visitors to the Website (hereinafter for brevity “You”) are required to carefully read, understand and accept before browsing.

WEBSITE TERMS & CONDITIONS OF USE

Your use of our Website implies your unreserved acceptance of them. If you disagree with the content of the Terms (original or modified/updated as above) you must not use the services and content of this Website.

The Company may at any time modify the Terms of Use at its discretion, so you need to check them regularly.

Continued use of the Website after any modification or update of the Terms means that you accept the modified/updated Terms of Use.

LIMITATIONS ON USE OF THE WEBSITE

I. The visitors/users of the Website owe during their visit and use:

• to be used only lawfully, exclusively for lawful purposes,
• to comply with the legislation governing telecommunications, including the rules of ethical online behavior (netiquette), if and to the extent that it applies to you;
• to act worldly and according to good manners.

II. You must additionally:

• not use our Website to send, share, publish, transmit, rebroadcast, reproduce or make available in any way illegal, threatening, abusive, violent, harassing, offensive or defamatory, suggestive or obscene content or content that is discriminatory (racial or otherwise another point of view),
• not use the Website to send, share, publish, transmit, retransmit, reproduce or make available in any way malware, viruses, potentially unwanted programs, etc.;
• not to infringe or jeopardize the patents, patents, logos, trademarks, copyrights, industrial property rights or other rights of third parties;
• do not use any software or hardware program, application or device or other means of any kind to destroy or modify the structure or services or functions of our Website, its design and format or its code, or attempt in any way take any of the above actions (attempt), nor facilitate in any way any third party to take them,
• do not provide third parties (or of course you yourself), through our Website, access to the Company’s computer and/or computer networks, nor use it as a means for unauthorized access (yours or third parties’) to networks or systems third parties,
• not to use the Website for illegal purposes or in an illegal and/or abusive manner nor as a means of illegal activity or for the commission of electronic fraud or other prosecuted and/or infernal acts;
  refrain from actions/use that could potentially damage or harm the Company or third parties in any way,
• not to restrict, prevent or prohibit the use of the Website by and/or to third parties.

DISCLAIMER – LIMITATION OF LIABILITY

I. The Company makes every reasonable effort to ensure, as far as possible, the continuous availability of the content of our Website and its uninterrupted use by its visitors and also tries in every reasonable way to always keep its information accurate and up-to-date Website and its content to be updated at all times.

Similarly, it takes all necessary measures to ensure that the Website does not present viruses.

However, the use of the downloaded software is the responsibility of the visitor/user and, therefore, it is your responsibility to ensure that the software used by your personal computing device does not contain viruses that could cause damage during upload.

The Company cannot guarantee that the content of the Website will be uninterrupted or error-free or that any errors that occur will be promptly resolved.

Nor can the Company guarantee that the Website or any other website to which it refers with links as mentioned below or the servers through which its content is displayed to you are finally operating without viruses.

Therefore, the Company bears absolutely no responsibility, under any circumstances, for:

any damage that may occur to the users/visitors of the Website while connecting to it, or to
damage during or because of their access to it, and/or from the use or non-use or improper use of the Website nor for
any loss, alteration or destruction of data or software or hardware during or after the use of the Website, nor for
any errors (bugs) or malfunctions of the program, likewise neither for
any omissions or delays in transmission from a computer or network connection, etc., nor for
any lack of availability or
not updating/updating the content of the Website in a timely manner.
All of the above are the responsibility of the visitors/users of the Website, who assume all the relevant risks and bear the relevant costs that may arise in such a case.

II. Banks and other electronic means of payment for the products you order and buy through our Website, as a registered user after creating a relevant account or as a visitor, are required to ensure a secure payment environment and any problems that may arise during payment are the sole responsibility of the said banks/agents, to whom you should address in such cases, as the Company is not involved or otherwise involved in the relevant transactions.

III. Any use by you of the information and the general content of the Website is solely at your discretion and discretion, solely at your own will and initiative and at your sole responsibility.

The content of the Website and all information contained therein is for your general information only and for making orders, purchases, etc. of our Company’s products.

Therefore, all such content and information shall in no way under any circumstances be construed by visitors/users as recommendations, solicitations, advice or inducement for any further act or action or omission of their own.

COPYRIGHT

I. The owner of the Website is the Company, which retains all copyrights in its content, from the time of its creation, as well as in any derivative works created based on it. These rights of the Company are protected by the relevant applicable Greek and European law.

II. Further, all logos, trademarks and/or other industrial property rights of the Website material belong exclusively to the Company, unless expressly stated otherwise.

III. Of course, there are works on the Website on which there are copyrights of third parties (e.g. images from the Internet, codes of content management systems, specific fonts and software programs used by the developer of the Website in accordance with the relevant licenses, etc. etc.), while for products or services mentioned on the Website under the brands or logos or distinguishing marks of third-party companies/entities/bodies, the said companies/entities/bodies are the beneficiaries.

But apart from these, all texts, graphics, illustrations, images, photos, drawings, videos, and in general all the original content of the Website, its design structure and image are the subject of intellectual property of the Company.

IV. The content of the Website is freely available to its visitors/users, but they are obliged not to modify or alter it and not to reproduce or further use it without the consent of the Company and then only with a clear and explicit reference to its origin, that is to say the content belongs to this Website and is the property of the Company.

Copying in any way for commercial purposes, making available, storing, integrating into other websites or systems, transmitting or distributing the content of the Website, in whole or in part or in parts, is absolutely prohibited, unless they are done with the prior written consent of the Company. They are likewise prohibited

V. For any question regarding intellectual property rights in relation to the Website, please contact the Company info@alloufashion.com

SUBSCRIBE TO COMPANY WEBSITE SERVICES

I. Website visitors/users can connect to the Company’s online services using codes they create themselves, after registering through the relevant page of our Website, in order to place orders and purchases from our online store.

II. They may also subscribe to the Company’s newsletters in order to receive our updates, offers or product catalogs and related communications.

Users can at any time request the termination of communication and object, in an easy way and free of charge, to the collection and use of their data by choosing to unsubscribe from the Company’s newsletters, which is provided to them in every relevant message sent to them, in a way clear and distinct.

III. For the registration of users, the Company does not request access to their other data, but only collects the necessary identification information and all the information required by law for the execution of orders and purchases and the appropriate completion of the relevant transactions (invoicing, shipping, delivery etc.).

IV. Users registered as above are solely responsible for any action taken through their account and must at all times ensure that their personal passwords are kept private, confidential and secure and not disclosed to third parties.

V. If any registered user discovers unauthorized access to his account and/or in general wants to contact the Company with any issue concerning the management of his account, please contact the Company directly (email: info@alloufashion.com).

PERSONAL DATA – COLLECTION AND PROCESSING WHEN USING THE WEBSITE AND VISITOR RIGHTS

I. This Website collects personal data every time the visitor/user registers for its services and/or fills in a data submission form and/or when using the Website.

This data includes his/her name, home or work address, email address, telephone number, occupation, Social Security number. and other billing and payment information of said registered user.

II.Also, in order for the user to be able to connect to the Website and to perform its basic functions, upon the visitor’s entry to it, the Company installs the necessary cookies (“trackers”) on the user’s device and automatically records in log files information from the electronic equipment he uses and, in particular, information related to his IP address, the date and time of his connection to the Website, the response codes of his server, the call parameters of the protocol https (https response), the URL from which you accessed the Website, the type of browser as well as the type of operating system used.

III. The Company processes the personal data of visitors/users of the Website for reasons related to its use as mentioned above (e.g. information, submission of communication requests, orders, making purchases, etc.), to improve the services provided and ensuring the operation of the respective service and/or on the basis of the user’s consent for the purposes of measuring the Website’s traffic and/or extracting statistical information to improve the services provided by the Website.

IV. The Company keeps said data confidential, processes it securely and takes all appropriate measures to protect it, observing the applicable legislation regarding the collection and processing of the above personal data of the users of the Website and with the application, use and installation of trackers and related technologies, it installs only the absolutely necessary cookies from a technical point of view and gives the visitor the opportunity to choose whether or not they wish to use further optional cookies (analysis, advertising, etc.).

V. Visitors have legal rights to access, withdraw consent, correct, complete, delete their data or limit their processing, transfer their data to another entity, object to the processing and complain, in case they consider that it is affected the protection of their personal data, to the Personal Data Protection Authority (

VI. For any issue related to the processing of their personal data, website visitors can contact the Company (e-mail: info@alloufashion.com), while more detailed information on the collection and processing of users’ personal data , the purposes and legal bases of the processing, the rights of the users, the recipients and the measures applied by the Company to protect them, can be found in the Privacy Policy/Declaration and in the Policy for the use of Cookies of our Company.

USE OF LINKS TO THIRD-PARTY WEBSITES (LINKS, HYPERLINKS)

I. Through the Website it may be possible to access other websites, of third parties, through links, hyperlinks, etc. (links, hyperlinks or advertising banners).

II. The use of these links is made exclusively for the convenience of the visitors/users of the Website and the links in question are not controlled by the Company, but by the aforementioned third parties – beneficiaries of the specific websites, which are subject to the respective terms of use of their third party beneficiaries.

Therefore, for any possible problem that may arise during the use of these websites or the users’ visit to them, they concern exclusively these third parties, who have the sole responsibility for their content and to whom they should be addressed users in any case.

III. The existence of the links on the Website does not mean nor imply nor should it be perceived or interpreted by users/visitors as approval, acceptance or in any way adoption of their contents by our Company.

IV. Users of our Website use the links on the Website and visit these third party websites at their own risk and assume, themselves, the relevant potential risks.

The Company has not inspected these websites, does not necessarily accept or provide any guarantee for their content or their services and does not accept any responsibility that may be invoked by a user/visitor of the Website from accessing these websites or from the collection personal data from them, nor does it certainly guarantee their availability. In addition, it is not responsible for the terms of management and protection of personal data that they follow nor for their legality.

FINAL TERMS

I. These Terms of Use, as well as any amendment or change or updated version thereof, are governed by applicable Greek and European law.

II. No modification of any of the provisions of the Terms of Use shall be considered or made a part of them unless in writing and incorporated therein.

III. If any of the Terms of Use should be considered contrary to the applicable legal framework or unenforceable or voidable, it will automatically cease to be valid without affecting the validity of the other terms of this text.

For any issue related to the operation of our Website, please contact the Company (email: info@alloufashion.com).

This declaration/policy (hereinafter for brevity “Policy” or “Declaration”) describes in detail the information that constitutes personal data of Users and which is collected and processed by the Company in the context of any possible interaction with it and during their visit on the Website, as well as the actions and measures taken by the Company to comply with the personal data protection legislation, in particular Regulation (EU) 2016/679 (hereinafter for the sake of brevity “General Regulation” or “Regulation” or “GDPR”) and Law 4624/2019 and any relevant applicable provision, decision, opinion, etc. of the Personal Data Authority (hereinafter for the sake of brevity “Authority” or “APDPH”).

DEFINITIONS

Company (or We): The company named “ALLOU FASHION O.E.”.

User (or Visitor or You): Any person who visits our Website and any person who obtains a member account to use the services offered.

Website (or Website): The “alloufashion” website, which, like all of its content, is fully and exclusively owned by the Company.

INTRODUCTION

I. Responsible for Processing is the Company “ALLOU FASHION O.E.”

Headquarters: 11hs Noemvriou st. 24, Postal Code 52100, Kastoria

Tel. 2467100355 / E-mail: info@alloufashion.com

II. Our Company firmly believes in the protection of personal data, protects them when and to the extent that it processes them and applies all the principles governing data processing by law. Specifically:

All data is processed lawfully and legitimately in a transparent manner.
The data is collected for specified, explicit and legitimate purposes and is not further processed in a manner incompatible with these purposes.
The data is appropriate, relevant and limited to what is necessary for the purposes for which it is processed.
The data is accurate and when necessary updated.
The data is kept in a form that allows the identification of the data subjects only for the time required for the purposes of the processing.
The data is processed in a way that guarantees its appropriate security.
III. Read this Statement carefully, in order to be informed about your personal data that the Company collects and how it uses and protects it, as well as about the relevant options and possibilities you have and the rights you can exercise by law.

IV. We review the Policy regularly to ensure that it is always up-to-date and accurate and to adapt to the requirements of relevant legislation. Please check the Policy regularly so that your information is up to date.

V. The Company does not provide services to minors, nor does it collect their personal data.

METHODS OF COLLECTION OF PERSONAL DATA

I. The Company collects your personal data, directly from you, in particular:

by your visit to the Website,
by registering on the Website (opening a user/member account),
when you complete and send us a contact form,
when you communicate with the Company by e-mail, telephone or mail,
by registering on the list of recipients of the Company’s newsletters,
when you purchase the Company’s products.
II. In addition, if the Visitor is already a customer or supplier or employee/partner of the Company, the Company has collected his personal data, directly from him, when opening a tab, with the first communication or order or purchase, during the application of him for work or by recruiting him respectively, or through third parties (e.g. by recommendation from another customer or supplier or employee, etc.).

III. During its transactions with customers/suppliers, the Company may also collect personal data from publicly accessible sources (e.g. G.E.MH or other business registers, reports, directories).

IN PARTICULAR THE DATA INVOLVING PROCESSING

I. The personal data of the Visitors/Users collected and processed by the Company are in particular the following:

Account creation / User registration – During account creation / User registration as a member, the Company collects:
full name,
contact details (full postal address, email address, telephone number),
Placing Orders / Shopping – During online ordering through the shopping cart available on our Website, the Company collects in addition to the above:
shipping / delivery details (full postal address),
invoicing information (A.F.M. / D.O.Y.)

[ Note: For purchases made through our Website we do not collect data related to the payment of the products, such as e.g. the bank account number, the credit or debit card number, your relevant security codes, etc.. If the User chooses “pay by card” the necessary payment card details must be entered on the secure website of the cooperating bank /payment gateway to which it will be automatically redirected to complete the payment (redirect).]

Service Improvement and Measurements – When you visit us online, as well as through the electronic messages we may exchange, if you consent to the use of the respective trackers (cookies), the Company may collect information:
about how the User uses the services, such as for example the type of content viewed or the frequency and duration of their activities;
regarding the devices or websites through which the User accesses the Website services, depending on the rights granted.
Connection to the Website / Operation of the Website – When the Visitor connects to the Website, login information is collected, such as:
the name of the mobile operator or Internet service provider (ISP);
the language and time zone of the browser,
the geographic location of the access device, but also its type (Google Chrome, Safari, etc.)
the IP address of the electronic device through which you access the Website;
while the absolutely necessary technical cookies are installed for the connection of the User to the Website.

[ The IP address is a number assigned to your electronic device every time you access the internet and for information security and system diagnostics purposes, this data is collected when you visit the Website.
Cookies are small information files that are stored on your computer’s browser. Websites can only access cookies stored on your computer. Any website that you have accepted to store cookies in your browser can only access its own cookies and not cookies from other websites. The use of cookies by the Company is done legally, based on the Policy for the use of Cookies. You can also find out about the relevant European guidelines at:

https://wikis.ec.europa.eu/display/WEBGUIDE/04.+Cookies+and+similar+technologies ]

II. If the Visitor is already an employee/partner of the Company, the Company has in particular collected identification information (name, surname, identification number, A.F.M., A.M.K.A.), contact information (full postal address, e-mail address, telephone numbers), date and place of birth, bank account details, marital status details, as well as information related to educational qualifications, professional qualifications, previous experience, recommendations, professional certifications, etc.

III. If the Visitor is already a customer or supplier of the Company, the Company has collected in particular information related to his name, contact details (mail address, e-mail address, telephone numbers), A.F.M. and other billing and payment information, status and/or job title.

PURPOSE OF PROCESSING PERSONAL DATA

I. The Company processes your above personal data for the purpose of:

Your identification as a natural person to create an account / register as a user/member of the Website’s online services (legal basis is art. 6 par. 1f GDPR), because the processing is necessary for the purposes of our Company’s legitimate interests .
The ability to submit orders and make purchases, their secure completion and the ability to inform you (legal basis is art. 6 par. 1b΄ GDPR), because the processing is necessary for the execution of the relevant contract between us.
The improvement of the services of the Website, the measurement of its traffic, with the correlation by the Company of the information it collects from the various devices of the User, as this contributes to the consistency of the services provided, the possibility of personalizing your online experience, the improvement of performance, usability and effectiveness of the Website and the evaluation of the connection to the Website / operation of the Website (legal basis art. 6 par. 1a’ GDPR), because you have consented to the processing (use of the corresponding optional cookies, etc. ).
Making the connection to the Website, performing its basic functions and its correct and efficient operation (installation of technically necessary cookies / collection of information related to IP addresses) [legal basis art. 6 para. 1f GDPR], because the processing is necessary for the purposes of our legitimate interests.
Sending our updates, promotional messages, offers, catalogs, etc. to the registered recipients of our newsletters [legal basis art. 6 para. 1a΄ GDPR], because you have consented to the processing.

II. For those Visitors who are already our customers or suppliers, the purpose of the processing is:

the fulfillment of our obligations as a supplier or their customer (submission of official written offers, issuance of sales documents, invoicing, shipment and delivery of products and billing/payment thereof respectively), in the context of the relevant transactions (legal basis art. 6 par. 1b΄ GDPR), because the processing is necessary for the performance of a contract between us, or
the Company’s compliance with its legal obligations (e.g. keeping tax records, issuing/paying invoices, receiving/shipping and delivering products as the case may be, etc.) [legal basis art. 6 para. 1c΄ GDPR], because the processing is necessary to comply with our legal obligation, in accordance with the applicable legislation and the requirements of the financial and other competent services (DOU, GIS – taxis, etc.), or
the submission or handling of complaints (legal basis art. 6 par. 1f GDPR), because the processing is necessary for the purposes of the Company’s legitimate interests.

III. For those Visitors who are our employees/partners, the processing of their personal data by the Company is done for:

the fulfillment of our obligations as an employer/partner (payment of salaries/remunerations, etc.), in the context of the respective relationships (legal basis art. 6 par. 1b΄ GDPR), because the processing is necessary for the execution of the relevant contracts , the
the Company’s compliance with its legal obligations (e.g. keeping tax records, reporting to competent authorities, etc.) [legal basis art. 6 para. 1c΄ GDPR], because the processing is necessary to comply with our legal obligation.

IV. The Company does not process special categories of personal data, except to the extent necessary (e.g. when an employee is absent due to illness, in which case the corresponding medical certificates are made available to us, etc.).

We process this data for reasons of our Company’s compliance with its obligations under the law, especially labor and social security law (legal basis art. 9 par. 2b’ GDPR) and to submit them to the respective competent authorities (e.g. . notice of sick leave).

If the Company ever needs to process other data that is a special category, e.g. health data, racial origin, trade union action etc., this will be done either because it is required by law or to protect the data subject against an emergency situation (legal basis art. 9 para. 2c’ GDPR), or because we have received your express consent in advance (legal basis Art. 9 para. 2a GDPR).

V. When the Company processes personal data as above for the purposes of pursuing its legitimate interests, it does not process such data if the interests of the subject prevail over its own. Also, the Company uses methods and technologies that are necessary and proportionate, as analyzed below, which it applies in the least intrusive way and with appropriate means so that there is a balance between its interests as a business and the fundamental rights and freedoms of the subjects .

VI. In cases where the Company processes data based on the consent of their subjects, these persons can at any time revoke / withdraw this consent. Then, the Company will immediately stop the processing, without affecting the legality of the processing based on their consent until the withdrawal.

RETENTION PERIOD OF PERSONAL DATA

I. As a rule, the Company keeps personal data for a maximum of one (1) year, unless it is required to keep them longer (e.g. until the statute of limitations expires, for tax record reasons based on the relevant applicable law, or to support legal claims of or against the Company).

When the Company processes personal data based on consent, the processing lasts only as long as the consent is valid, that is, until it is revoked.

II. The Company keeps your personal data only for as long as is necessary for the purposes for which it processes it and, while it keeps it, applies appropriate technical and organizational measures to protect rights and ensures its security and confidentiality with specific actions, which are analyzed below.

SECURITY AND MEASURES TO PROTECT PERSONAL DATA

I. Your personal data is not used for purposes other than those mentioned herein. As mentioned above, the Company only collects personal data that is absolutely necessary for the respective processing purposes. If and where additional information is required, or if in the future we need to process your personal data for a purpose other than that for which we collected it, you will be informed of that purpose and of any other relevant information, if that other purpose is incompatible with the initial.

II. The Company does not take into account your personal data for the purpose of profiling nor for automated decision-making.

III. The Company accurately maintains and updates/updates the database to ensure their security and protect them from any unauthorized or illegal access, processing, accidental loss, destruction or damage.

IV. The Company deletes the data securely when it is no longer necessary for the purposes of its processing.

V. The Company recognizes the importance of the security of personal data as well as electronic transactions and its related obligations and takes all the necessary and appropriate technical and organizational measures, using the most modern and advanced methods, right from the design and definition (“by design & by default”), in order to ensure the maximum possible security of the User’s data and to protect the integrity, security and availability of the data.

All information related to the User’s personal data is secure and confidential and their access is limited to authorized persons only.

Security is achieved by the following, in particular, methods:

Recognition
Two fields are used to identify the User [the Login ID (e-mail or username) and the Personal Secret Security Code (password)], which every time they are entered provide access to their account with absolute security.
The User is the only one who has access to his information through the above secret code and is solely responsible for maintaining its secrecy and concealing it from third parties. In the event of its loss or leakage, it should immediately notify the Company, which is not responsible for any use by an unauthorized person.
The Company recommends, for security reasons, that the User changes his password at regular intervals and avoids the use of easily detectable codes (e.g. date of birth or telephone number). It is also recommended to use, in addition to letters and numbers, symbols (eg $^*#@!_) when creating the password.
Securing the Privacy of the Transfer of Your Personal Data
To ensure the confidentiality of the data transfer, the SSL encryption protocol with an RSA key of 2048 bits (e 65537) is used.
In addition, all the backup systems we use have additional encryption (AES-256) before transmission to an approved cloud provider via an SSL connection as an additional data security measure. The backup providers we currently use to store data are: Company infrastructure.
Controlled Access
The Website is hosted and installed in Data Center infrastructures that have ISO 27001 security specifications and meet the requirements of the General Regulation and the relevant applicable data protection legislation.
Access to the Company’s systems (servers) is controlled by a firewall, which allows the use of specific services by users while prohibiting, at the same time, access to systems and databases with confidential Company data and information. The web hosting provider we use today is: Company
Encryption
Using special software, the Company’s electronic system first decrypts the information it receives before processing it. The Company’s systems send information following the same encryption process.
Anywhere on the Website you enter personal data (password, email, addresses, telephone numbers, credit card number, etc.) there is SSL encryption with an RSA 2048 bits key (e 65537).
Confidentiality of Transactions
Privacy is a matter of course for Us. All information transmitted by the User is confidential and the Company has taken all necessary measures to ensure that it remains secure and is used only to the extent necessary to fulfill the contract and provide the services.

VI. The User, in order to ensure the security of his data, should himself not proceed with any disclosure of these, nor the details of access to them, to third parties.

RECEIVERS OF PERSONAL DATA – PROCESSING OF PERSONAL DATA BY THIRD PARTIES

I. As a rule, we do not share or transmit your personal data to third parties and disclose them only to authorized personnel/internal partners of the Company.

II. Users’ data are stored on servers in Greece and are not transmitted abroad. However, the Company may store your personal data in the cloud. This means that your personal data may be processed by a cloud service provider on behalf of the Company and your personal data may be stored in different locations around the world. The Company uses organizational and technical measures to protect personal data and to impose similar, and in no way less restrictive, requirements / obligations.

III. We may share Users’ personal data with service providers, external partners and third parties, in accordance with applicable law. For example:

to competent authorities (e.g. tax authorities), if required by law,
to accountants/lawyers), to pursue our legitimate interests or to comply with our contractual obligations to you or to support our legal claims;
to transport companies, for the shipment and delivery of the products to you in execution of the contract between us,
to banks / financial institutions, to manage your payments,
to the company that has undertaken to provide us with technical support services for the Company’s computing/computer system, only if this is required for the provision of these services,
to our partners who have undertaken the management of the Website, only if this is required for the provision of these services.

IV. The Company discloses personal data only in compliance with this Statement and applicable legislation.

Where the Company relies on a third party to process personal data on its behalf (the processor), it selects a cooperating party that provides an adequate level and security measures and takes the necessary actions to ensure its compliance with them, and binds that third party party with corresponding data processing agreements.

The agreements with these third parties include limited purposes for which your personal data may be disclosed and processed and require them to take measures to adequately protect your personal data.

The processors in this case cannot further process your personal data, unless we have expressly instructed them to do so, nor pass your personal data on to third parties.

V. While browsing the Company Website, you may encounter links to other websites for convenience and informational purposes. These websites operate independently of the Company and have their own notices, terms and conditions statements, and privacy policies. We recommend that you read them to understand how your personal data is processed in relation to these sites, as we are not responsible for their content either because they are owned or operated by another company, or for the use or the privacy practices of those sites (see also our Website Terms of Use).

USER RIGHTS – POSSIBILITY OF COMPLAINT

I. The User has the possibility to:

information and access to his personal data collected and processed by the Company (i.e. receiving information and copies thereof),
restriction of processing on a case-by-case basis (e.g. when he disputes the accuracy of his data or while awaiting a response to any objections he may have regarding the legality of the processing purposes, etc.),
modification or correction or completion of any inaccurate or incomplete personal data processed by the Company,
deletion of his personal data on a case-by-case basis (e.g. if these are no longer necessary for the relevant purpose of processing or if they were processed in another way or when the User’s consent has been revoked and the Company has no other legal basis for processing or if the User has objected to the processing and there are no compelling and legal reasons for the processing by the Company or if it is processing them illegally,
withdrawing his consent to the processing of personal data,
objection to the processing of User data that the Company processes for direct marketing purposes or for the pursuit of its legitimate interests,
portability of his data to another person or to the User himself, when his data has been collected directly from him and the Company processes it based on his consent or for the purpose of concluding or executing a contract and the processing is automated.
II. After studying the relevant request and identifying the User, the Company will proceed within a period of one (1) month to satisfy it, provided that the request is legal and valid.

III. To submit the relevant requests, which are submitted free of charge, as well as for any question or to provide information related to the processing and protection of personal data by the Company, you can contact it by post (Address: 11hs Noemvriou 24, Postal Code 52100, Kastoria), by sending an email to the email address info@alloufashion.com.

IV. In case of non-compliance by the Company within the period of one (1) month as stated above, as well as in the event that you consider that the protection of your personal data is affected, you can file a complaint with the Personal Data Protection Authority (Kifisias Ave. 1-3, PO Box 115 23, Athens/ tel.: +30 210 6475600 / fax: + 30 210 6475628 / e-mail: contact@dpa.gr).

For the Authority’s competence and how to submit a complaint, you can also visit its website (www.dpa.gr – My rights – Submit a complaint), where detailed information is available.