Our company, www.corifashion.com, takes all necessary measures and ensures the lawful collection and processing of personal data, as well as their safekeeping in accordance with the conditions stipulated by the legislative framework concerning the protection of individuals with regard to the processing of personal data, in line with the European Regulation on the Protection of Data (EU) 2016/679 (GDPR).
This data processing notice explains how we collect personal data through our website and how we process this data.
Customer Personal Data Collection and Purpose
In every project we undertake for our customers, we request personal information only when it is genuinely necessary, in order to provide the most comprehensive and personalized service. The personal data we process includes the following: full name, position/role, email, phone, and work address of the contact persons, as well as the legal representatives of the respective individuals or legal entities. The collection of the above data always takes place in accordance with the applicable legal framework and with your knowledge and consent. Additionally, we inform you at all times why we collect the data and within which context we will use it.
The specific personal data is stored in our internal contact management system, accessible exclusively by the permanent collaborators of our company. This data is used for the following purposes:
- • Communication with the project manager during the execution of the project assigned to us. The data controller for customer information is www.corifashion.com.
- The data controller for customer information is www.corifashion.com.
- The data controller for customer information is www.corifashion.com.
The data controller for customer information is www.corifashion.com.
Personal Data of Third Parties used during Project Execution
During the execution of a project, it is possible that we come into possession of personal data of third parties, which are necessary for the design or development process of a website (e.g., photos and brief bios of company personnel for whom the website is being constructed).
All personal data provided to www.corifashion.com by the customer for the execution of the project is given with the explicit consent of the data controller, which is the customer, to www.corifashion.com, the processor of the data. The data controller must have obtained the necessary consent from the data subjects before transferring the data to www.corifashion.com and must have properly informed the data subjects regarding the data processing.
In every project contract we sign, the above roles and respective obligations are explicitly specified.
Personal Data of Third Parties Stored on Our Web Server
One of the services we offer is website hosting (web hosting). We provide hosting for most of the websites we build, but we also offer hosting for websites built by third parties.
On these websites, potentially, personal data of third parties may be stored (e.g., customer information for an online store). The specific personal data stored on each website and the processing activities differ for each website we host and are determined by the respective owner of each website.
In the websites we host, the data controller for personal data is the respective website owner. www.corifashion.com acts as the data processor, performing processing on behalf of the data controller. The main processing performed by www.corifashion.com is the storage of data on our server, for which we are responsible. Any additional processing is carried out only after obtaining explicit written instructions from the data controller.
The hosting contract we sign contains detailed terms regarding the protection of personal data.
Who Can Access Your Personal Data
For the purpose of providing our services, we often collaborate with external partners who provide specialized services (e.g., photography, copywriting, communication strategy, system management, etc.).
During the execution of their tasks, our external partners may need to process some of your personal data mentioned above.
The external partners selected by www.corifashion.com also comply with the requirements of the GDPR and the protection of your personal data. In our contracts, they are designated as processors acting on behalf of www.corifashion.com or the final customer and are bound by the same terms as our own company.
For each project, we communicate in writing to the client which partners will be involved in the project so that they are aware of the processing that each will perform according to their assigned tasks.
Where your personal data is sent.
For the purposes of providing our services, the information we collect may be stored and processed only within the European Union. In the event of data transfer to third countries, we will implement the necessary measures to ensure that your personal data remains safe and protected, in compliance with the applicable data protection laws.
Retention Period of Personal Data
The retention period of your personal data will depend on the purposes for which they have been collected and used, in accordance with legal obligations to retain data for a minimum and necessary period of time to fulfill our contractual obligations. We delete your data once they are no longer necessary for the aforementioned purposes.
Please note that specific uses may be subject to legal restrictions arising from Civil, Tax, Economic Law, etc., regarding the mandatory retention period of data, and deletion may not be allowed as long as the legal obligation persists.
In case you wish to exercise any of the above rights or withdraw your consent, please contact us at info@corifashion.com or using the company’s contact information provided below to exercise your rights.
How we protect your personal data.
Our company implements appropriate technical and organizational security measures to protect the personal data we collect, store, and use, ensuring their protection from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access by unauthorized persons.
To ensure the proper processing of your personal data that we retain, we take measures to secure the information systems under our supervision (web servers, local computers, mobile devices, recording, and management tools).
Our internal contact management tool is accessible only through the company’s local network and is available only to authorized users.
We follow best practices to ensure the integrity, confidentiality, and availability of information for all systems we maintain internally, and we ensure that all third-party service providers or hardware (added by the company) also comply with the regulatory framework and protection of personal data.
For the security of systems, we timely perform necessary upgrades at the operating system, software, and hardware levels. We use encryption for transmitting sensitive personal data and create strong and secure passwords for user accounts, which are securely stored in a dedicated access system.
When you enter sensitive information (such as login credentials) into our registration or order forms, we encrypt that information using Secure Sockets Layer (SSL) technology.
All employees and partners of the company receive ongoing training regarding the regulatory framework of the European Data Protection Regulation with the aim of respecting and protecting the personal data of our customers and using best practices when daily exercise of our work.
All employees and associates of the company receive continuous training on the European Regulation on Data Protection to respect and protect the personal data of our clients and use best practices in their daily work.
In case an unauthorized individual attempts to gain access to our website’s administration without permission, we retain the IP address in our log files. Since such actions are unlawful, we reserve the right to store and process this above-mentioned security log as necessary.
Your rights regarding your personal data.
You have the following rights:
- • Right to access your data.
- • Right to correct your data.
- • Right to restrict the processing of your data by us.
- • Right to object to any data processing.
- • Right to erase your data.
- • Right to data portability. You have the right to request that your personal data be transferred to another company.
You also have the right to file a complaint with the Hellenic Data Protection Authority, in writing (www.dpa.gr, tel. 210 6475600, fax 210 6475628, Kifisias 1-3, ZIP code 115 23, Athens) or electronically (email contact@dpa.gr) if you believe that we have violated any rules, following your complaint to our data controller. If you have any objections to the processing of your personal data or if you have already given consent to us and later wish to withdraw it, we will respect your wishes in compliance with our legal obligations.
Cookie Policy
Like most internet services, our website uses cookies to automatically collect user data, aiming to obtain statistical information about the number of website visitors.
Google Analytics
This website uses Google Analytics, one of the most widespread and reliable digital data analysis solutions, to help us understand how you use our website and how we can improve your experience. These cookies can track data such as the time you spend on this website and the subpages you visit, with the goal of continuously generating relevant and engaging content.
For more information about Google Analytics cookies, please refer to the official Google Analytics page.
Updates to the Privacy Policy
We may make changes to this privacy policy from time to time without prior notice. We encourage you to periodically review our Privacy Policy to stay informed about how we are committed to protecting your personal data. By continuing to use our website, you consent to the updated privacy policy.
