We take the protection of your personal data seriously and believe that your data should only be collected and processed when absolutely necessary. Therefore, the website https://monstercarsparts.com/ has been designed with appropriate operational and internal systems and complies with European legislation regarding data protection (Regulation 679/2016 EU – GDPR).

This website is a tool for selling car spare parts or repair services of the company under the name KOLLIAS XAPALAMBOS – Retail trade of spare parts and accessories, based in Mykonos, in the area of ​​Agios Lazaros, ZIP code 84600.

This Privacy Policy sets out the basis under which the company KOLLIAS XAPALAMBOS – Retail trade of spare parts and accessories is legally represented (hereinafter, company), collects, uses, discloses or otherwise processes personal data.

With this Privacy Policy, we aim to make it easier for you to understand what information we collect and why we collect it. We have also taken steps to improve our Privacy Settings Checklist and other controls we provide to help secure your data and protect your privacy.

Nothing is changing about your settings or how we process your information. Instead, we have improved how we describe our practices and how we explain the choices you have to update, manage, export and delete your data.

We are making these updates as the General Data Protection Regulation (GDPR) comes into effect across the European Union. The General Data Protection Regulation (GDPR), designed to harmonize privacy laws across Europe, improves transparency rules on how companies describe their data processing. We are making some necessary updates to our Privacy Policy and taking this opportunity to make improvements for our website users.

Responsible for processing your personal data

Name: KOLLIAS XAPALAMBOS
Address: Agios Lazaros
City: Mykonos
P.C.: 84600
Tel: 698 296 9004

Email address: https://monstercarsparts.com/en/contact/. This e-mail address is being protected from spambots. You need JavaScript enabled to view it.

Our company manages the above website in its entirety, which has been designed with the appropriate operational and internal systems and complies with European legislation regarding data protection (Regulation 679/2016 EU – GDPR).

This Policy has been adopted by our company, which is also the controller of the personal data you provide to us. Our company is responsible for protecting you every time you use the website and informing you of all the information you need, in accordance with articles 12, 13 and 14 of the new GDPR, which applies from May 25, 2018 at the European level.

Personal data collected by our company

Personal Data is any information that refers to you, or can be attributed to you. Our company may collect simple personal data, such as (indicatively) name, surname, email address, telephone number and VAT number and Tax Office (if the issue of a T.P.Y. is required) as well as data of a technical nature, such as email, which is processed in accordance with what we analyze below.

In the event that we receive your personal data that belongs to a special category (e.g. data related to your health status), we are committed to processing it with even greater care and only upon your express consent, or in a manner permitted by the relevant legislation.

Contact data: When you wish to contact our company, you provide us with your name, surname, email address and telephone number.

If you are under 18 years of age, you MUST have your parents’ consent before contacting the company.

Your above personal data is used by our Company in order to contact you after you submit a relevant request. We may collect your data either by telephone (e.g. your telephone contact), or online (e.g. your registration on the electronic communication platform), or physically (e.g. if you visit our office) in accordance with these terms of use and this statement, as well as the data protection statement which is available at the company’s headquarters – our office.

We may also use both your e-mail and your telephone number to send you a message in case we encounter a problem when communicating with you.

Our company collects, maintains and processes personal data of its associates, employees, such as name and surname, residential address, date of birth, identity number, VAT number, etc., for the purpose of executing the employment contract, executing payroll and in accordance with the requirements of the relevant labor and tax legislation.

Also, our company may from time to time receive CVs of our potential partners, where they provide us with personal information about them, professional qualifications, work experience, etc. We collect this data, updating it whenever necessary, always observing the appropriate organizational and technical security measures and for as long as is necessary for the execution of the contract between us or if this is justified in view of our possible future cooperation.

Location Data and Online Data: Like most websites, this one, when you browse the website, collects and processes personal data and information about you, either through third-party sources or directly from you who provide it to us.

The collection and processing of your personal data and information about you is carried out on the one hand for purposes directly related to the services you request and offer us and/or for the purposes for which you have granted us your consent and always in accordance with applicable laws and regulations regarding the protection of personal data. We retain your personal data for as long as necessary to provide you with our services, and we retain some of them in accordance with our legal obligations as detailed below.

When you browse the website, the latter collects and processes personal data and information about you, mainly directly from you who provide it to us. Also, there is no automated way of collecting data, cookies, etc. When you browse the website. Our website does not maintain a database of users, so there is no encryption. For your navigation on our aforementioned Website, your registration is not required, so your direct provision to us of your personal data or other information concerning you is not required.

The above data and information that you provide to our Company is used for advertising and promotion purposes of its products and services, statistical purposes, for market research purposes in order to optimize our services, to measure the effectiveness of the website, to improve and upgrade its content, to adapt it to the demand and needs of visitors, as well as to measure the effectiveness of the presentation and promotion of our company on third-party websites.

In addition, email service providers (as described below) may use cookies that enable them to track and record visitors’ interests, and in these cases we refer to “performance” or “functional” cookies. These cookies and other similar tracking technologies are primarily used to track user behavior for analytics purposes.

Email service providers may use other similar technologies from time to time, such as web beacons, pixels (or “cleargifs”) and other tracking technologies. These are tiny graphic files that contain a unique identifier that allows providers to recognize whether someone, in the case of web beacons, has opened an email sent to them.

Email service providers may automatically place single-pixel gifs, known as web beacons, in each email message sent to you. These are tiny graphic files that contain unique identifiers that allow them to recognize when you have opened an email message or if you have typed in specific hyperlinks. If you wish to enable or disable the use of cookies from your browser settings, depending on your browser, visit the following websites to learn about the necessary relevant actions.

–Internet Explorer

–Firefox

–Chrome

–Safari

–Safari for iPad and iPhone

In the event that users of our company’s website are directed to third-party websites via special links (links, hyperlinks, banners), our company is not responsible for the terms of management and protection of personal data that they follow.

Purposes of collection and processing of personal data by our company

Information-promotion purposes: We collect the aforementioned communication data for the purpose of promotion regarding the company’s products and services.

In addition, the data is collected for communication with the company and its employees (in person, by phone, via email, sms, social media, etc.), sending promotional emails and newsletters (newsletters, etc.), sending sms for informational purposes, promotional activities of our own (our company) and third parties (contracted with our company), invoicing and other tax or other reasons by law.

Analysis purposes (analytics): Occasionally, we may collect the aforementioned location data and online data, in order to obtain information for our informative and promotional material.

Legal basis for collecting and processing data by our company

Consent: In order to process your personal data as described above, we rely on your consent. You can withdraw your consent at any time by contacting us at the details provided at the beginning of this.

Contractual Relationship: Our company collects personal data in the context of the performance of a contract between a company and a customer.

Legal obligation: We do not sell, share or rent your personal data to third parties unless you have given us your consent (see above) or are required by law. We may disclose your personal data in the event that such disclosure is necessary for the establishment, exercise or defense of legal claims, whether pending before the judicial authorities or not or in an out-of-court procedure (e.g. conducting a credit check), but always under conditions that fully ensure that your personal data is not subject to any unlawful processing. Our company does not collect or process personal data of minors, unless it has the express consent of their parents. Our company will under no circumstances receive from you more personal data than is necessary for each purpose for which it collects it.

Recipients of your data

Our company may transfer the personal data it collects about you, in accordance with the terms of this, to third parties, but always under conditions that fully ensure that your personal data is not subjected to any unlawful processing, i.e. other than the purpose of the transfer and always in accordance with a prior written agreement between our company and them.

These entities are always carefully selected by us and comply with the relevant legislation. In addition, your data may be transferred to countries within the European Economic Area, where all security requirements are met. In the event that we need to transfer your data outside the EEA, this will only be done in accordance with international security requirements and with a view to maximum protection of your data.

Also, your data may be processed by employees of our company, however, the employees who may process your personal data are appropriately trained. The data kept in our file may be communicated to the competent judicial, police and other administrative authorities upon their lawful request and in accordance with the applicable legal provisions. Furthermore, in the event of a legal order, official order or official preliminary examination, the Company has the right without any other right to make the relevant data available to the relevant service.

In particular, we may transmit your data in accordance with the following:

• To Google, as already mentioned above, in particular for the use of Google Analytics services or for promotional actions (re-marketing)
  The above entity is based in the USA and is in accordance with the intergovernmental agreement known as EU-U.SPrivacyShield. It collects statistical data of a general nature and there is absolutely no personalization of the user of the website (number of views, browser, mobile or computer device, region/country of the visitor).
• To service providers for hosting the database, technical support and management of the siteTo third parties who provide the site with services related to its operation, such as developers, data analysts, suppliers, data security service providers and data subjects’ information, strictly for the purpose of processing their services to us.
• Service providers under contract, who assist in parts of the business’s operations (e.g. marketing, technology services).
• To credit institutions, for access to our platform and the completion of your order directly from these credit institutions, as we have already described.
• To email and newsletter and telephony – sms service providers. Service providers may have access to the personal data required to fulfill their obligations and are not permitted to share or use this information for any other purpose. These providers are bound by written confidentiality and non-disclosure clauses and have adequate guarantees for the security of your personal data.

We may transfer and process your personal data worldwide to places where processing activities take place. Currently, the systems (servers) where your personal data are stored are primarily located in the United States of America. This means that your personal data may be transferred to, and/or processed in, the United States.

Any transfer of personal data by us to third countries (including the United States) will only take place to countries that have data protection laws that provide an adequate level of protection as interpreted in accordance with European data protection law.

To the extent that international transfers of personal data occur, we will seek and obtain assurances that any information we may transfer is adequately secured and in accordance with this Privacy Statement and the requirements of applicable data protection law.

• To data security service providers.
• To accountants and tax professionals with whom our company collaborates to fulfill its tax and financial obligations.
• To a company providing security services, given that there is a security camera and alarm system installed in our company’s premises.
• To specific successors: In the event that our company undergoes a business change, such as a merger, JointVenture, acquisition by another company, or sale of all or part of its assets, it may transfer all User information and data, including personal information, to the successor organization. If significant changes occur in our company’s privacy practices as a result of the business transition, our company will inform you before transferring your personal data.
• To group companies, when notification is deemed appropriate for the provision of the company’s services.
• To public authorities: In cases where we believe disclosure is necessary in connection with efforts to detect, prevent, or take action regarding illegal activity, suspected fraud, or other harmful action, we may share your personal data with the relevant public authorities. Your data is also shared with public authorities for tax purposes.

Our company informs you that the above categories of recipients of your personal data and information are processors on our behalf and therefore as such they do not process the data in any way beyond the above purposes and always act in accordance with our explicit orders and instructions.

In any case, the employees and external partners of our company who have access to your personal data and information are specific and appropriately trained, while access to your data by unauthorized persons is prohibited.

Rights of the personal data subject:

We are committed to providing you with the ability to exercise all your rights, in accordance with the GDPR,

More specifically, you have the right to:

• to be informed about the processing of your personal data;
• to gain access to the personal data concerning you;
• to request the correction of incorrect, inaccurate or incomplete personal data. You can check and update any inaccurate personal data.
• You can also request to complete your personal data if it is incomplete.
• to submit a request for the deletion of personal data when it is no longer necessary or if the processing is unlawful. You can ask us to delete any of your personal data that is no longer necessary in relation to the purposes for which it was collected or in cases where you have withdrawn your consent.
• to object to the processing of your personal data for marketing purposes or for reasons relating to your particular situation;
• You can withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of the processing that took place on the basis of consent for the period before its withdrawal.
• to submit a request to restrict the processing of your personal data in specific cases. You can ask us to restrict the use of your personal data if such use is unlawful, or if you consider that your personal data is no longer necessary for the above purposes.
• to receive your personal data in a structured, commonly accepted and machine-readable format and to ask us to transfer these data to another controller without any objection from us.
• to submit a request so that decisions based on automated processing, concerning you or significantly affecting you and based on your personal data, are made by natural persons and not only by computers. You also have the right in this case to express your point of view and to contest the decision.
• Right to lodge a complaint with the Data Protection Authority
• Right to a judicial remedy against a legally binding decision of the Data Protection Authority
• Right to a judicial remedy directly against the controller or processor, in case you consider that your rights deriving from the Regulation have been violated, as a result of the processing of your personal data
• Right to compensation for any person who has suffered material or non-material damage as a result of a violation of the Regulation, directly by the controller or processor, for the damage suffered.

In any case, if you wish to exercise any of your rights regarding any personal data held by us, you may contact our company in writing at the above email and contact number. You may submit a request to us for free access to your data, however, depending on the volume of data that our company holds about you, we may charge you the cost of our Company to provide information regarding your data or any other information that we hold about you. Our company will respond to your requests without undue delay and at least within one month.

For any obstacle to complying with your request, we will inform you of the reason. You may be asked to provide information to confirm your identity in order to exercise your rights.

These rights apply throughout the EU, regardless of where the data is processed and where the company is based. These rights also apply to goods and services offered by companies based outside the EU but operating in the EU.

In the event of a breach of your personal data, our company, in compliance with the obligation to notify the breach to the Data Protection Authority, has the appropriate means to notify, if possible within 72 hours of becoming aware of it, the case of a breach of your personal data that may cause a risk to your rights, while in the event of a delay in notification beyond the above deadline, this will be justified.

If you are a parent of a child under the Age Limit of 18 and you become aware that your child provides personal data to our company, please contact our company in the above-mentioned manner and you may request the exercise of your applicable rights. If we become aware that we have collected personal data from a child under the age of 18, we will take reasonable steps to delete the personal data.

Retention period of your data

The communication data is stored for five (05) years, expressly subject to any obligations under applicable legal provisions, while your revoked consent for a period of five (05) years, expressly subject to any obligations under applicable legal provisions.

It is noted that your data will be retained in our database only for as long as we have a contractual or legal right or it is necessary to retain them, even if this exceeds the aforementioned duration. Since we cannot determine this in advance, the retention period may differ from visitor to visitor.

In the event that, for any reason, our contractual relationship is terminated, we may retain some of your data for as long as is still required (e.g. in the event of a tax obligation) and in any case until the statute of limitations for any of our related claims has expired.

Of course, all data we hold about you will be deleted if you ask us to delete your data from our database, unless we are obliged to keep all or some of it for a longer period of time by law (e.g. regarding tax receipts for services provided to you) or to protect your vital interests (e.g. for reasons related to your health).

Although we may keep your data for a certain period of time necessary for the operation of our business, we will never contact you without your express consent or without this being absolutely necessary for the execution of an order or for its confirmation.

Data security of the personal data subject:

Once our company receives your information, security procedures and measures are activated to prevent unauthorized access to it. We are committed to protecting our users’ information and implement appropriate technical and organizational measures to protect the security of your personal data. However, please note that no system is ever completely secure.

The security measures that our company has taken are as follows:

Storage of Files in Physical Form: Our company may keep files in physical, paper form, which contain your personal data. We keep these files in secure areas protected by locks and to which only those of our employees or partners who need to have access for the purposes described in their employment contract have access.

Storage of Files in Electronic Form: Some of your personal information will be stored in the website database which is maintained by a specialized software management technician, as well as in the database (server) of our company. The e-mail accounts of info@ifeelmediagroup.gr are in “Thunderbird”, protected by the measures taken by Microsoft for “Office 365” and additionally controlled by the “FortiMail-FortiGuard” server (antivirus, antispam, etc. fortiguardservices). Also in the network (LAN/WAN) there are “FortinetFirewalls” (NGF) installed, while we have set passwords, which are provided only to those employees or partners who are required to have access to these files via the internet. all applications on the company’s computers are “Microsoft Office 365 BusinessPremium”, and the e-mails are “Ms Outlook”. Also, since the company is a member of a group, the connection to the central electronic systems in Cyprus is via “Remote Site VPN connection” to “Fortinet Firewalls”.

File transfer: Our company has access to the website database (server) via passwords (admin) which are provided only to those of our employees or partners who are required to have access to these files via the internet.

Card Information: In addition, we do not store the details of your cards that you use at our company headquarters. At the same time, you must also take every possible measure to prevent third parties from gaining access to your account.

We will report any illegal breach of the database of this website or the database of any third party data processor to all directly interested parties, as well as to the authorities, within 72 hours of the breach, if it is obvious that personal data stored in an identifiable form has been stolen.

Privacy policy changes

This privacy policy may change from time to time in accordance with legislation or industry developments, without prior notice. We therefore invite you to regularly review this policy, as your continued and uncomplaining use of the site implies your acceptance of any changes to it.

Right to complain to the competent authority

You have the right to file a complaint regarding the way we process your personal data with:

Hellenic Data Protection Authority (HDPA)

Postal Address: 1-3 Kifissias Ave., 115 23 Athens, Greece

Tel.: +30 210 6475600

Fax: +30 210 6475628

Email Address: contact@dpa.gr

Applicable Law – Adjudication

These terms and any amendments thereto are governed by Greek Law. Any provision of the above terms that is contrary to law shall automatically cease to be valid and shall be removed from this, without in any way affecting the validity of the other terms. The courts of Athens shall be competent for any dispute that may arise.

Contact us

Before browsing the Company’s Website or making any transaction with us, we invite you to consult this Policy and ensure that you agree with the terms and conditions under which we collect and process your personal data.

However, if you would like any clarification or information regarding the terms of this Policy, or have any disagreement, reservation or question, you can contact our Company, based on the above contact details.