Privacy Policy

PRIVACY POLICY AND GDPR COMPLIANCE

We treat the protection of your personal data with responsibility and believe that your data should only be collected and processed when absolutely necessary. Therefore, the website shop.soulshan.com has been designed with the appropriate operational and internal systems and complies with European legislation regarding data protection (Regulation 679/2016 EU – GDPR). This Policy has been adopted by the company under the name “SHOULSAN LTD“, with the distinctive title SOULSHAN.COM, which is legally represented by Soula Sofokleous. The headquarters of our company is located at: Eleftheriou Venizelou 29, Paphos, Cyprus,  VAT number 10250992R, which is the controller of the personal data you provide us. Our company is responsible for protecting you every time you use shop.soulshan.com either as a simple user, as a consumer-buyer, or as a Member and to inform you of all the information you need, in accordance with articles 12 , 13 and 14 of the new GDPR applicable from 25 May 2018 at the European level.

  1. What personal data does SOULSHAN LTD collect and what are its processing purposes?

Personal Data is any information that refers to you, or can be attributed to you. Our company may collect simple personal data, such as name, surname, postal code, city, country, telephone, mobile, as well as data of a technical nature, such as email, IP, username, e-mail password our shop etc., which it processes according to what we analyze below. In the event that we receive your personal data belonging to a special category (e.g. data related to your state of health), we undertake to process it even more carefully and only after your express consent, or in a manner permitted by the relevant legislation .

We may collect your data either over the phone (e.g. placing a phone order), online (e.g. registering as a member, placing an online order), or in person (e.g. if you visit our store) in accordance with the following :

In the event that you call us also solely for the purpose of proving your telephone communications and/or orders, the telephone calls received and made by our call center are recorded, a fact which is legally notified to you as soon as you call us and before you give us any of your personal information.

In particular, SOULSHAN LTD collects and processes the following personal data and information about you:

1.1 Browse the Website – Cookies

Like most websites, so is he, by browsing on shop.soulshan.com, your registration as a Member in our Online Store, your registration in the Newsletter Service, the submission of a purchase order in our Online Store, collects and processes personal data and information about you, either through cookies or directly from you who provide them to us.

Google AnalyticsWe also use Google Analytics (GA) to track user activity. We use this data to determine the number of people who use our site,to better understand how they find and use our website and to see their progress within the site.

Although GA records data such as your geographical location, your device, your web browser and your operating system, none of this information is made personally known to us. GA also records the IP address of your computer, the which could be used to identify you, but Google does not give us access to it. We believe that Google is a third party data processing provider, as mentioned below.

Also, with your explicit consent, we may analyze your usage behavior on our website to provide you with personalized information. The evaluation of the usage behavior includes in particular the sections of the website in which you stayed and the links that you activated (eg shopping cart). With this information we create user profiles that are classified by person and / or e-mail address, in order for the advertising offer, especially in the form of newsletter, advertising messages on the website and print advertising, to better adapt to your personal interests and to improve online our offers.

Cookies: For your navigation in the Website / Online Store, your registration is not required, in which case the direct provision by you to us of your personal data or other information that concerns you. However, the Company during your browsing of the Smile Pharmacy website and your transaction with us through our services, collects personal data and other information about you through our own Cookies (First Party Cookies) or third parties with whom we cooperate (Third Party Cookies), which data we may use for advertising and promotion purposes, for statistical purposes, for market research purposes in order to optimize our products and services, profiling, to measure the effectiveness of the website, to improve and upgrade it its content, its adaptation to the demand and needs of the Users, as well as to measure the effectiveness of the presentation and promotion of Smile Pharmacy on third party websites.

In addition, they are used by us for your connection to your Account, for the storage of products stored in your cart, for your connection to your Account without the need to open a new account every time you want to make a purchase in the store us, to identify problems on our server etc.

Cookies are small text files that are temporarily installed on your computer or electronic device and transmitted to our server when you visit Smile Pharmacy, through the browser you use. None of the Cookie files used on the Website collects information and is not aware of any document or file on your computer.

The information that cookies collect for the above purposes may include the type of browser you are using, the type of computer, its operating system, the web service providers, the sites you visit and the links to third party websites. that you may select through our Website, the products and ads you see, the IP address of your PC accessing our Website, User Name, User ID & Password, operating system and browser settings, demographics for you such as gender, age, place of residence and your other shopping habits and online behaviors.

By browsing the Website and making purchases through our Online Store, you consent to the processing by Smile Pharmacy of the information it collects from you using the Cookies. You can, however, edit your preferences through the special settings of our site for Cookies.

1.2. Member Registration – Account Opening

During the Member registration process, Smile Pharmacy collects the personal data that Users voluntarily declare during their registration as Members of our Online Store, in order to open an Account. In particular, in this case we collect the email and password, name, surname, address, postal code, city, which are encrypted, as we analyze below. The above personal data is used by our Company in order to open an Account through which you can see the history of your transactions, while at the same time you give your consent by providing this information to the Company to keep the password, in order to allows you to access your Account each time you log in to it with your password.

If you are under 16 years old, you MUST have your parents’ consent before registering at www.smile-pharmacy.gr.

1.3. Subscribe to the Newsletter service

We will not send you any Newsletter, for any purpose of advertising or promoting our products, unless you choose to subscribe to our Newsletter service. If you register, Smile Pharmacy will collect your e-mail address (e-mail) and will send you informative material regarding the products of our Online Store of SOULSHAN LTD, any offers on products, gift-checks and points, advertisements regarding products, commercial collaborations etc. a.

If you choose to participate in our email newsletter, the email address you submit to us will be forwarded to MailChimp who provide us with marketing services. We consider MailChimp  to be a third party data processor, as noted below. The email address you submit will not be stored in the database within the website or in any of our computer systems.

Your email address will remain in the MailChimp database for as long as we continue to use the MailChimp  services for our email marketing or until you expressly request to be removed from the list.

In the event that you do not wish to receive SOULSHAN LTD Newsletters and promotional material in general, you may at any time request removal from our list of recipients, either in accordance with the instructions provided in the Newsletter or by submitting a request to address info@shop.soulshan.com From the emails sent to you by our Company within the Newsletters service, through cookies, the Company records the percentages of messages you receive from us during the Newletters sending service and the number of clicks on specific links.

If you are under 16, you MUST have your parents’ consent before subscribing to our email newsletter.

1.4 Purchase of Products from the Online Store SOULSHAN

In order to complete and execute each online order, whether you choose the market as a regular visitor or as a Member of SOULSHAN, it is necessary for you to provide your personal information, which mainly concerns the payment preferences, your contact details and the place of delivery. of your products. Our Company uses this data for the execution of the contract between us, ie for the execution of your order with the sale of the products and their delivery to the address you state to us, as well as for the payment on your behalf. By providing your personal information at the stage of the order and for the execution of the contract between us, we will send to the e-mail that you have given us the notification of receipt and execution of the order by the transport company with which we cooperate. We can also use both your e-mail and your phone to send you a message in case we have a problem in the execution of your order or to be contacted by the employee of the transport company who will deliver the products to you in in case of any problem or for any other communication with you or notification

1.5. Credit card payment

If you choose the credit card for the payment of the product (s) you buy from Smile Pharmacy, you must provide us with the type and number of card, expiration date, CCV for the purpose of payment, filling in all the necessary fields in the (secure) order form. We accept credit cards . Transactions in our Online Store via card are protected by top online security systems and in particular transactions are completed through the JCC Payments Gateway , ensuring a secure trading environment. SOULSHAN processes your card details exclusively for the completion of the transaction, ie for the repayment for the purchase of the products from our online store. We do not store the card number, so for every purchase in our online store that you wish to pay by credit card, you will have to re-declare your card details. In this case, you are redirected to a payment service provider’s website. Your credit card details are managed securely and at your own risk by the payment service provider, as we provide below. 

If you choose to complete a transaction through Paypal, you are automatically transferred to the Paypal environment, which manages your payment. We do not share your account information or passwords.

  1. Legal basis for processing your data

As can be seen from what we have already described, we never process your data without this processing being necessary and based either on 1) the execution of a sales contract between our company and you as a customer, or 2) on our legitimate interests in maintaining it. our relationship with you as our customers, or 3) in your prior consent to receive updates on the activity and products of our Company.

More specifically, our Company will in no case receive from you more personal data than necessary for each purpose it collects, nor will it disclose your data to third parties, unless this is absolutely necessary for the execution by of a service, the provision of which you have requested and is related to the contract of sale between us, (eg delivery of product) or processing by a third party is necessary for the purposes of our legal interests (eg credit check) or if you have previously given your consent, and / or when required by law (eg to execute a court decision, prosecutor’s order, etc.).

Finally, our Company does not sell, rent or transfer your personal data to third parties, with the exception of the application of relevant legal dictates and to the competent authorities only, as well as does not collect and process personal data of minors, unless it has the explicit consent of their parents.

  1. Recipients of your data

SOULSHAN LTD may transfer the personal data it collects about you in accordance with the terms hereof, to third parties, but always under conditions that fully ensure that your personal data is not subject to any illegal processing, ie other than the purpose of the transfer and always in accordance with Smile Pharmacy’s prior written agreement with them. These bodies are always carefully selected by us and comply with the relevant legislation. In addition, your data may be transmitted to countries within the European Economic Area where all security requirements are met. In the event that we need to transfer your data outside the EEA, this will only be done in accordance with international security requirements and with a view to maximum protection of your data.

The data kept in our file may be disclosed to the competent judicial, police and other administrative authorities upon their legal request and in accordance with the applicable legal provisions. In addition, in case of a legal order, service order or official preliminary examination, the Company has the right to make the relevant data available to the respective service.

In particular, we may transmit your data in accordance with the following:

  • At Google, as mentioned above, especially for using Google Analytics, & Google Adwords for Goodle Display ad network and Google Search network
  • At Mailchimp, according to what we have already mentioned above, especially for the provision of Newsletter services.
  • At Paypal, to complete the payment of your orders, according to what we describe above.
  • On Facebook for displaying targeted ads if you are a user of the respective application and accept the corresponding terms.

All of the above bodies are based in the USA and are in accordance with the transnational agreement known as EU-US Privacy Shield.

  • In advertising companies and advertising service providers in general: SOULSHAN LTD does not disclose personal data without the consent of the subjects. However, SOULSHAN LTD may share with third party advertising providers statistical information regarding the products purchased, demographics, data regarding the technical characteristics of the mobile devices used for the access of the Users to our Online Store, etc., from which can not be identified.
  • To third parties who provide SOULSHAN LTD services related to the operation of the Online Store such as developers, data analysts, suppliers, providers of data security services and information of the subjects, strictly for the purpose of processing their services to us.
  • In service providers for hosting our customer database, technical support and management.
  • To data security service providers.
  • In companies providing security services and / or space monitoring, through the use of external security systems (eg cameras / CCTV).
  • To credit institutions, to access our platform and complete your order directly from these credit institutions, as we have already described.
  • To transport companies, for the delivery of your order
  • To Special Successors: Should SOULSHAN LTD undergo a business change, such as a merger, Joint Venture, acquisition by another company, or sale of all or part of its assets, it may transfer all User information and data, including personal information to the successor body. If there are significant changes to SOULSHAN LTD privacy practices as a result of the business transition, SOULSHAN LTD will notify you before your personal data is transferred.

SOULSHAN LTD informs you that the above categories of recipients of your personal data and information are the processors on our behalf in accordance with the new Regulation and therefore as such do not process your data beyond the above purposes of transmission and always act in accordance with our explicit orders and instructions.

In any case, the employees of SOULSHAN LTD  who have access to your personal data in accordance with the above, are specific and properly trained, while unauthorized access to your data is prohibited.

  1. Conservation Period

Your data will be kept in our database only for as long as we have a contractual or legal right or it is necessary to keep it. Since this cannot be determined in advance, the retention period may vary from User to User. In the event that, for any reason, our contractual relationship is terminated, we may retain some of your data for as long as is still required (eg if the product you purchased is covered by a warranty) and in any case until the limitation period of any of our relevant claims has passed.

Of course, all data we hold about you will be deleted if you choose to delete your SOULSHAN Account or if you ask us to do so, unless we have to keep all or some of it for a longer period of time. by law (eg with respect to sales tax receipts to you) or to safeguard your vital interest (eg health-related reasons).

However, if you simply request the deletion from our newsletter, your data will be deleted directly by the respective email distributors (eg MailChimp). Also, when you visit our online store without registering as a member (guest visitor), some of your data (eg IP address) may be stored in our database for up to 6 months (eg for reasons related to any defect possibly identified in a product or any other problem that may arise with your transaction). While we may retain your information for a period of time necessary for the operation of our company, we will never contact you without your express consent or without it being absolutely necessary for the execution of any of your orders or for the confirmation .

As we describe below, fully respecting the special features of some of our products that you can buy, your previous orders are given access to our database only to those employees / partners who are necessary for the execution and completion of each order, while we encrypt the data of those customers who bought us online without being registered users, according to the above.

Finally, according to the law, the logs from the security cameras are deleted from our systems every 15 days, unless an incident of violation has been detected or unless otherwise required by law, in which case they may be kept for longer periods of time.

  1. Your rights

 

We are committed to enabling you to exercise all your rights under the GDPR, ie the rights to update, access, correct or delete your data and restrict processing.

In any case you want to exercise any of your rights regarding any personal data we hold that you can contact SOULSHAN LTD in writing by email info@shop.soulshan.com You can make a request to us for free access to your data, however depending on the amount of data that SOULSHAN LTD holds for you, we may charge you the cost of our Company providing information about your data or any other information we hold about you.

In case you wish to delete your Account, or not receive our newsletters or other advertising actions, you should contact us again at tel. +35722331692 or email info@shop.soulshan.com and we will do the necessary as soon as possible.

  1. Security of your Data

Once SOULSHAN LTD receives your information, security procedures and measures are activated to prevent unauthorized access to it.

Save Files in Physical Format: Our company can keep files in physical, paper form, which contain your personal data (such as contracts, invoices, consent forms, etc.) We keep these files in locked areas that are protected by locks and which are accessible only to those our employees or associates are needed for purposes described in their employment contract. Finally, for the destruction of physical files we use a document destroyer, in order to exclude the possibility of anyone gaining access to them, without being authorized by us.

Online Storage: Some of your personal information will be stored in the database of the websites we maintain. We have implemented classified access to files containing personal data in our network, which is protected by VPN (Virtual Private Network). Based on this graded access, special passwords are required which are provided only to those employees or associates who are required to access these files. Our network is also protected by antivirus protection and firewall.

File Transfer: All web traffic (file transfer) between this site and your browser is encrypted and transferred via the 128-bit SSL protocol. Encryption is essentially a way of encrypting information until it reaches its intended recipient, who will be able to decrypt it using the appropriate key.

Electronic Communication: The data that will be sent to us by email are protected through the SMTP (Simple Mail Transfer Protocol) protocol. Our SMTP servers are protected by a TLS security protocol (sometimes known as SSL), which means that e-mail content is encrypted using 2-bit SHA-256 encryption before being sent over the Internet. The contents of the e-mail are decrypted by our local computers and devices. In addition, our e-mail platform is hosted by Microsoft using Office 365, which is fully compatible with the GDPR.

Card Details: In addition, we do not store your card details that you use over the web. Your card details are not visible at Smile Pharmacy, as you are automatically transferred to a secure banking environment to complete your order. At the same time, you should take every possible measure to prevent third parties from gaining access to your account, such as not disclosing your password.

We will report any illegal breach of this website or any third party data processing entity to all parties directly concerned, as well as to the authorities, within 72 hours of the breach, provided that the personal data stored is obvious. in recognizable form, have been stolen.

  1. Changes to the privacy policy

This privacy policy is subject to change from time to time in accordance with legislation or industry developments, without notice. That’s why we invite you to check this page regularly.

  1. Contact Us

 

Before you browse the Website or make any transaction with us, such as subscribing to the Newsletter Service, opening a Member Account or purchasing from our Online Store, we invite you to consult this Policy and make sure that you agree to the terms and conditions set forth. we collect and process your personal data.

However, in case you wish any clarification or information regarding the terms of this Policy, or you have any disagreement, reservation or question, you can contact our Company at tel. +35722331692, or by sending an email to info@shop.soulshan.com