Oneanddone.gr

Find us at: Panagiotou Anagnostopouloy 19, Athens, Greece

Free shipping for purchases over €150

Menu

PERSONAL DATA PROTECTION POLICY 
 
 
Update
 
From May 25, 2018, the new General Data Protection Regulation 2016/679 of the European Parliament and the Council (commonly known as GDPR) has been in effect, enhancing the protection of personal data across the European Union. This Regulation was incorporated into Greek law by Law 4624/2019 (29-08-2019). The company "ONE AND DONE O.E." operating under the trade name "ONE&DONE", respects your personal data and, through this Privacy Policy, informs you about how it protects the confidentiality of your communications, as well as how it collects, processes, uses, and stores your personal data. It also outlines how you can contact us if you wish to object to the processing of your data or to exercise your legal rights. Our company reserves the right to amend or update this Policy whenever deemed necessary. 

We collect personal data solely for purposes directly related to our business activities and in order to fulfill your orders. We handle this information with great care and responsibility.
 
Principles of Data Processing 
 
We ensure that we collect only the personal data strictly necessary, appropriate, and relevant for the purposes for which it is intended. In this context, during the processing of your data, we follow the principles outlined below:
• Subject to this Privacy Policy, we do not disclose your personal data to third parties without your consent, unless required by law or permitted under our contractual relationship.
• Your data may be processed in order to: (a) execute our contractual obligations, (b) improve customer service and ensure the quality of our services, or (c) comply with legal obligations. We maintain full transparency in our processing activities.
• We limit the use of your data strictly to the purpose for which it was collected.
• We process your data only to the extent that it is appropriate and relevant to the intended purpose.
• We use only the minimum necessary data to achieve the processing objective (data minimization).
• We retain your personal data only for as long as necessary.
• We keep your data updated for the purposes for which it was collected, and we take appropriate steps to promptly delete or correct it when required.
 
Who Collects Your Personal Data?
 
The Greek company operating under the trade name "ONE&DONE" is the data controller of the personal data you provide to us and is responsible for ensuring the security of your data in accordance with applicable data protection legislation.
 
Types of Data – Sources of Collection – Purposes – Legal Basis for Processing 
 
The types of personal data we collect and process from you are directly related either to our contractual relationship or to the services and/or products you choose to receive from us.
 
What Personal Data Do We Collect? 
• Contact details, such as: first name, last name, address, email address, phone number, and postal code.
• Account information, including: first name, last name, address, email address, phone number, postal code, date of birth, gender, city, country, and username.
• Information regarding your payment history. (Please note that payments are processed through a secure banking environment, and we do not have access to your banking details.)
• Order information
• Purchase history
• Delivery history
• Activity log information, provided you have consented to the use of relevant cookies  
• IP address
• While navigating our website www.oneanddone.gr we may also collect: Internet Protocol (IP) address, on-site navigation data, service and preference information, user-generated content
• Data related to electronic communications under the terms and conditions of this Privacy Policy, in order to respond to your inquiries and requests, to improve our services, and to contact you directly with information that may be of interest to you.

 

 
What Is the Legal Basis for Processing Your Data?
We process your personal data because it is necessary for:
• the performance of the contract for the sale of goods
• our compliance with legal obligations
• the pursuit of our legitimate interests
As a general rule, we rely on your consent as a legal basis only for processing related to the sending of direct marketing communications via email. You have the right to withdraw your consent at any time. Where your consent is the only legal basis for processing, we will cease processing your personal data once it has been withdrawn.
 
We collect your personal data, as appropriate: 
 
before or during the conclusion of our contract or the performance of our contractual obligations, when you access and use our website, when you contact us by phone, during the provision of services, and when handling complaints. We may also collect your data from various sources with your consent and always in accordance with the applicable legal framework. Specifically, the data may originate from: information you choose to share with us directly within the context of a contract, our trusted partners, provided they have confirmed they have a lawful basis to share such data with us, publicly available information—either provided by you or lawfully collected by others. Such data is always relevant, appropriate, and not excessive in relation to the purposes listed below. It is kept accurate and is updated or revised where necessary. Your data is retained only for the period required to fulfill the purpose of its collection and processing and is deleted upon the completion of that purpose.
 
Why Do We Collect and Use Your Personal Data? (Purpose of Processing)
 
We Collect and Use Your Personal Data:
 
– To manage your online purchase, including processing your orders and returns via our online services and sending you delivery status notifications or alerts in case of any delivery issues.
– To process your payments.
– To handle complaints regarding our products.
– To provide you with various payment options.
– To identify you and verify that you are over 16 years old.
– To improve your shopping experience and the quality of our services.
– To send promotional emails about new products, special offers, updates, or other information we believe you may find useful, using the email addresses you have provided.
– – To manage and analyze our customer base (purchase behavior) in order to enhance the quality, variety, and availability of the services we offer.
– To conduct customer satisfaction surveys.
– For promotional purposes, at your request, and to communicate with you regarding our services and products, to enhance your service experience, to fulfill a legal or contractual obligation, and to send you informational newsletters with tips and articles related to our services.
– To provide proof of our commercial transaction with you.



Data Retention Period 
 
Your personal data is retained in order to fulfill the purposes set out in this Policy, and upon your request, we can remove all the information we hold (unless a longer retention period is required by applicable law).
 Additionally, our company may retain personal data after the fulfillment of the collection and processing purposes for use: before tax, social security authorities, auditing bodies, any other public authority, or competent court, for the statutory limitation period provided by law in each case or for as long as we consider necessary to safeguard our rights and legitimate interests.
After the retention period expires, your personal data is deleted from our files and systems in accordance with our company’s policy and always provided that their retention is no longer required for the fulfillment of the purposes mentioned.
 
Who else has access to your personal data – Third-Party Data Recipients: 
We do not share your personal data with third parties, except when it is necessary for the completion of your order (e.g., partnering courier companies or payment providers), or when required by law.

 

 
Your Rights Regarding the Protection of Your Personal Data
You have the following rights:
a) You have the right to know which personal data concerning you is held and processed by the company "ONE AND DONE O.E." operating under the trade name "ONE&DONE", as well as its origin. (right of access)You can request at any time to receive information about the personal data held about you. The company will gladly provide this information via email.
b) You have the right to request the correction or completion of your personal data to ensure they are accurate and complete, (right to rectification)by providing any necessary documents proving the need for correction or completion.
c) You have the right to request the restriction of processing of your personal data in certain cases. (right to restriction of processing).
d) You may refuse or object to any further processing of your personal data held by the company "ONE AND DONE O.E." operating under the trade name "ONE&DONE(right to object) We will no longer process your personal data, unless we can demonstrate legitimate grounds for the processing that override your interests, rights, and freedoms, or there are legal claims. Furthermore, you have the right to object to direct marketing, including profiling for direct marketing purposes. You have the option to opt-out of direct marketing.
e) You have the right to request the deletion of your data from the records of the company "ONE AND DONE O.E." operating under the trade name "ONE&DONE" ανά πάσα στιγμήat any time, unless there is a pending order not yet shipped to you or an outstanding debt owed by you to the company.  (right to erasure / “right to be forgotten”).
f) You may request the company "ONE AND DONE O.E." to transfer the personal data you have provided to any other data controller. Whenever our company processes your personal data, you have the right to receive a copy of that data in a structured, commonly used, and machine-readable format, as well as to request their transmission to another party. This applies only to the personal data you have provided. (right to data portability).
g) You can withdraw at any time the consent you have given.
h) You have the right to refuse automated processing, including profiling.
 
How you can exercise your rights: 
If you wish to exercise any of the above rights, please contact us using our contact details or log in to your personal account where you can update your data or unsubscribe. If you believe that our company is processing your personal data incorrectly, please contact us.
Our company will respond to each request within one month from the date of receipt. After informing you, this period may be extended on a case-by-case basis if necessary, taking into account the volume and complexity of the requests. Any possible refusals of your request will be justified.
Our company reserves the right, if your requests do not meet the legal requirements, either to impose a corresponding fee considering the time needed to carry out the requested action, the internal communication costs, and any possible related notification, or to refuse to proceed with your request.
To fulfill your request, we may ask you for additional information to confirm your identity.
 
How we protect your data:
We do our utmost to safeguard your Personal Data. We use secure protocols for communication and data transfer, and we take all appropriate organizational, technical, physical, electronic, and procedural security measures. Our security measures include data encryption, regular cybersecurity assessments by all service providers that may handle your personal data, security checks protecting our entire technological infrastructure from external attacks and unauthorized access, as well as internal policies that define how we ensure the protection of your data and train our employees. Although we make every effort to protect your information, we cannot guarantee absolute security. Nevertheless, we are committed to notifying the relevant authorities in case of any potential data breach. We will also inform you if there is a threat to your rights or interests. We will do everything possible to prevent a data breach and assist authorities if such breaches occur. The company processes data exclusively by authorized personnel assigned for this purpose, who are bound by strict confidentiality obligations.
 
User Obligations on Websites 
By using the Websites and providing your personal data, you acknowledge that you are obligated to provide true, accurate, and complete information as requested by our Company. You may update our company at any time regarding any changes to this information so that it remains current and accurate. By using the websites of the company "ONE AND DONE O.E." operating under the trade name "ONE&DONEyou confirm that you are over sixteen years old. If you are under sixteen years old, you must refrain from any use of the Websites and from providing any personal data without the consent of the person exercising parental responsibility. The company bears no responsibility for any violation of the above obligations.
The company may delete, verify, supplement, or modify the information you provide based on information lawfully collected from third parties and will inform you accordingly.
You have the option to unsubscribe or withdraw your consent from any processes and actions that process your data at any time you wish.
 
Cookies and Other Technologies We Use
 
Our company’s website uses “cookies” so that each time a user connects to the website, it can retrieve information from them and provide the user with related services. The installation of “cookies” by us is only permitted with the user’s consent and after appropriate notification.
 
Why We Use Cookies 
We use cookies to make your browsing experience easier and more enjoyable. During your visit to the website, cookies from third-party services may be stored on your computer for purposes such as: statistical analysis related to website traffic and navigation (analytics), social media or other forms of internet marketing and website promotion (Facebook, Instagram, etc.), corporate promotion in the form of video playback (YouTube, etc.), business location services via maps (Google Maps, etc.), and updating corporate, financial, statistical, or other types of data (PDF, Excel, Word, etc.).
 
Cookies We Use::
 ▪ Strictly Necessary Cookies: These are essential for you to perform certain important actions on our website, such as logging in. These cookies do not collect any personal information.
▪ Functional Cookies: They provide functionality and make using our services easier.
▪ Analytics Cookies: Used to identify how our website and services are used and how effective they are.
▪ Advertising Cookies: Used to deliver advertisements that are relevant to you and your interests. Additionally, they help limit the number of times you see the same advertisement. Often, targeted or advertising cookies are linked to website functionality provided by another organization.
 
 
 Information Breach 
In the event that we detect a data breach, we will notify the Data Protection Authority within 72 hours in accordance with the provisions of the Data Protection Regulation.
 
International Jurisdiction and Applicable Law 
 
Any dispute arising in connection with this data policy shall be subject to the jurisdiction of the courts of Thessaloniki, and the applicable law shall be Greek law.
 
Contact 
 
For any further information or requests regarding this data protection policy,, you can contact us at info@oneanddone.gr or by phone at +30 210 3600004.

Καλώς ήρθες στο ONE&DONE

Γίνε μέλος της λίστας μας και κέρδισε 10% έκπτωση στην πρώτη σου παραγγελία.

Γίνετε οι πρώτοι που θα μάθετε για προσφορές, εκπτώσεις και πολλά άλλα.

en_US
el en_US
Scroll to Top