PRIVACY POLICY

  1. About us
    This website with domain name https://the-skin-pharmacist.com (hereinafter the “website”) belongs to the company “IOULIA AND IRINI TSETI PHARMACEUTICAL LABORATORIES SOCIETE ANONYME INDUSTRIAL AND COMMERCIAL COMPANY” with the distinctive title “INTERMED S.A.”, having its registered office at num. 27, Kalyftaki street,Kifisia, Attica, P.C. 14564, with General Electronic Commercial Registry (G.E.MI.) num. 2333601000 and TIN 094420381, Tax Office Commercial Companies’ Athens Office, legally represented, with email intermed@intermed.com.gr and telephone 210 6253 905, contact hours: 07:30 – 15:30, (hereinafter the “Recipient or the Company“).

    We consider the protection of your personal data particularly important and we want you to feel good when you visit our website.

    The Recipient, in compliance with the provisions of the General Data Protection Regulation (EU 2016/679) and the national law 4624/2019 (hereinafter referred to as the GDPR) as well as the requirements of the Law on the Regulation of Electronic Communications and Postal Services of 2004 (112 (I)/2004), shall manage the Personal Data disclosed to it with the greatest possible attention, ensuring, in any case, the protection and privacy thereof.

     

    To this end, we disclose to you what is required by the Regulation and the national law on the protection of personal data that we process and store when you use our website, and how we use this data.

    As regards the hyperlinks it may include, since they are provided by third parties, this privacy policy shall not apply, but the privacy policy of each website shall apply.

    With this privacy policy, you are informed, and, where requested, you may or may not agree, to collecting, processing and using personal data by the Recipient, in accordance with the General Data Protection Regulation (GDPR) and the following terms of use.

    Please take the time required and read this protection policy carefully.

  2. Personal data processed

The Recipient shall collect and process Personal Data, namely information relating to a natural person that is identified or can be identified by this information, regardless of whether the identification can be done directly or indirectly. Processing of this data means any work carried out with regard to this data, whether automated or not.

Personal Data includes, for example, information such as name, home address, email address or telephone number, which can be used to identify a visitor of the Recipient’s website.

The Recipient shall legally process the Personal Data, as it collects and processes it exclusively for specified, explicit and legitimate purposes and only to the extent necessary to achieve these objectives. It shall ensure that the data it retains is accurate and kept up to date, seeking, to this end, the assistance of the data subjects, namely the natural persons to whom this data relates, and retains the data for the period of time necessary to achieve these objectives.

The personal data that you provide to us during your browsing on the above website or by participating in one of our competitions, shall be kept on a file under the responsibility of the Recipient.

Below we present the data we collect:

  1. A) During the visit and browsing on our website, the IP address (Internet protocol address) of your access computer, the website from which you visit us, the device identity or other device identifiers, the date, time, duration of the visit, the browser type, the browser settings, the location of the user and the operating system are captured.

This technical information may, in individual cases, constitute personal data. We limit data collection to what is strictly necessary, in order to achieve compliance with the data processing principle, which relates to the minimisation of data processing.

As a general rule, we use technical data, however, only to the extent necessary for technical reasons, for the operation and protection of our website and application against attacks and malicious use, and in a pseudonymous or anonymous form for statistical purposes.

  1. B) For the specific purposes of processing Personal Data, for which you provide us with data at your own free will, namely when you wish to contact us via email or if you subscribe as a subscriber for certain services and when you provide us with comments,it collects and processes the following information:

– Name

-Contact details ( contact phone number, home address, postal code, email address).

In case you provide personal data on behalf of a third party, you must have obtained the consent of the third party prior to disclosing his data to us. In this case, before these persons give you the above consent, you shall be required to inform about this privacy policy.

 

  1. Purposes of processing and their legal basis

 

The Recipient shall collect, process and use your Personal Data, especially when you visit its website, solely for the purposes of the services provided on the website and, in particular, to: a) check the website traffic b) improve the services that we provide to you through browsing on our website c) aim to your faster service, response to your requests and, in general, communication with you to the information you provide through your messages and requests, d) comply with the obligations imposed by the Regulation, e) fulfill our legal obligations and raise claims from them and f) protect the Recipient’s interests.

We would also like to inform you that in case of the acquisition of the whole or part of our website by another company, we shall share information with this successor company, from which we shall require to comply with our privacy policy.

The Recipient shall store and use your Personal Data, when you contact it via telephone or email or when you want to send us information in some other way and, therefore, you transfer your data to us, for this purpose.

In addition, we shall store and use personal data and technical information, to the extent that it is necessary to prevent and address any malicious use or other unlawful conduct on our website, e.g. to maintain data security in the event of attacks on our IT systems. Finally, we shall store and use your data, to the extent that we are legally obliged to do so; for example, in view of an official directive or a judicial or other decision of the Authorities, as well as to safeguard our rights and requirements, as well as for cases of our defense before the courts.

The processing of Personal Data is done, as the case may be, in accordance with the applicable law and this privacy policy, or in accordance with the consent given by you. In some cases, data is only used in a pseudonymous or anonymous form.

 

  1. Time and place of retention of your personal data

Your data is stored in the Recipient system, which is hosted on a server located in Greece. The server management is carried out using the appropriate methods, solely and exclusively by strictly limited personnel of the Recipient and the personnel of the server company.

We shall retain your data for the time necessary in order to complete the purpose for which we collected it; it is necessary for each specific purpose of processing. Different data retention time shall be applied depending on the purpose of the processing. When the storage period is over, the data shall be deleted accordingly.

In addition to the rules set by us, there are other periods for which we are required to keep a record. For example, fiscal data must be kept for a period of at least 5 years. These specific mandatory periods of data retention vary, depending on the applicable national law.

We should note that, even if you submit a request for the deletion of your data, we may retain some of it, solely by virtue of obligations imposed by law or to establish, exercise and support legal claims. In this case, the data shall not be used for any other purpose.

  1. Third parties to whom your personal data is transmitted

The Recipient may transmit this data to its associated companies, within the European Union, which shall process the data on behalf of the Recipient, as processors, solely for the purposes referred to in clause 3. When transmitting the data, the Recipient shall take all necessary security and confidentiality measures to ensure the highest possible level of security.

We shall never transmit your data to unauthorised third parties. To this end, in any case, prior to the transmission of any data to an associate company, we shall check that all data recipients must comply with the obligations to protect personal data and prove the level of security they provide with sufficient evidence.

The Recipient undertakes that these companies provide the required guarantees for the protection of Personal Data and take appropriate technical and organisational measures to ensure that the processing is lawful and ensures the protection of Personal Data and the rights of the natural persons concerned. Moreover, these companies have agreed with the Recipient not to send your personal data to third parties, without the Recipient’s permission. The Recipient declares that it has previously signed contracts with these companies, which include terms related to the adoption of security measures by them.

For example, the Recipient, in order to support its functions, shares your personal data with third party external service providers, such as with a cooperating IT application and infrastructure company or with its clients.

We process the data mainly in the European Union (EU) and the European Economic Area (EEA). None of the service providers we cooperate with reside outside the EU and the EEA.

  1. Data security

The security of your personal data is a key priority for the Recipient. We are committed to safeguarding your personal data. Therefore, we protect your data, stored in us, through technical and organisational measures, to effectively prevent their loss or misuse by third parties. In particular, our employees, who process personal data, shall be bound to observe confidentiality. To protect your personal data, the data is transmitted in encrypted form. In order to ensure the long-term protection of your data, the technical security measures shall be regularly monitored and, where necessary, adapted to the relevant prevailing technology standards.

  1. Social media

The Recipient has official accounts on the following social media:

 

Instagram

 

With the help of each of the above platforms, we collect and process some of your data (such as the username you use and your photograph). The purpose of this processing, whether done anonymously or not, is to provide information about our content or to communicate with you, by replying to the messages you send us. Your consent is the legal basis for this processing.

You give your consent by liking or following our pages and you can withdraw it just as easily, in exactly the same way (unlike, unfollow). This consent of yours shall entail acceptance of our privacy policy, which is set out in a visible and easily accessible point on each page. If you do not agree with our policy, you must withdraw your consent in an appropriate manner (unlike, unfollow).

In view of the above, the Recipient is considered jointly responsible, for the processing of your data, with the social media platform.

In order to ensure more complete protection of the rights of the persons who visit our social media pages, we strictly adhere to our obligations related to the protection of personal data.

In this context, we implement a series of appropriate technical and organisational measures, such as restricting people who have access to media management, in order to ensure secure data processing.

Moreover, on our website, it is possible to subscribe to the website of the Recipient, in order to occasionally send you various newsletters. In each newsletter you receive, you have the option to unsubscribe, with a relevant link at the end of the email, selecting the “unsubscribe” field. The Recipient shall reserve the right to delete any recipient from the newsletter lists without justification.

The Recipient and its associates shall make every effort to ensure the proper functioning of the newsletters, but it is always possible that technical or organisational problems may arise. For any issue that may arise and for any relevant information regarding the functioning of the newsletters, please contact us.

Please note that the Recipient shall not be responsible for the manner or means by which each of the above platforms processes your data. Find out about the policy of these media via the respective links.

Regarding the submission of comments by users at the posts and/or pages maintained by the Recipient on social media, in the context of an open dialogue with respect to the different views, we inform you that the Recipient is under no general obligation to check the content submitted by users of these media; however, he makes efforts to ensure a secure online environment.

Therefore, the Recipient shall be entitled to remove any kind of content that is deemed to be infringing the terms of use of the website, such as abusive, vulgar, pornographic, threatening, advertising content or content that infringes intellectual property rights or contains a false declaration as regards the user, while maintaining the ability to block the users who submit it.

  1. Hyperlinks to third party websites

Our website provides access to third party websites. These hyperlinks have been posted for the sole purpose of facilitating visitors during their Internet browsing. It is by no means a sign of acceptance or approval of the content of the websites provided with a hyperlink. Each link leads to a different website, the browsing of which is subject to its own terms of use and data protection.

The Recipient shall bear no responsibility whatsoever for the content and the personal data management policy of the website provided with a hyperlink. Access, with the use of the provided hyperlinks, to the respective website, shall take place under the sole responsibility of the user. We encourage you to read the data protection policies of all the websites you visit.

  1. Consent and rights of a data subject

 

By choosing to agree and consent to the processing of your Personal Data, you consent to the processing of the data for the above specific purposes, either by the Recipient or by an associate company. You may at any time withdraw your consent and exercise one of your legal rights, namely access to your data and obtaining a copy thereof, correction of incorrect information of your personal data, deletion (right to be forgotten) of your data, the restriction of their processing, the data portability to a structured, commonly used and machine-readable format and their transmission to another controller, the objection to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

The Recipient shall manage your requests with due consideration, in order to ensure the security of your data and the protection of your rights. For this reason, in cases of doubt on the person requesting the communication of the Personal Data, we may ask you for additional information, necessary to confirm your identity.

The Recipient shall respond to your requests without delay and in any case within one (1) month from the receipt of each request, unless, due to the complexity of your request or due to the large number of requests, we shall inform you within the month if we need to obtain an extension of (2) two additional months, within which we shall reply to you. If your requests are manifestly unfounded or excessive, in particular because of their repetitive character, the Recipient may either charge a reasonable fee, taking into account the administrative costs of providing the information or communication, or taking the action requested or refuse to act on the request.

In the event of a breach of your data and where such breach is likely to result in a high risk to your rights and freedoms and provided that it does not fall within one of the exceptions explicitly provided for by law, the Recipient shall undertake to inform you accordingly without undue delay.

You can contact the Recipient at any time, in particular to exercise your rights, to submit a question or complaint to the following email address: ataprivacy@intermed.com.gr.

In addition, and in case you consider that your data is breached, you shall be entitled to file a complaint with the competent Personal Data Protection Authority.

 

  1. Cookies

 

Cookies are small text files that are sent to the browser you use and stored on your computer, while you are on our website. In no case shall cookies contain personal information or information which will allow anyone to contact the visitor of the website, via telephone, e-mail, etc.  In addition, using the cookies does not allow access to your computer documents or files.

The use of cookies makes it easier for the website to memorise information about your visit, collecting useful information about your search preferences. Thus, the search experience will be improved the next time you visit us.

The cookies are unique to each browser and contain anonymised information about the websites you visit and the devices you use.

For more information see our cookies policy.

 

  1. Minors

The content and services of our website are addressed exclusively to persons over the age of 16, and we do not knowingly collect any information about persons under this age limit. If you are under the age of 16, you are not allowed to submit your data to us in any way, unless you have the consent of the person exercising your parental responsibility.

Since it is not technically possible to effectively check your age in all cases, we undertake, in the event that the submission of personal data concerning minors is reported and verified, to immediately delete all relevant information. This deletion shall be without prejudice to the need to retain data in the event of the establishment, exercise or support of our legal claims, or the provision of consent by a guardian.

 

  1. Modifications of the information in this privacy policy

The Recipient shall reserve the right to change the terms of Personal Data protection, in accordance with the relevant legal framework in force.

Therefore, these Terms of Personal Data Protection may be reviewed and updated at any time and without notice. The users of the website are kindly requested to check these terms, at regular intervals, for any changes, as the continuous use of the website implies that they accept all possible amendments thereof.