The Center for Vocal Arts in Crete NPO is committed to protecting the personal data of users transmitted through its website phonodia.com. This Policy describes the collection, use, and protection of personal data in accordance with the General Data Protection Regulation (GDPR – Regulation 2016/679/EU) and Greek Law 4624/2019.
- Data Controller: The Center for Vocal Arts of Crete AMKE (3 Ierolochiton Street, Heraklion, Crete) is responsible for the processing of personal data.
- Data Collected: When registering or placing an order, the customer’s contact and payment details are collected (e.g., name, address, email, telephone number, payment details). In addition, when browsing the site, technical data (IP, use of cookies, display options) necessary for the smooth operation of the system is stored.
- Purposes of Processing: Personal data is used to execute the sales contract (including ordering, payment processing, and shipping of products) and to inform the customer about the progress of their order (shipping tracking email). In addition, with consent, the data may be used to send informational/promotional messages (newsletters, offers).
- Sharing Data with Third Parties: To fulfill the above purposes, data may be shared with certified partners (e.g., Needleworks printing and shipping company, banks, postal carriers). Data is only shared to the extent necessary to perform the services (e.g., informing the online store’s partners of order shipping details). Under no circumstances is personal data sold to third parties.
- Data Security: Technical and organizational measures are implemented to protect data from unauthorized access or loss. The website uses SSL encryption for secure transactions. However, the user must take their own security measures (e.g. secure internet connection, protected passwords).
- Cookies: We use cookies and similar technologies to improve the browsing experience and for statistical analysis of traffic. Cookies are small files stored on your computer or device that allow the site to remember your preferences. Users can set their browser to accept or reject all or some cookies. However, refusing certain cookies may make it difficult to navigate or use certain features.
- User Rights: The user/customer has the right to access, correct, delete, restrict processing, or object to the processing of their personal data. They also have the right to data portability. The above rights can be exercised by sending a request to the company’s email address (e.g. contact@phonodia.com) and/or by writing to the company’s registered office. In addition, everyone has the right to lodge a complaint with the Personal Data Protection Authority (www.dpa.gr).
- Retention Period: Personal data is retained only for as long as necessary for the purpose for which it is collected (e.g., until the contract is fulfilled and the warranty obligation expires, or up to 5 years for tax/accounting purposes).
- Policy Update: The company may revise this Privacy Policy at any time for legal or business reasons. Any changes will be posted on the site. It is recommended that you periodically review this page.
All of the above practices are carried out in full compliance with the institutional framework of the GDPR and national legislation, ensuring the rights of users.