Vas. Irakleiou 11

Thessaloniki 546 25

+30 231 052 7596

Mon-Wed-Sat:9:30 - 15:00 Tues-Thur-Fri:9:30 - 20:30

Privacy Policy

Privacy Policy
The “Dragramatzian Bros.” hereinafter referred to as “The Company”, attaches great importance to the lawful processing, security and protection of your personal data, in whatever capacity you communicate or cooperate with us, including but not limited to prospective or active customers, consumers, website visitors, employees, suppliers, suppliers, traders, individuals, consumers, passengers or third party partners. This Privacy Policy also describes how we use, share and protect your personal information, the choices you have regarding your personal information, and how you can contact us. This Privacy Policy complies with the terms under European Regulation 679/2016 and any other relevant applicable legislation. By using our website and signing the relevant consent form, you unconditionally accept the practices described herein, the terms of which govern the contractual relationship between us and are incorporated into the terms of use of each of our services.

  1. What is your Personal Data.
    Your Personal Data includes any information on paper or electronic media that may lead, either directly or in combination with others, to your unique identification or to your identification as a natural person. This category includes, where applicable, information such as your full name, VAT number, social security number, physical and e-mail addresses, landline and mobile phone numbers, calling and called telephone numbers, SMS/MMS message recipients, your bank account details, details of your bank/debit/credit/prepaid cards, e-mail addresses, your internet browsing history (log files, cookies, etc.), your personal data and your personal data. etc.), and any other information that allows your unique identification in accordance with the provisions of the General Data Protection Regulation (GDPR 2016/679), Law 4624/2019, the applicable Greek legislation and the decisions of the Data Protection Authority (DPA).
  1. What is Processing of Personal Data?
    Any operation or set of operations which is performed, whether or not by automated means, on personal data or on sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of making available, alignment or combination, restriction, erasure or destruction.
  2. What Personal Data we collect from you.
    We take care to collect only the strictly necessary Personal Data that is appropriate and explicit for the purpose for which it is intended. This Data includes the following:

α. Data that you provide to us when you register and create a user account on the Company’s Sites or Apps, via the internet or your mobile phone, or through your personal contact with our stores or our vendors, and specifically data such as your email address (e-mail)* and password/login password (as required) and your first name, last name, postal address, telephone number (as optional):

β. Data and information that you provide us through the transactions between us (purchases, orders, etc.) and communication between us (through our physical stores, our online store, our vendors, telephone, e-mail or any other way). For example, we collect notes of our conversations with you, details of any complaints or comments you make, details of purchases you have made, products added to or removed from your basket, a list of products you wish to purchase (wish list), voucher redemptions, which of our websites you visit and how and when you contact us.

c. Data concerning the payment method for the transactions you make with us.

δ. Data you provide us when you subscribe to our newsletter.

ε. Data about the products and services that you usually prefer to choose. In order to recommend products or services of your interest and to further improve your shopping experience with us. Of course, you always have the option not to share such data with us.

f. Traffic data of our website.

ζ. Information collected from the use of cookies in your browser. Learn more about how we use cookies here.

η. To provide the best possible website experience, we collect technical information about your internet connection and browser, as well as the country and phone code where your computer is located, the web pages that appear during your visit, the ads you click on and any search terms you enter.

θ. Your social media username, if you interact with us through these channels to help us respond to your comments, questions or feedback.

  1. Legal processing
    The company will use your information for the following lawful processing purposes (according to Article 6 GDPR), where applicable, with your explicit consent which you may freely withdraw at any time, or for the performance of a contract or pre-contractual relationship with you, or to serve our legitimate interests or to defend your vital interests, namely: To manage your calls to seek information to complete your requests, purchases and orders. To respond to your requests and queries regarding our products/services and to inform and respond to your suggestions and comments on how to improve our products and services. To analyze our website traffic and improve your experience and to provide you with information related to products, services, special offers and promotions. For our internal operations and analysis such as internal management, fraud prevention, use of information systems for administration, billing, accounting, invoicing and control. The provision of Data to the Company may be necessary to achieve the purposes identified in this Privacy Policy or may be optional. If you refuse to provide the Data that is considered mandatory, it may, for example, make it impossible for the Company to fulfill the sales contract or provide the other services available on its Sites.
  1. What are the principles of collection and processing?
    This Privacy Policy aims to inform you of the terms of collection, processing and transfer of your personal data that we may collect as Data Controllers. The company and its staff apply the ten Processing Principles of the GDPR 2016/679 (lawfulness, objectivity, transparency, purpose limitation, data minimisation, accuracy, storage time limitation, integrity, confidentiality and accountability). The Company protects and safeguards your eight Rights regarding the use of your Personal Data (information, access, rectification, erasure, erasure, restriction of processing, portability, opposition and non-automated decision-making based on profiles, as specified in Greek legislation). The above applies without distinction and applies to all processing we carry out and to all services we provide independently.
  2. What are the ways of collecting your Personal Data?
    The Company collects your personal data by accepting the terms of use of each of our services, such as:When you call our numbers, when you email us, or fill out an application or order.When you contact our offices or our staff and call centre, either to make purchases or to express your opinions, complaints, or comments.When you send us your postal address for issuing or sending invoices or service receipts and for home delivery details of your order.When you visit our website, through which we collect, with your explicit consent, via cookies, information from your terminal device, such as your Internet Protocol (IP) address, the operating system used, your browser type and version, etc.
  3. Minimize, store and delete your data
    The Company will always ask you for the minimum legally required personal data in order to connect to our online platforms and services, to purchase products/services, to place an online order, to communicate via websites with other users or to participate in competitions or promotions. Our Company retains your personal data only for as long as required by the contractual terms of each service, in conjunction with the applicable legislation, based on the purpose of processing in each case, and then anonymizes or destroys them. You can ask us and find out what data we collect about you and correct or delete it by completing the request form we have available, unless retention is required by law for tax, evidence or judicial purposes and for the prosecution of illegal acts.
  4. Cookies Policy
    In accordance with the European E-Privacy Directive 2009/136/CE (which will be replaced by the ePrivacy Regulation) and the 25.2.2020 Guidelines of the Hellenic Data Protection Authority, our website accepts the use of “cookies”. These are online tools for collecting and analysing information from social networking platforms or third-party partner websites in order to measure traffic, improve the operation, content and overall appearance of our website and adapt it to the needs of our customers. When using our website, your personal data is processed by third parties, such as social networks and search engines, e.g. Google Analytics, Facebook social plug-ins etc., without any involvement, influence or control on the part of the Company and are transmitted either within or outside the European Economic Area (27 EU member states plus Iceland, Liechtenstein and Norway), for which these third parties are solely responsible. If you do not wish third parties, such as Google, Facebook, Twitter, to receive information from your browser when you visit the Company’s websites you may opt out of the terms provided by the relevant User Policy on each such third party’s website. Although most browsers automatically accept the use of cookies, you can go to change the settings on your computer by choosing not to accept cookies, or by being asked to accept each cookie individually. However, you should be aware that doing so will limit the range of browsing options available to you on any online website and the user experience.
  5. Transfer of your data to third parties
    As a general rule, our Company does not transmit your personal data to third parties, except when we act as intermediaries and to the extent necessary to complete your order and fulfil requests relating to the services provided by us. Such third parties may be official governmental and supervisory bodies (e.g. law enforcement and prosecution authorities, e-crime prosecution, DPAA, EETT) when we are required to comply with the law and prevent unlawful acts against us and our customers (e.g. telephone fraud, insult, defamation, invasion of privacy, etc.). Third parties may even be accounting and law firms. At our Company we choose trusted providers and try to place contractual restrictions on third parties receiving your personal data to ensure that it is used lawfully. However, we cannot guarantee that they will not use or disclose this data without your permission. For this reason, we recommend that you carefully review the privacy practices of any third party providers/suppliers whose products or services you purchase through our websites. In order to process your data, we may need to transfer your information to other countries, including countries mostly within and extremely outside the European Economic Area (EEA), based on EU adequacy decisions, corporate binding rules, standard contracts and approved codes of conduct. Access to your Data is available to the Company’s strictly necessary personnel, who are bound by confidentiality obligations, and our business partners or third party service providers who process your Data as Processors on our behalf and in accordance with our instructions.
  6. How is your Data shared?
    Data sharing by our Company The Company shares your Data with:Third party service providers who process personal data on behalf of the Company, for example (but not limited to) for credit card and payment processing, transfers and deliveries, hosting, management and maintenance of our data, email distribution, research and analysis, management of promotions, and management of certain services and data. When we use third-party service providers, we enter into agreements that require them to implement appropriate technical and organizational measures to protect your personal data.Other third parties, to the extent necessary for the purposes of.Other third parties to whom you yourself have given your consent.Disclosure of Data by you:When you use certain social media elements on our Sites or Apps, you may create a public profile that includes information such as username, profile picture and city. You may also share content with your friends or the general public, including information about your interaction with Company. We encourage you to use the tools we provide to manage sharing on Company’s social media to control the information you make available through Company’s social media elements.
  7. What is our policy with third party Processors processing your Data in accordance with the above:
    We only provide the information needed to perform their specific services.They may only use your Data for the precise purposes we specify in our contract with them.We work closely with them to ensure that your privacy is respected and protected at all times.If we stop using their services, any of the Data they hold will be deleted or made anonymous.To improve your customer experience on our Sites and Apps, we use the following companies who will process your Personal Data as part of their contracts with us:Facebook Google YouTubeInstagram Twitter LinkedInInstagram Instagram Instagram Instagram Instagram Instagram Instagram Instagram InstagramACS JSjar will use your Personal Data for the purposes of sharing your Data with third parties.Should you wish to receive more information about sharing your Data with third parties please contact us by email [email protected].
  8. How do we ensure that Processors respect your Data?
    The Processors processing on our behalf have agreed and contractually bound themselves to the Company:To maintain confidentiality,not to send your Data to third parties without the Company’s permission,not to disclose your Data to third parties without the permission of the Data Controller, and to take appropriate security measures,To comply with the legal framework for the protection of personal data and in particular Regulation 979/2016/EU (otherwise GDPR).
  9. Security of your personal data
    In any case, we take appropriate technical and organisational measures to ensure the confidentiality, integrity and availability of your data. Our aim is to ensure that your personal information is transferred, stored and processed in accordance with appropriate international security standards and procedures. At the Company we have trained and responsible staff and we recognise the importance of protecting the privacy of all your personal information. To this end, we have appropriate security policies in place and use appropriate technical and operational tools, such as anonymization, pseudonymization, data encryption, tokenization, use of firewalls, establishment of access levels, authorized employees, staff training, periodic audits, compliance with international security and business continuity standards. Any of our partners who have access to the above information, use it solely to serve the above purposes. We share the information you give us exclusively in the ways described in this Policy and in accordance with your explicit and specific consent by type of processing, which you can freely withdraw at any time by contacting us.
  10. Data transfer
    The personal data we collect (or process) in the context of our Sites and Apps will be stored within the European Union. However, some of the recipients of the Data with whom the Company shares your Personal Data may be located in countries other than the country in which the original collection of your Personal Data took place. The laws in those countries may not provide the same level of data protection as the country that originally provided your Personal Data. However, when we transfer your Personal Data to recipients in other countries, including the United States, we are committed to protecting your Personal Data as described in this Privacy Policy and in accordance with applicable law. We take steps to comply with applicable legal requirements for transferring Personal Data to recipients in countries outside the European Economic Area or Switzerland that do not provide an adequate level of protection. We use various measures to ensure that your Personal Data transferred to these countries enjoys adequate protection under data protection rules. These include signing the Contractual Clauses, certifying that the recipient has adopted the European Binding Rules or complying with the EU-US and Switzerland-US Privacy Shield.
  11. For how long do we keep your Data?
    We retain your Personal Data for as long as necessary to fulfil the purposes set out in this Privacy Policy (unless a longer retention period is required by applicable law). Generally this means that we will retain your Personal Data for as long as you have an account with our Company. With respect to your Personal Data related to product purchases, we retain this data for a longer period in order to comply with our legal obligations (such as tax and trade law and for warranty purposes where applicable). At the end of this retention period, your data will be deleted completely or anonymised, for example by aggregation with other data, so that it can be used in an unidentifiable way for statistical analysis and business planning. Some examples of Customer Data retention periods. – If your order included a warranty, the relevant Personal Data will be retained until the end of the warranty period. – Newsletter Your declaration of consent to receive a newsletter will be kept for as long as you receive a newsletter from the Company and in any case no longer than six months after the newsletter is discontinued.
  12. Showing targeted ads
    Where you have given us written consent, we may use your personal data together with other information we have collected, following human intervention by our commercial department, to display advertisements relevant to your apparent preferences on our website or on another website. However, we do not use automated tools to identify and evaluate your consumer profile and general preferences with other personal information (such as your email address) to display advertisements or send you personalized information. In addition, we do not share your personal information with third parties to enable them to send you relevant advertisements unless you have expressly consented to them in writing. If you would like us to stop sending you updates or offers, you can use the unsubscribe link at the bottom of any email you may have received from us (unsubscribe).
  13. Is your Data safe?
    We are committed to safeguarding your Personal Data. Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures to ensure the security and protection of your Data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum security. The www.nb.org website uses the TLS 1.2 protocol, for secure online commercial transactions. This encrypts all Data you provide, including your credit card number, name and address, so that it cannot be decrypted or altered during transmission over the Internet. In addition, the data used to identify you as an account user are two: your Username and your Personal Secret Security Code (Password). Each time you enter your details, you are granted access to your personal account. This process is achieved securely through encryption during their transfer to the Internet and the Company’s servers. Following the same standards, you are given the opportunity to change your Personal Secret Security Code (Password) as often as you wish. After entering the desired password, the new password is encrypted and stored in the Company’s systems. For this reason, the only person who knows your password is you, and you are solely responsible for maintaining the secrecy of the password from third parties. These measures are reviewed and modified when necessary.
  14. Unsolicited commercial communications
    Our Company does not permit the use of our website or our services for the transmission of bulk or unsolicited commercial e-mail (spam). Furthermore, we do not permit the sending of messages from and to our customers that use or contain invalid or spoofed headers, invalid or non-existent domain names, techniques to conceal the origin of any message, false or misleading information, or violate our website terms of use. We do not permit in any way, the collection of email addresses or general information of our customers and subscribers through our website or services. We do not permit or authorize any attempt to use our services in a manner that could damage, disable, impair, impair any part of our services or interfere with anyone who wishes to lawfully use our services. If we believe that any unauthorized or inappropriate use is being made of any of our services, we may, without notice, in our sole discretion, take appropriate action to block messages from a particular Internet domain, email server, or IP address. We may delete any account using our services that, in our sole discretion, transmits or is associated with the transmission of any unauthorized or inappropriate messages from a particular domain, email server, or IP address.
  15. What are your rights?
    You have the right to access your Personal Data. This means that you have the right to be informed by us if we process your Data. If we process your Data, you can ask to be informed about the purpose of the processing, the type of your Data we hold, who we give it to, how long we store it, whether automated decision-making is taking place, and your other rights, such as rectification, erasure, restriction of processing and lodging a complaint with the Data Protection Authority. You have the right to rectify inaccurate personal data. If you find that there is an error in your Data, you may submit a request to us to correct it (e.g., correcting your name or updating a change of address). You have the right to erasure/right to be forgotten. You can ask us to delete your Data if it is no longer necessary for the processing purposes listed above or you wish to revoke your or in the case where this is the only lawful basis. You have a right to portability of your Data. You may request to receive in a readable form the Data you have provided or request us to transfer it to another controller. You have the right to restrict processing. You can ask us to restrict the processing of your Data for as long as your objections to the processing are pending. You have the right to object to and withdraw consent to the processing of your Data. You may object to the processing of your Data and we will stop processing your Data unless there are other compelling and legitimate reasons that override your right. If you have consented to the collection, processing and use of your Personal Data, you may withdraw your consent at any time with future effect:●Choose not to receive Marketing Communications. You can opt out of receiving marketing communications by changing your email and sms subscriptions by clicking the unsubscribe link or by following the instructions included in the message.●Alternatively you can contact us using the contact details provided in clause 17 below. Where we rely on our legitimate interest: Where we process your personal data based on our legitimate interest, you can ask us to stop for reasons relating to your personal situation. We must then do so if we do not believe we have a legitimate compelling reason to continue to process your Personal Data.
  16. How can you exercise your rights?
    To exercise your rights, you can submit a request to us at [email protected] with the title “Exercise of Rights” and we will review it and respond to you as soon as possible.
  17. Where can you appeal if we breach the applicable law on the protection of your Personal Data?
    You have the right to lodge a complaint with the Personal Data Protection Authority (postal address 1-3 Kifissia Street, P.K. 115 23, Athens, tel. 210. 6475600, e-mail address [email protected]), if you believe that the processing of your Personal Data violates the applicable national and regulatory framework for the protection of personal data.
  18. Validity of the Privacy and Personal Data Protection Policy
    We update this Privacy Policy whenever necessary. If there are significant changes to the Privacy Policy or the way we use your Personal Data, we will post an update to this Privacy Policy on our website before the changes take effect and will notify you by any appropriate means. We encourage you to periodically read this Policy to know how your Data is protected.