2. Data Collected and Purposes of Processing
What data is collected?
Name, address, email address (and any additional information entered in
the order form).
Purpose of processing:
Processing and delivery of our free products/promotions.
Legal basis: Art. 6 para. 1 lit. b GDPR.
What data is collected?
IP address, date and time of access, browser type and version, operating
system, referrer URL, and other technical information.
Purpose of processing:
Ensuring smooth operation of the website, as well as system stability
and security.
Legal basis: Art. 6 para. 1 lit. f GDPR.
Type and purpose of cookies:
Our website may use cookies to expand functionality and enhance user
comfort. This includes technically necessary cookies as well as cookies
for marketing or analysis purposes.
Legal basis:
For technically necessary cookies: Art. 6 para. 1 lit. f GDPR; for all
other cookies, processing is based on consent according to Art. 6 para.
1 lit. a GDPR, if granted.
We transmit personal data to service providers (e.g., shipping
companies) only to the extent necessary to fulfill your order. If
required, data may also be transferred to our hosting partner, who
operates on our behalf and is also subject to data protection
regulations.
Legal basis:
Art. 6 para. 1 lit. b GDPR or Art. 6 para. 1 lit. f GDPR.
Personal data is stored only as long as necessary to provide our services or as required by legal retention periods. Order data is generally deleted after complete processing unless legal requirements demand longer storage. Log files are stored for security purposes and anonymized or deleted after a few weeks.
We implement appropriate technical and organizational security measures to protect your data from unauthorized access, loss, destruction, or manipulation. These measures are regularly reviewed and adapted to the state of the art.
According to the GDPR, you have the following rights, among others:
Right of access (Art. 15 GDPR):
You can request confirmation as to whether and which personal data about
you is being processed.
Right to rectification (Art. 16 GDPR):
You have the right to have incorrect data corrected.
Right to erasure (Art. 17 GDPR):
Under certain conditions, you can request the deletion of your data.
Right to restriction of processing (Art. 18 GDPR):
You can request the restriction of processing of your data.
Right to data portability (Art. 20 GDPR):
You have the right to receive the data you provided in a structured,
commonly used, and machine-readable format.
Right to object (Art. 21 GDPR):
You may object to the processing of your data if it is based on
legitimate interests.
Right to withdraw consent (Art. 7 para. 3 GDPR):
You can revoke consent given at any time with effect for the
future.
If you have questions or concerns regarding data protection, please contact:
If you believe that the processing of your personal data violates applicable data protection laws, you can lodge a complaint with the relevant data protection supervisory authority. This may be the authority in your country of residence or at our company headquarters in Cyprus.
We reserve the right to update this privacy policy from time to time to comply with current legal requirements or to reflect changes to our services. The current privacy policy applies to your next visit.
(Status: March 2025)
