1.1 The use of services provided to the visitor/user/ customer, by the Limited Partnership under the name “CISTERN ART EE” with distinctive title “CISTERN ART”, located on 6th km provincial road Ritsonas -Vathiou, Evia, Zip Code 34150, Chalkida with Company Registration No 149394701000, VAT No 801112650 issued by the Chalkida Tax Registry, with branch offices located in Kifissia Attica, 3 Panagitsas str. Zip Code 14562, and its electronic store mamushgalleryshop.com, hereinafter referred to as the "Company", requires your unreserved agreement with this Privacy Statement. Therefore, the visitor/user/customer should carefully read the contents of this policy. If you do not agree or do not consent to this privacy statement, you should NOT make any use of the services provided by the Company.
1.2 The Company respects your privacy and fully complies with the Greek and European GDPR legislation regarding the collection, processing and protection of your personal data. This Privacy Statement informs you of our privacy practices and the choices you have in your discretion on the manner information about you is collected and how it is used.
2.1 This Privacy Statement applies to all websites, domains, services, applications, and products owned by the Company.
2.2 The Company collects, exports and uses personal data to provide its services in a better way and to personalize your experience and interaction with the Company. This is made upon prior proper alert securing consent provided by you and with the necessary procedures of data protection authorities, where appropriate.
2.3 The Company may collect personal data from you on the purpose of completing various transactions, such as:
-Creating profiles and user authentication (username, password etc.)
-Processing requests for information (i.e. product pricing)
-Subscriptions to marketing or support services
-Recruitment or collaboration requests
-Product and marketing messages.
Additionally, the types of personal information you provide to us may include:
Identity and communication information such as your full name, father and mother name, address, phone number (mobile / fixed) and your e-mail address, other unique information such as user IDs and passwords, product and service preferences, communication preferences, data related to your interest in employment.
2.4 If you post, comment, express interest or complain or share personal information, including photos, in any public forum on a Company site, social network, blog or other forum of this kind, you must be aware that any information you submit may be read, collected or used by other users of these forums and can be used to communicate with you, send unsolicited messages or for purposes that are not controlled either by you or by the Company. The Company is not responsible for the personal information you choose to submit to such forums.
2.6 The Company also collects information from sources that are publicly available or commercially available and are believed to be reliable. This information may include your full name, address, e-mail address, preferences, interests, and demographic/profile data. Information collected by the Company from its public or commercial sources may be used along with the information it collects when you visit its Web sites.
We collect and process your personal data only when this is absolutely necessary. We will never sell, rent, distribute, or disclose your personal data in any way unless the law requires it.
If you are under 16 years of age, YOU ARE OBLIGED to have your parents' consent before using the services of this site.
Along with our company's internal IT systems, this site is designed to comply with the following laws/regulations regarding the protection of user's personal data:
1. EU Data Protection Directive 1995 (EU DPD)
2. General Data Protection Regulation 2016/679 / EU on General Data Protection of the EU (EU GDPR)
Services, tools and third party widgets we use: Below you can find the list of all third-party tools, services and widgets we use, as well as links to information about managing your data from these services.
Google Analytics - We use Google Analytics to track the core statistics on our site. For more information about how Google manages your personal data, please go here.
Google Ads - For tracking through the Google network we request their performance
Facebook Ads - For monitoring through the Facebook network we request their performance
Linkedin Ads - For monitoring through the Linkedin network we request their performance
MailChimp - We use MailChimp to create our newsletter and marketing emails, as well as to list all our subscribers (registered users of our newsletter). For more information about how MailChimp manages your personal information, please go here.
Linkwise - We use affiliate links through Linkwise, a Greek affiliate network (our review here), to promote products from third-party sales companies. The data that the network is likely to collect from its users is when clicking on an affiliate link, visiting or signing up for the service.
Users may be asked to subscribe to our newsletter by providing their name and e-mail address to access promotional/corporate material of our company as well as to monitor its activity, to be informed about actions and events and to be in contact with it. The e-mail addresses we receive from our users upon registration will only be used for the purposes of the site without compromising users against spam.
The subscriber can be deleted from our newsletter database at any time by e-mailing us or by clicking on the "unsubscribe" link below each newsletter that we send it to.
All e-mails and names are organized through the third-party service called MailChimp, for which you can read more as stated above. The company complies fully with the new GDRP regulations.
Creating a digital identity requires dedication. These are the ways we help you protect yours.
Secure communication channels: We encrypt personal data provided through web forms using up-to-date standards to prevent the transmission of transmitted information.
For any personal information you store in our database, all necessary steps will be taken to secure them.
We will report any unlawful violation of the database of this third party data processing site or database to anyone and to all relevant stakeholders as well as authorities within 72 hours from the violation if it is obvious that the personal data that is stored in recognizable form, have been stolen.
To stop receiving newsletters, promotional e-mails, and to stop any communication with us, simply click on the "Unsubscribe" link at the end of each newsletter and all your personal data will be automatically deleted at that time. You also have the ability to edit your personal information, as well as select the e-mails you want to receive from our site if there are more than one newsletters or e-mail campaigns.
Note: If the link at the end of our newsletter does not work properly or has problems, please let us know about your data being deleted or processed, and we will make sure that you make the necessary changes or delete your data within 48 hours.
Your IP address as well as cookies are collected by third-party services, including Google Analytics and Google Adsense. Both services comply with GDRP regulations and all data on our site is automatically deleted every 38 months. You can read about how Google services collects your personal data here, as well as how your Google Analytics data is automatically deleted here.
We provide you with the tools to control your account information and guidance on how they are used. Just access your account or contact us to view and update your account information, such as your name, email address, social network links, password, description and photo.
View and update your communication preferences for receiving account-related messages
The Company is committed in resolving complaints relating to confidentiality and the collection or use of personal information.
The Company is further committed in reporting any unresolved privacy complaints by EU citizens or residents about transfers of their personal data within the authorities to an independent dispute resolution mechanism.
If you want to find out if you are a subscriber to our newsletter and wish to receive a copy of the file with your stored data (e-mail, registration date, internal number in our system, text formatting, html-plain text), send an e-mail to email@example.com, under "My Personal Data," and we will respond to you the next business day.
If for any reason, at any time, you want to delete any information, and of course your e-mail address, please send an e-mail to firstname.lastname@example.org, on the subject of "Right to oblivion". We will delete all information for you and we will confirm the operation by e-mail you receive the next business day.
We will respond to all requests, questions or concerns within thirty (30) days.
In addition, you can contact us through the contact form from the bottom of the page.
The protection of your personal data is very important to us. In that direction, we attach great importance on harmonizing our Company's practice s with the legislation in force. This General Data Protection Policy (hereinafter referred to as the "Policy" or the “Data Protection Policy” or the “GDPR Policy”) concerns the conditions for collecting, storing, retaining, processing and using of your personal information by the Limited Partnership under the under the name “CISTERN ART EE” with distinctive title “CISTERN ART”, located on 6th km provincial road Ritsonas -Vathiou, Evia, Zip Code 34150, Chalkida with Company Registration No 149394701000, VAT No 801112650 issued by the Chalkida Tax Registry, with branch offices located in Kifissia Attica, 3 Panagitsas str. Zip Code 14562, and its electronic store mamushgalleryshop.com, hereinafter referred to as the "Company"
The basic definitions of the terms and names to be used in this document, as referred to in Article 4 of the General Regulation on Personal Data Protection 2016/679 / EU (EU GDPR), are the following:
Personal Data: Any information or data relating to an identified or identifiable natural person ("data subject"). As intentifiable natural person is considered to be the natural person whose identity can be acertained, directly or indirectly, in particular by reference to an identifying element such as its’ name, identity card and/or passport number, tax information, location data, summarized identity, or one or more factors specific to physical, physiological, genetic, physical, economic, cultural or social identity of that natural person.
Personal data of special categories (sensitive): Personal data which are by nature very sensitive in relation to fundamental human rights and freedoms are considered sensitive and therefore require special protection as the context of their processing could pose significant risks to the fundamental human rights and freedoms. This personal data include data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union memberships, as well as the processing of genetic data, biometric data used for undisputed identification of a persons’ health status or data relating to its’ sexual life or its’ sexual orientation.
It is clarified that all personal data of minors -under the age of 16 - are by definition considered as sensitive and treated as such.
Controller: a natural person or legal entity, a public authority, a service or other entity that alone by itself or acting jointly with others determine the purposes and the manner in which personal data are processed.
Processor: a natural person or legal entity, a public authority, a service or other entity processing personal data on behalf of the controller.
Each educational organization, regardless of its type, legal form and size, maintains and processes personal data and is referred to as a controller.
Any natural person or legal entity of the public or private domain that processes data on behalf of a controller is referred to as the processor. (Example, an accounting office in which the training organization assigns the payroll of its employees).
Processing: any action or set of actions carried out with or without the use of automated means of collecting personal data or clusters of personal data (sensitive and non-sensitive) such as collection, registration, organization, structure, storage, adaptation or alteration, retrieval, search of information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, erasure or destruction.
Authority: The Personal Data Protection Authority (PDPA)
The Company is designated as a controller and strictly complies with the Data Protection Principles set out in Article 5 of the General Data Protection Regulation.
The main purpose of the Company is the commercial trade of artworks (wholesale and retail), the promotion and public projection of artists and artworks, rendering of metal turning services, the manufacture of special purpose machines, rendering of publishing services, the design and development of technologies information on applications, rendering of public relation and communication services, the organization of scientific and cultural events, rendering of industrial design services, rendering of intellectual property management services (except for films), rendering of training services, rendering of services for the production and presentation of artistic events, printing services, sculpture services and organization of art exhibitions and artistic events.
Within the framework of its above mentioned objective, the Company cooperates with natural persons and / or legal entities by directly assigning part or all of the works assigned to it (assignments or subcontracts) or by ensuring for third party projects the provision of services of collaborating natural or legal entities ("Affiliates"), promoting these services, for which they contracted in their name and on behalf of them.
The term "personal data" or “private data” or "data" as used in this Policy refers to information belonging to natural persons (such as full name, forenames, e-mail addresses, identity card numbers and/or passport numbers, tax ID numbers, Social Security Numbers (SSN), bank account details, etc.), as well as legal entities and their legal representatives information (company name, registered office, VAT number, postal address, postal code, contact phone number, e-mail address, bank account details, legal representatives and their data as natural persons etc.), hereinafter "Personal Data or Private Data or Data".
As Processing of Personal Data is considered any action or set of operations/actions carried out with or without the use of automated means for collecting data, either in an electronic form (soft copy) or in a hard copy, such as collection, registration, organization, classification, structure, storage, adaption, change, retrieval, search for information, use, transmission, dissemination, association, combination, restriction, deletion and destruction of Personal Data.
We collect your Data solely for the purposes of:
(a) providing our services the service provided by the Company,
(b) complying with any obligations imposed by applicable law, e.g. issuing a tax document, an invoice etc.
Data Processing is performed for the execution of any contract between us for the provision of our services, for your information on the activities, events and promotions of the Company to you, as well as for the communication of the Company with you, only after your explicit consent, in writing or electronically.
The Company does not use the Data for purposes other than those mentioned in paragraph 6 above, which relate to the proper provision of our services, in view of high quality standards and the compliance of our company with the applicable legislation.
The Company may use the Affiliates and Customer Information on its website for publicity/promotional or other purposes related to the Company's professional visibility and publicity.
The recipients of the Data are the Company and its strictly necessary staff, committed and bound to confidentiality. All employees, with an indefinite or fixed-term relationship, as well as all subcontractors, assistants, employees who work on behalf of the Company are bound by this Policy.
The Data Processors have agreed and contracted with the Company:
• to be bound by confidentiality/non-disclosure agreements,
• not to disclose any data to third parties without the prior provided permission by the Company,
• to take all appropriate security measures
• to comply with the legal framework for the protection of personal data, and in particular the EU GDPR Regulation.
The Company takes all appropriate technical and organizational security measures to ensure that processed personal data are accurate and, where necessary, accordingly updated.
The Company takes all necessary measures to ensure that inaccurate or incomplete data will be erased or accordingly corrected. Personal data processed are appropriate, proportionate and relevant to the needs of the service rendered to the customer, meet the contractual obligations undertaken by each contract party and are collected only for defined, explicit and legitimate purposes, as above mentioned as well as in the relevant contracts.
The personal data process is conducted by the Company in a manner that ensures their confidentiality and follows rules and other procedures to protect them against unauthorized access, misuse, alteration, forbidden dissemination, disclosure, loss or accidental / unlawful destruction and any other form of unfair processing. The Company applies technical and organizational security policies, routines and procedures to protect the personal data it collects from potential security breach, loss, misuse, alteration or destruction.
Internal audits on the processing of personal data are routinely conducted by the Company to review the effectiveness of the applicable data protection measures.
Specially authorized individuals have access to data processing systems through which personal data is processed or used only in accordance with the Company's instructions. Data processing systems cannot be used by unauthorized persons. Persons authorized to use data processing systems have specific and targeted access only to the data for which they have been authorized. Personal data may not, during the processing or use or after, be recorded, read, copied, modified, or shifted by unauthorized persons of the Company.
Access to personal data is limited only to those who have authority in the course of their duties appointed to them by the Company, provided they need to be aware of them. People who have access to the data are required to keep the data confidential.
As a general rule, all personal data are deleted/destroyed by the termination of our contractual relationship.
The duration of the retention of the Data is also determined by the retention obligation imposed by the applicable legislation governing the Company's contractual and tax obligations.
Exceptionally, it is possible to extrapolate the length of retention of the Data for purposes of proofing before the courts of law in regards of the compliance of contractual obligations by the Company or in case it is required by a rule of law or due to compliance with instructions from Public or Independent Authorities.
The Company is committed in safeguarding your Personal Data.
We have received appropriate organizational and technical measures for the security and protection of Data from any form of accidental or fraudulent processing. Security measures shall be reviewed and amended whenever necessary to meet the conditions and standards set forth in the applicable legislation.
Indicatively, and not restrictively, the following rules describe how and in which space the data are safekept. The data stored in hard-copy files are kept to a point where unauthorized persons have no access. The same applies to files that are kept electronically, but for some reason they have been printed-out.
Important points are:
Your Data may only be processed by specifically authorized persons, employees and partners solely for the purposes stated above.
The Company carries out regular audits and routine inspections to verify that the data are secure and that the present Policy is implemented.
You have the right to access your personal data. This means that you have the right to be informed by us whether we process your Data. If we process your Data, you can ask to be informed about the purpose of the processing, the kind of Data we process, who we give it, for how long we store it, whether we use automated collecting tools, but also about your other rights, such as correcting, deleting data, limiting the extend of processing and submitting a complaint to the Data Protection Authority.
You have the right to correct inaccurate personal data. If you find that there is an error in your Data, you can apply for us to correct it (for example, a name correction or an update of an address change).
You have the right to delete / the right to oblivion. You may ask us to delete your data if they are no longer necessary for the aforementioned processing purposes.
You have the right to transfer your Data. You may ask us to receive the Data you have provided in a readable form or ask us to forward it to another controller.
You have the right to restrict your processing. You may ask us to restrict the processing of your Data for as long as your filed objection on procession is pending.
You have a right to object to the process of your Data.
You may oppose to the process of your Data or withdraw your consent and we will seaze processing your Data, unless of course there are other compelling and legitimate reasons that prevail over your right.
In order for you to exercise your rights you can send us a request (Form 1), describing the right you wish to exercise, either at the postal address (Mamush Gallery 3 Panagitsas str. P.O 145 62 Kifisia, Attica), under the title/subject "Exercise of a right access/correction/deletion/restriction/challenge", or via e-mail to the address (email@example.com) under the title/subject "Exercise of the right of access / rectification / deletion / restriction / opposition", describing your request, We will review it and revert as soon as possible.
We will respond to your requests free of charge, without any delay, and in any case within (1) one month from the date of receipt of your request. However, if your request is complicated or there are a large number of requests (clustered requests) by you, we will inform you within one (1) month whether we will be needing an additional two (2) month extension, within which we will respond to you.
If your claims are manifestly unfounded or excessive due in particular to their recurrence, the Company may impose a reasonable fee, taking into account the administrative costs of providing the information or executing the requested action or refusing to follow up the request.
For more information, you can directly contact us over the phone 2106232900 or via e-mail address (firstname.lastname@example.org) using the title: "Request Progress".
NO, we do not make decisions, nor do we create a profile based on our automated data processing.
We process your Data in accordance and compliance with the General Personal Data Protection Regulation 2016/679 / EU and in general the current national and European legal and regulatory framework for the protection of personal data.
You have the right to lodge a complaint addressed to the Personal Data Protection Authority (1-3 Kifissias Avenue, Athens / www.dpa.gr) if you believe that processing of your Personal Data violates the current national and regulatory framework for the protection of private data.
We will update this Policy whenever deemed necessary in order to comply with the applicable national and European laws and regulations on the protection of personal data. If there are any significant changes to the Policy or the way we use your Personal Data, we will post in a prominent place on mamushgalleryshop.com.
We encourage you to review this policy regularly in order to monitor how your Data are protected from time to time.
The Company is the controller of the process of the private data of natural persons or individual businesses it receives.
If you wish to contact any matter relating to the processing of your Data and the exercise of your rights, you may contact the Company’s Data Controller, mr Christos Gkikas, on the phone 2106232900 or in the e-mail address email@example.com
I HAVE READ AND UNDERSTOOD THE ABOVE AND HEREBY PROVIDE MY CONSENT AND PERMISSION TO THE COMPANY TO COLLECT AND PROCESS MY PERSONAL DATA IN ACCORDANCE WITH THE TERMS AND THE PURPOSES REFERRED TO IN THIS POLICY.
You should be aware that some features are only available through cookies and if you choose to disable your cookie preferences from your computer/portable device, these features may not be available.
In addition to the absolutely necessary cookies, there are also "performance cookies". These cookies collect information about how visitors use the website, for example which pages they visit more often, and whether they receive error messages from webpages. These cookies collect aggregated, anonymous information that do not identify a visitor. They are used exclusively to improve/enhance the performance of a website.
We also use "functionality cookies". These cookies allow the website to remember the user's choices such as name, language, or region to provide enhanced and personalized features. They can also be used to provide services that have been requested by the user, such as video viewing or using social media. The information collected by these cookies may become anonymous and it is not possible to monitor the browsing activity on other sites.
If you do not accept these cookies, the performance and functionality of the website may be affected and your access to its content restricted in various ways.
You can check and/or delete "cookies" according to your wishes. Details can be found here: aboutcookies.org.
You can delete all the cookies already existing on your computer, and set up most browsers in a way that prevents the installation of cookies. Note, however, in this case, you may need to customize manually certain preferences yourself whenever you visit a site, and some services may also not work properly.
Below you can find a list of the types of cookies we use on our website
|PURPOSE||DESCRIPTION||TYPE & DURATION|
|Performance (e.g., user's browser)||Our website has been configured using common internet platforms.
These platforms have built-in cookies that help with compatibility issues (for example, to determine your browser type) and improve performance (for example, faster content loading).
|Duration of browsing
Deleted when browser closes
|Security Cookies (e.g. Asp .NET)
|If you sign up for access to a restricted area, our cookies confirm that your device is connected for the duration of your visit. For access to a restricted area you will need your username and password.||Duration of browsing
Deleted when browser closes
|Our cookies can also record your site preferences (eg language etc) or seek to enhance your experience (e.g. by personalizing a greeting or content).
This will apply to areas where you are specifically signed up for access or to create an account.
|Duration of browsing
Deleted when browser closes
|We use an external partner search tool to ask a percentage of visitors to provide their feedback. Cookies are used to prevent visitors from being invited many times.
The first cookie is placed if the visitor is not invited to participate in the survey, and used to ensure that guests are not invited after the first visit to the site.
The second cookie is placed if the visitor is invited to participate in the survey, and is used to ensure that the visitor will not be invited to participate again within a 90-day period.
|Duration of browsing
Deleted when browser closes
They are automatically deleted after 90 days or when the invitation to comment is displayed.
|Dissemination to social media||We use third-party social networking widgets or keys to provide you with additional features to spread the content of our web pages through social media and e-mail websites. Using these widgets or buttons can install a cookie on your device to make their service easier to use, to ensure that your interaction appears on our web pages (e.g., we know how to measure social media proliferation ) and record the logging information of your activities across the Internet and our website.
They are automatically deleted after two years if you no longer visit our site