Personal Data

The website magicbox.com.gr, in full compliance with the principles of personal data protection set out by International and European law governing e-commerce (Directive 2000/31/EC, Presidential Decree 131/2003), as well as the Consumer Protection Law (L. 2251/1994), which regulates distance selling, and the relevant provisions of Greek Law (L. 2472/1997) for the protection of individuals and personal data, as amended by decisions of the President of the Personal Data Protection Authority, Presidential Decrees 207/1998, 79/2000, Article 8 of Law 2819/2000, and European Law with directives 95/46/EC and 97/66/EC, explicitly states that it will not engage in any unlawful use of your personal data and will not disclose, publish, sell, rent, or exchange your personal information with any third party. Your personal data will be permanently deleted upon your request and will not be shared in any manner with any third party. By submitting material to our server, you agree that the material does not contain false, illegal, or otherwise inappropriate content for use or publication.


Purpose of Data Processing


In order to complete any transaction through the online store and make a purchase of products from the company, the disclosure of certain personal details will be required from the customer.


What data is collected in the online store?


When placing an order, personal identification and contact information will be requested, such as:

  • Full name
  • Billing address (if different from the shipping address)
  • Shipping address
  • Phone number (mobile and/or landline)
  • Email address (optional for guest customers / mandatory for customers with an account)


The company processes customer data in compliance with Article 7A, paragraph 1(b) of L. 2472/1997, with the purpose of fulfilling the order placed by each customer and will not disclose, publish, or sell the data to third parties, except when required by law to lift confidentiality (L. 2225/1994) or in case of obligations arising from the national implementation of Directive 24/2006.


Recipients of Personal Data

A) Authorized employees of the online store responsible for processing and invoicing customer orders and fulfilling any obligations arising from the contract between the customer and the online store.

B) The online store collaborates with payment and transportation service providers (e.g., banks, money transfer services like PayPal, shipping companies, couriers, etc.) essential for conducting business operations and/or ensuring data security and customer service.

Payment service providers may access personal data related to the customer’s order if necessary for the operation of their services. They are obligated to use personal data in accordance with this privacy policy and relevant Greek laws.

Credit card details provided by customers are NOT stored on the online store platform.

The online store works with courier services for the delivery and dispatch of online orders to customers. These service providers may access the personal data necessary for their services, and they are also obligated to comply with this privacy policy and Greek data protection laws.


The online store uses customer information provided during the ordering process to communicate about:

  • The delivery of the order to the shipping address
  • Confirmation and identification of the customer
  • Processing/deletion of orders due to product shortages
  • Notification about new products
  • Updates on special offers from www.site.gr
  • Prize collection after a contest draw


You have the option to choose whether or not you wish to receive such communications by sending a request via email to [email protected].

The provision of personal data by the customer implies consent for their use by the online store staff for the purposes stated above.

The online store requires its employees and technical staff to provide customers with the level of security outlined in this Privacy Policy.

In no other case will the online store share your personal data without your prior consent, unless required by law.


Please note that under certain conditions, the collection, use, and disclosure of your personal data may be permitted or required by law or a judicial decision, such as when requested by judicial authorities.


The personal data provided by the customer on the online store is used exclusively by the store or affiliated businesses for supporting, promoting, and executing the transaction relationship.


Magic Box A.E. retains data related to electronic orders for tax purposes in accordance with the applicable tax laws. Customer details are recorded in the information system according to current legislation, including provisions regarding data security and confidentiality.

Personal data held may be disclosed to the relevant judicial, police, and other administrative authorities upon legal request and in compliance with applicable legislative provisions.

The customer has the rights to information and objection provided in Articles 11 to 13 of Law 2472/1997 regarding the confidentiality of telecommunications.

By submitting this data, you expressly consent to the collection and processing of your personal data, without which we cannot offer you our services. You may withdraw or modify this consent at any time (Article 2, paragraph i of L. 2472/1997 and Article 7 of Regulation 679/2016). We reserve the right to change the terms of personal data protection without prior notice, in accordance with the applicable regulatory framework.

The online store magicbox.com.gr retains personal data as long as the customer remains active. In case of inactivity and lack of transactions with our store, the data will be kept for five (5) years, with annual purging every January, regardless of the date the customer’s personal data was collected.

Magicbox.com.gr will not disclose the customer’s email address or other personal data for advertising or promotional purposes unless it has explicit consent from the customer, in accordance with GDPR provisions.


We inform you that in order to collect and analyze your opinions based on objective criteria, so that we can offer you better services and personalized communications/suggestions related to products that suit you, we cooperate with:


  • Google for personalized and remarketing advertising. See more here.
  • Facebook for personalized and remarketing advertising. See more here.


Magicbox.com.gr states that during the retention period of these data/personal information and our electronic communication, it uses these legally, taking the necessary security measures to maintain their confidentiality. Specifically, we take all appropriate organizational and technical measures for the security of the data and their protection from accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access, and any other form of unlawful processing. These include, for example, access control to personal data, security of physical storage of personal data files, destruction of documents containing personal data to ensure no information can be extracted, while the network is protected by Firewalls and NAT, data encryption, and also controlled user access with different Username and Password, as well as SSL/TLS certificates from LetsEncrypt.


However, Magicbox.com.gr does not guarantee the security of data transmitted over networks to the extent that their protection is not achieved by the adoption of appropriate security measures mandated by the law, and it is not responsible for any direct, indirect, positive, consequential, material, or non-material damage that the user may suffer from accessing the internet.


Whenever you choose to provide us with your email address, mobile phone number, or any other personal data, either through the electronic ordering process or via telephone order, you simultaneously agree to the collection and retention of your personal data by us. Please be assured that Magicbox.com.gr will never use your personal data for purposes other than those mentioned in this text. Your personal data is sacred to us, and we wish to ensure they are used solely for your benefit, with respect for your individuality and your freedom of choice.


Every user has the right to request access to, correction or deletion of their personal data, or to restrict the processing of their personal data, as well as the right to object to processing and to file a complaint with a supervisory authority (in accordance with Articles 13 to 20 of Regulation 679/2016 GDPR).


Additionally, every user can request the portability (as provided by Regulation 2016/679 GDPR) of their personal data. For exercising your rights, you can contact the Data Controller as specified below.


Every user also has the right to withdraw their consent at any time by sending an email to the Data Protection Officer (Article 2, section ι of Law 2472/1997 and Article 7 of Regulation 679/2016 GDPR).


For any disputes arising between customers or between customers and third parties due to messages, data, or information transmitted through magicbox.com.gr, it is stated that the confidentiality of customer communications may only be lifted to the extent necessary for Magicbox.com.gr to fulfill its legal obligations.


It is explicitly agreed that the above terms are governed by Greek Law, the decisions of the competent state bodies in effect for electronic communications transactions, and the applicable relevant provisions. It is explicitly agreed that any disputes arising from the application of these terms and the general use of our store, if not resolved amicably, fall under the jurisdiction of the Courts of Athens.


Automatically Recorded Information


The server (web server) of magicbox.com.gr, based on its design specifications and in accordance with current internet standards, automatically records certain information. The reasons for recording are related to:

  • Timely diagnosis and automatic resolution of problems
  • Collection of demographic information
  • Successful management of the electronic store's services


These details are anonymous (they are not personally identifiable) and include domain names and/or IP addresses of browsers visiting the online store, the day and time of the visit, and other (always) non-personally identifiable information.


Cookies

A cookie is a small piece of data sent to the customer’s IP address by a server and stored on the customer's computer's hard drive. Cookies do not harm the computer system and do not affect its functionality. Cookies also make browsing the web easier by saving the customer’s settings. Magicbox.com.gr uses cookies to provide specialized services and content tailored to the customer’s interests. These cookies do not contain personally identifiable information. Most browsers automatically accept cookies, but the customer can usually set their browser to prevent them. Even without cookies, the customer can still use most of the services provided by www.site.gr.

The user can configure and save their preferences regarding cookies in the "Cookies Settings" section in the footer of the website.