Privacy Policy

1. Introductory

This privacy policy is at the same time a statement of personal data protection and is a single and integral text with the terms of use of the website www.vyoo.gr.

This privacy policy describes the method of collecting and processing the personal data of the users and customers of the website. By navigating / browsing, accessing and / or using the Website, as well as using the services available through it, the user and / or Customer agrees to be bound by this privacy policy.

This Privacy Policy applies to personal data only, which users and customers of the site voluntarily enter when registering and creating an account on the site, and the corresponding modifications of this data by users / customers.

Our company reserves the right to revise, modify, renew and update this privacy policy, whenever it deems necessary at its sole discretion, while the respective modifications, changes and additions take effect by posting them in this section of the website. .

2. Personal Data

a. Generally

Our company strictly follows this privacy policy - privacy statement, which ensures the high level of services offered, strictly adhering to the applicable legal framework.

The processing of Personal Data of users / customers by our company, is done in accordance with the provisions of the General Regulation for Data Protection (GDPR) (EU) 2016/679, as it is supplemented by the relevant national and European legislation for protection of personal data and is valid.

The personal data concerning each user / customer and which the user himself has given voluntarily, are collected and kept for the necessary time and for defined, explicit and legal purposes. They are processed lawfully and lawfully in a transparent manner, always in accordance with the applicable legal framework and in a way that guarantees their appropriate security. This data is always appropriate, relevant, relevant and not more than what is required in view of the intended purposes, and is accurate and, if necessary, updated.

b. Personal data we collect

- Data we collect directly from the user / customer

Each user can first browse the site without giving any personal information.

The website will request personal data of the user only in case he wishes to register / create an account and order contact lenses, according to the terms of use.

In order for the user to order / buy the products of our company, he must register on the website, ie create an account, through which he will make his purchases from time to time.

During registration, and in order to create the user account, the user will be asked for the following information:

a. his personal identity,
b. email adress,
c. the degrees of myopia,
d. his address details,
e. telephone details,
f. how often he wishes to be sent the predetermined quantity of 60 contact lenses, which can be selected every 4, 6 or 8 weeks, and
g. the details of his credit / debit card, from which the payment for the respective purchase will be made.

By registering his e-mail address and telephone number, the customer accepts that all the necessary notifications to them for the completion of the respective purchase and sending of products, will be made to their declared e-mail address and / or contact telephone.

By creating an account and seamlessly continuing to use the services of the website, users / customers give their explicit consent to the charge of their registered credit / debit card.

The card details of all our customers are stored exclusively by the partner company EveryPay. Recognizing the importance of the security of electronic payments, EveryPay is a licensed Payment Institution by the Bank of Greece (decision no. 280/3 / 23-7-2018 Government Gazette B 3010 / 25-7-2018), and manages transaction data securely card payments, in accordance with the regulatory framework of the card security management standard. Everypay is certified to the Card Transaction Security (PCI DSS) standard, and is subject to periodic inspections by a specialist consulting firm. All Everypay services are provided through secure connections with 256 bit SSL certificates. EveryPay also supports 3D Secure, an additional security feature for VISA, MasterCard, Diners & Discover cards. The Payer will then have to enter his personal secret code in order to successfully complete the transaction. More about EveryPay can be found here https://www.everypay.gr/el/about/.

Our company may process part or all of the data that the user himself has entered voluntarily - except for the user card details that are not stored by our company as above, to improve the services-information provided.

The user can at any time, if there is a reason, change the personal data / data he has disclosed on the site, through the relevant field of his account. In this case, the new address details, card, etc., will be valid for the next scheduled contact lens shipment.

Our customers are kindly requested to take into account that our company will do everything possible to protect their personal data, however, the protection of each customer's password on the website is his responsibility.

- Data we collect from third parties

Our company may receive information about users / customers from publicly and commercially available sources (in accordance with applicable law), which it may combine with other information it receives from them. Our company may also receive information about users / customers from third party social networking services when users / customers choose to connect to these services.

- Other data we collect

Our company may also collect other data about users / customers, their device or the use of services in ways described at the collection point or otherwise with their consent. Such data are indicative of the following:

MAC address information, IP address, operating system version, and other statistics.
Dates and times of visits to the site
Information about actions taken on the site (such as page views and purchases)
General geographical location from which a user has access to the site. The user may choose not to provide us with certain types of information, but if he does, keep in mind that his ability to use certain services on the site may be affected.

- Other data we collect

Our company can also automatically collect and process information about the general use of the website and services.

When a user / customer performs certain actions using the services of the website, the website may monitor their actions to facilitate their browsing and the use of the website and the services provided through it, the traffic volume of the website, the frequency of visits, type and time of transactions, browser type and address.

Our company will collect, monitor and analyze such information in a general way, which will not lead to the identification of the user / customer. This aggregate data may be used by our company and its third party affiliates to assist in the operation of the Website and the services provided through it and to be provided to other third party affiliates, to enable them to better understand the operation of the Website. However, this information will be aggregated and will not contain personal data that could lead to the identification of the data subject (user / client).

- Purpose of collecting and processing user / customer data

This privacy policy sets out the terms and conditions, met by our company, for the protection of the personal data of its users / customers from any web browser, application, or device that uses it, only if the above data is provided by interested users voluntarily, for the following purposes:

  • For the registration of users at www.vyoo.gr
  • For the provision of the offered service of buying and selling contact lenses with subscription.
  • For the fulfillment of our obligations, which derive from the purchase agreement with each user / customer and for the best service within the framework of this agreement.
  • For the collection of information from users / customers (feedback) about the offered products and services of the website and their improvement based on the information collected.
  • To inform users / customers about any new products on the site.
  • To inform the users / customers about the offers of the website, as well as for any competitions.
  • To advertise and promote the products of the site remotely, and
  • For market research and related communication with users / customers.
  • To protect the rights, assets or security of our company or third parties.
  • For our compliance with our obligations arising from the law.
  • For the legal interest of our company. In certain cases, our company collects the data of the users / customers of the website in a way that is reasonably expected as part of the operation of our business and that does not substantially affect the rights of our users / customers, their freedom or interests. The legitimate interests of our company include marketing, the provision and development of our services, the understanding of the behavior and preferences of users / customers, the protection and prevention of fraud, as well as compliance with applicable legal requirements and our policies.

Our company does not use the data it collects from the users / customers of the website for purposes other than those mentioned above. In the event that our company decides to further process the personal data for purposes other than those for which it was collected, prior to such further processing, it will provide users / customers with all necessary information for this purpose and any other necessary information. , asking them for their explicit consent.

c. Other issues related to personal data

Website users / customers are subject to decisions made solely on the basis of automated processing, including profiling. Users / customers have the right not to be subject to such decisions and the corresponding processing of data, and can request this by contacting about our company at [email protected]………………………. .

In case the user / customer does not wish to receive from our company any other communication, apart from the relevant contact (s) with the purchase of contact lenses, according to the information he has entered during his registration, he can request this from the our company, sending a relevant request via e-mail to the electronic [email protected] ……………………. .

The user / customer has the right to revoke at any time his consent for any processing of personal data which he has provided through his registration on the website, sending a request via e-mail to ηλεκτρον [email protected]…, without, however, affecting the legality of the processing based on his consent prior to its revocation.

In case of revocation of the consent for the processing of the personal data registered during the registration of the user / customer and which are necessary for the execution of the contract of purchase and sale of contact lenses as stated in the terms of use, it is understood that the contract can not be extended and the customer account is canceled / deleted.

Responsible for processing the data of users / customers - except for their card details - is our company "BLUE VISION PRIVATE CAPITAL COMPANY", with the distinctive title "BLUE VISION PC", based in Athens, on Lefos Konstantinou Tsaldari no. 88, τηλ ……………………., Φαξ ………………., E-mail [email protected] …….

Responsible for processing the data of the debit / credit cards of the customers is the cooperating company "EVERYPAY PAYMENT SERVICES SOCIETE ANONYME", with the distinctive title "EVERYPAY SA", based in Athens, at Karneou Street. 25-29, tel. 2107005364, fax 2106233608, e-mail [email protected].

Users / customers have the right to file a complaint before the competent personal data protection supervisory authority, in any case they consider that the relevant provisions on personal data protection are violated.

For Greece, the competent supervisory authority is the Authority for the Protection of Personal Data (APDPX) (1-3 Kifissias Avenue, PC 23 23, Athens, call center +30 210 6475600, fax +30 210 6475628, website: www.dpa.gr).

3. Use of personal data of users / customers by third parties

The submission of their personal data by the users / customers, means that they themselves give their consent, so that their data is processed by the specially authorized employees of our company, exclusively and only for the specific purposes mentioned above. . Our company requires its employees and webmasters to provide users / customers with the level of security referred to in this privacy policy - privacy statement.

Also, in the usual context of our company's business activity, some personal data / data of users / customers are disclosed to partner companies, in order for the latter to perform services or functions on behalf of our company. Such a typical example of a cooperating company is the respective courier company, with which our company cooperates, in order to deliver the predetermined package of contact lenses to the customers at the regular intervals that they have chosen.

In any such case in which the user / customer data is disclosed to third party partners of our company, the third party partner is not authorized to maintain, disclose or use the user / customer data beyond the purpose of the services requested by the third party to provides to our company only.

In no other case, our company can disclose to others the personal data / data of its users / customers, without their prior explicit consent.

Our company in no other way discloses, publishes, sells, exchanges personal data and information trusted by its users-customers.

Exceptionally, personal data / data of users may be disclosed, if required by law or by court decision, always in compliance with the provisions of the General Data Protection Regulation (GDPR) (EU) 2016/679, as supplemented by the relevant national and European legislation on the protection of personal data and is in force from time to time.

4. Cookies

The website uses cookies to provide users / customers with the best possible browsing experience.

5. Security of personal data

Our company recognizes as a major issue the issue of security of personal data and transactions and, therefore, takes all necessary measures to protect and safeguard them.

Our company protects its users / customers from any data interception with the encryption method ………………. . Encryption is valid at all stages and all processes of transaction and sending of personal data / data - to and from the website.

Debit / credit / prepaid card payments are made directly on the website of the partner company Everypay, so the card details of the users / customers are registered and stored directly in the secure systems of that company and not on this website.

Our company implements all appropriate technical and organizational measures, in order to ensure the appropriate level of security against risks, so as to protect user / customer data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons.

Our company does not bear any responsibility towards the user / customer, in case of use of his personal data, which the user / customer has declared to a third natural or legal person through a hyperlink to the application or website of the third party, through the website.

6. Rights of users / customers

In accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable national legislation, users / customers have the following rights regarding the protection of their personal data:

a. Right of access, ie the right of users / customers to be informed about their personal data, which are kept in the files of the website as well as to obtain copies of their personal data that are processed,

b. Right of correction, ie the right of users / customers to request the correction of inaccuracies and errors in their personal data, which are kept in the archives of the website,

c. Right of deletion ("right to be forgotten"), ie the right of users / customers to request the deletion or cessation of the use of their personal data, which are kept in the archives of the site, under the more specific terms and conditions provided in the General Regulation,

d. Right to restrict the processing of users '/ customers' personal data, again provided that the more specific terms and conditions set out in the General Regulation are met,

e. Right of portability, ie the right of users / customers to request from the website the direct transmission of personal data concerning them, to the organization they will indicate, if they are technically structured, in accordance with the relevant legislation.

f. Right to object to the processing of their personal data, unless there are compelling and legitimate reasons for processing, which outweigh the interests, rights and freedoms of users / customers, or to establish, exercise or support legal site claims.

7. Data retention time

Our company will keep the personal data of its users / customers for as long as required, in compliance with the applicable legislation.

In some cases the personal data must be kept for long periods of time in order to be available, if and when questions or disputes arise.

Periods of retention of personal data are determined on the basis of the type of personal data collected and the purpose for which they are collected, taking into account the conditions applicable in each case and the need to destroy old data that is no longer used as soon as possible.

In case of registration and creation of a customer account, and further conclusion of a purchase agreement, the retention time of the customer's personal data will be determined in accordance with the relevant tax legislation, as applicable, and will be at least six (6) years from completion of the sale.

In case of simple visit / navigation of the user, his data, which have been provided through the used tools "cookies" and are maintained by the website, will be deleted at the request of the user to our company.

Our company will treat the personal data of its users / customers in accordance with this privacy policy - privacy statement, as applicable, for as long as they are in possession.

8. Capacity - Applicable law - Jurisdiction

This Privacy Policy, as well as the uniform and integral Terms of use and any amendments thereto are governed by Greek law, and by applicable European law regarding the protection of personal data. For any dispute that may arise from the use of the website, Greek law is applicable and, as the case may be, the General Regulation on Data Protection (GDPR) (EU) 2016/679 and the courts of Athens are competent.