Security and Privacy Statement
In Cake Deco PC we have always respected and we will always respect our clients and their collected personal data, perhaps because of our personal preferences, because we do not want to follow practices that we ourselves don't like other to impose on us.
We have never bought lists, sent emails or other communications to people without first having obtained their explicit consent. So always were and will always be GDPR ready! The terms on our website were and remain the same, we simply revamped them to make them more illustrative and easier to understand by anyone.
We have also always recognized the importance of privacy and e-commerce security, and we have always taken all the necessary measures, using the most up-to-date and advanced methods, to ensure maximum security for our customers.
Security on www.CakeDeco.gr website and webstore is achieved by the following methods:
A) Customer Recognition and Codes
When registering, a user you provide your personal data that Cake Deco PC guarantees they are used exclusively for the execution of transactions through its online store and for promotional activities on its behalf as described below in our Data Privacy Statement. The above information must always be true, accurate, valid and complete. After the personal information has been released and the registration has been completed on our website, the user holds two personal "passwords" for his / her identification: the Username that is their email and his / her password. The only person who has access to his or her personal information is the user through the above Personal Access Codes. Users are responsible for all transactions carried out under Personal Access Codes and are required to immediately notify Cake Deco PC of any unauthorized use that may be made with them and of any (or potential) security breach. These data are not disclosed by Cake Deco PC as is to any third parties with the exception in the case of cooperating IT companies for the exclusive use of new developments or repairs of our IT systems.
Cake Deco PC is not responsible for any damage that may result to users from the unauthorized or unlawful use of Personal Passwords by third parties due to their leakage from breach or for any other unlawful reason and reserves the right to claim damages from the user, in the event that he suffers any kind of damage from the unauthorized or illegal use of Personal Passwords. You remain solely responsible for the security of your credentials on your end. We will however be more than willing to cooperate with you or any authority in order to uncover any such event and inform you as fast as possible of any such breach on our systems.
Cake Deco PC online store does not in any way disclose or make public the user's personal information and the information our users trust in us. All information is encrypted and stored with the utmost security.
B) Ensuring the Privacy of Your Personal Data Transmission
To ensure the confidentiality of the transfer of data, the sha256RSA military grade encryption protocol is used with a certificate from letsencrypt.org, which specializes in Internet security. For more click HERE.
From the beginning to the end of every on-line session with Cake Deco PC online store, all information and personal data are encrypted using the SSL RSA 256-bit encryption protocol. Encryption is essentially a way of encoding the information until it reaches its intended recipient, which will be able to decode it using the appropriate key. Every time the user connects with Cake Deco PC online store, all communication between his computer and Cake Deco PC systems is encrypted using a 256bit (meaning 256 character length) random key. That is, every time you send information to the system, your browser first encrypts it using a 256-bit key and then sends it to our system and vice versa. Cake Deco PC's system first decrypts the information it receives using the same key (which is predetermined when the user connects to the service) and then processes them. Cake Deco PC's systems send information to the user following the same encryption process.
In email communication, we use TLS 1.0 and SLL 256bit encryption for the same reason. Finally, our internal applications are protected by security codes and internal encryption of company manufacturers.
C) Automatic Disconnection
If there is no activity for 30 minutes, the user is automatically disconnected from the online store so that your account does not stay open on an unattended computer screen.
D) Firewall Access and Antivirus systems
Access to our servers is controlled by a firewall and latest antivirus systems are installed on all of them including our internal computers and are always updated with the latest files and upgrades to prevent attacks. This way we allow the use of services by customers / visitors, while at the same time prohibiting access to systems and databases with confidential data and information. This is ensured by the company in which our website is hosted.
E) Transactions and Private Data Confidentiality
Confidentiality in transactions an your personal data is of utmost importance to us. The same basic principles governing classical transactions also apply to electronic transactions and your data. All information sent by you to Cake Deco PC is treated as confidential and we have taken all the necessary measures to use them only to the extent necessary in the context of the services provided. Some of the measures taken are the following:
1. Only authorized employees have access to user transaction information and only when necessary, e.g. for the handling of users' requests, emails and orders.
2. Cake Deco PC does not disclose the details of their clients and transactions unless they have written authorization from the user or this is required by a court order or decision of another public authority.
3. For the cases where Cake Deco PC uses third parties (outsourcers) to support its systems, it ensures that confidentiality is guaranteed by a confidentiality contract between these companies and our company and by monitoring wherever possible.
4. The user is entitled to request any information that is kept about them, as well as request their correction if they can substantiate an error.
5. Each user must take care and handle their security credentials and information as confidential and not make any disclosure to third parties.
What data we record and why
In order to make transactions through Cake Deco PC online shop for our product and / or service orders, it is likely that the user will be required to disclose the following personal information:
- Full name. This item is also used by partner carrier or courier companies when listed on your order packages.
- Profession. To assist us in assessing your account status and pricing policy.
- Address of residence or work address. Used to dispatch to send your orders. This item is also used by partner carriers or courier listed on your order packages.
- Your Phone Numbers. It is used for communication and clarification of your orders the dispath of your orders, for Customer Care and Warranty purposes, and for Sales and Marketing communication purposes. This item is also used by partner carriers or couriers when listed on your order packages.
- Your email. This is your primary ID in our website (eshop) and the way to login to our systems and is also used for: Communication on your orders, for Customer Care and Warranties, contacting for Sales and Marketing offers on behalf of our company ONLY.
- Your Password. It is your secondary credential ID for the connection to our ordering system (Website-eshop). It is not used for anything by us, it is stored on our database though.
- Date of birth. Optionally provided by the you and used by us for offers and analysis for marketing purposes.
All of the above items are kept for 7 years after your last contact with us for tax purposes and some for statistical analysis of purchasing habits.
In addition to the data above, our website ordering system (Website-eshop) records the following data:
- Your historical purchases used to make targeted offers to you based on the amounts you've spent, the items you've purchased and other shopping habits
- Your preference for sending communications on behalf of our company.
- Your navigation within our website, that is used to make targeted offers to you.
- Your shopping cart even if you do not complete your purchases.
The above data is retained forever for statistical analysis of purchasing habits and the investigation of the effectiveness of our ads.
On our internal commercial system we keep the basic data of the first paragraph along with your invoices for the purposes of invoicing and taxation and transport preferences.
Who handles your Data
Our Customers' personal data files are kept and processed by Cake Deco PC, by Mr. Dimitris Papageorgiou, phone number +30 2120 00 2120 and email email@example.com.
Α recipient of your basic dataset as decsribed above may also be Piraeus Bank for the sole purpose of completing transactions for the settlement of your transactions according to your expressly stated payment preference for every purchase.
The recipient that may access all your data, where deemed necessary or chosen at random for testing purposes, can potentially be the IT companies involved in the development, correction and security of our IT systems. Under no circumstances do they receive your data directly but may access it (see it and process it in bulk).
Your rights on your personal data
You may at any time withdraw your consent for receiving marketing communications from us by selecting the Unsubscribe button that can be found at the bottom of each of our communications or by sending us an email to firstname.lastname@example.org.
Also at any time you have the right to access and modify or delete some of your personal data through your access to our website from the "My Account" menu where you are transferred upon your entry to our website or by sending an email to email@example.com.
You also have the right to ask us to erase your data (those that are not used for tax purposes only) from our systems by sending us an email to firstname.lastname@example.org to which we will respond within 30 days.
Finally, you have the right to request to view your data or transfer it to anyone else you want in an electronic format, again by sending an email to email@example.com to which we will respond within 30 days.
If you believe that your privacy is being violated in respect to the law, you have the right to file a complaint with the Personal Data Protection Authority at www.dpa.gr
For further information on the Use of the Website, please follow the links below.
This website does not store credit card information or any other really critical information about you. For payments via Winbank Payments, you are redirected to Winbank's epayment systems, where your data and payment information are stored. For more information, please contact Piraeus Bank.