Information for Personal Data Processing
The protection of the personal data of customers and collaborators is of primary importance for our company. For this reason, the appropriate technical and organizational measures are taken to protect the personal data we process and to ensure that their processing done by the company itself, as well as by third parties who process personal data on its behalf, is always done in accordance with the legal obligations.
The present Privacy and Personal Data Protection Policy applies to: services our company provides to customers, to the communication to any interested party, and to the website www.asteroskopeion.com / www.cosmos.cy and its online services.
What is GDPR?
The General Data Protection Regulation (GDPR) 2016/679 (EU) is the new regulatory framework of the European Union (EU) on personal data. The object of this law is to establish the conditions for the processing of personal data, the protection of the rights and freedoms of every natural person and in particular, the right to the protection of personal data.
In accordance with the definition given in article 4 of the GDPR, personal data is defined as the information that can be used for your identification, communication and transaction with you. In particular, your personal data is your: name/surname, address, email, phone number, and other information when combined with your personal information.
The company 1010 Asteroskopeion as responsible for the personal data processing, under the brand-name “1010 Asteroskopeion LTD”, based at Grammou 21, 1010 Nicosia, with Tax Identification Number 12296941W collects and processes personal data of its collaborators, suppliers, employees and customers, in order to conduct its business activities, in accordance with applicable Cypriot law and European General Data Protection Regulation 2016/679 for the protection of natural persons with regard to the processing of personal data and for the free transmission of such data, as in force. Therefore, the company 1010 Asteroskopeion acts as responsible for data processing, in accordance with article 4 par. 7 of the GDPR.
If any issue arises related to the processing of your personal data, you can contact the Department of Personal Data Protection of the company.
Tel: +357 24 323 010
Which personal data do we process?
We process your personal data only for legal purposes, provided that one of the conditions of article 6 par. 1 of the GDPR is met. The website www.asteroskopeion.com is designed so that users can navigate it without revealing their identity and personal data, unless they want to do so. To conduct our business activities and cooperate with you, it is necessary to collect and process part of your personal data, in order to provide our services and to cover your needs, sufficiently. More specifically:
Customer’s personal data
We collect and process customers’ personal data such as name/surname, father's name, phone number, email, address, identity card number, Tax Identification Number, orders, invoices, payment receipts, etc. in order to complete the orders of our customers.
After informing our customers in detail on how their personal data processing is done, we give them the opportunity to subscribe to our mailing list (Newsletter) to receive updates on new products and services, offers and actions of 1010 Asteroskopeion.
The legal bases for the above data processing, are: the fulfillment of our contractual obligations (GDPR article 6 par. 1b), your explicit and free consent (GDPR article 6 par. 1a) and the legal interest of the company 1010 Cosmos Ltd (GDPR article 6 par.1f).
Personal data from the use of online services on our website
In order to optimize our website to better serve your needs, we monitor its performance. During your navigation, we automatically collect the following information about: your computer and your visit, the network and its provider through which you have access to the internet, your activity on our website, the date and time of browsing our website, how much time you spent there and which links were visited, your IP address, the operating system of your PC, as well as your browser software.
Additionally, we use our e-shop to serve our customers and complete transactions efficiently through our online store.
The legal bases for the above processing, are: your explicit and free consent (GDPR article 6 par. 1a) and the legal interest of our company for the processing of your personal data in order for the company to operate and grow smoothly and efficiently (GDPR article 6 par.1f).
Personal data that we collect and processes for the staff
The company’s staff is well trained and informed about its obligations on customers’ personal data protection, as well as the professional secrecy. There is always a contractual relationship between the company and its employees, maintaining the necessary commitments of confidentiality and of taking appropriate organizational and technical measures to protect the personal data of customers.
Personal data processing basic principles
Personal data processing is done in legal, transparent and fair way.
Personal data are collected only for specified, clear and lawful purposes.
The collection of personal data is sufficient and relevant.
Personal data are accurate and up to date.
Personal data which are not accurate, are being changed or deleted.
Personal data are confidential and stored in security.
Personal data are not shared with third parties, unless it is necessary in order for services to be offered, after agreement.
Disclosure of personal data
It is possible that, for specific purposes, our company may transmit the personal data provided by natural persons to third parties, in the following cases.
To employees or external cooperators
Our employees and external cooperators are experienced professionals and they are well-informed about confidentiality obligations related to customers’ personal data. Our company’s employees and external cooperators (e.g., transport and courier companies) can access only the personal data of our customers, which is absolutely necessary in order for them to execute their duties. We always keep a contractual relationship with employees/external cooperators, maintaining the necessary commitments of confidentiality and taking the appropriate organizational and technical measures to protect the personal data of our customers.
Other third parties according to the law
We may share the necessary personal data of our customers in order to comply with the law or with a mandatory legal procedure (e.g., tax purposes), or in order to protect the legal rights and the security of the company.
Other third parties, for the implementation of the services offered
In some cases, the customers’ personal data is necessary to be shared, for the smooth operation of some online services (e.g., data center, hosting etc.). In any case, there will be a special reference to the relevant service contract.
Other third parties with your consent
Non- EEA recipients
The personal data you provide to our company, will be stored on servers which are located within European Economic Area (EEA). We will not transfer your data outside the European Economic Area, unless you are a non-EEA user. In this case, it is possible that your data will be transferred, in order for the products you bought to be delivered and for the payment/returns to be processed or to send you promotional information, in case you have subscribed to our mailing list.
In case your data is or may be transferred to countries such as USA, then the transfer is made in accordance with the principles of the so-called EU–US Privacy Shield, in order to ensure that the personal data of the people involved are sufficiently protected. Otherwise, in case it is necessary for your data to be transferred to other countries, outside the EU, the transfer is made in accordance with the so-called Standard Contractual Clauses (SCC), i.e., in accordance with appropriate provisions in legal texts for the personal data protection, which are transferred to such countries, where there is no adequate protection security level.
Data retention period
The data retention period -depending on each case- is decided based on the following criteria:
When data processing is required as an obligation by provisions of the applicable legal framework, customers’ personal data will be stored for a period defined by the relevant provisions.
When data processing is done in accordance with a contract, the retention period of customers’ and employees’ personal data can be up to 20 years, for the possibility of projecting ancillary claims of them, which are subject of the 20-year limitation period, as well as for the possibility of exercising, supporting and establishing of legal claims of the subjects to us and vice versa.
As set by law, your data that are subject to tax regulations will be stored and retained for a period up to 10 years since the cancellation of your account in our system. After this period, your data are deleted without prior notice.
Personal data protection
We implement appropriate technical and organizational measures, aiming at the secure personal data processing and at the prevention of accidental loss or destruction, unauthorized or/and illegal access to, use, modification or disclosure of personal data. These technical and organizational measures are taken both during the design of processing media (e.g., encryption of the company’s server’s and computers’ data etc.), and by default, so that only the necessary for each purpose personal data are processed (data minimization principle). In addition to these measures, the company is constantly searching for new methods in order to protect the personal data that are collected and processed. In any case, the internet operation and the fact that it’s open to anyone, does not allow us to guarantee that third-parties who are unauthorized will never violate these technical and organizational measures, getting access and probably using personal data for unauthorized or/and illegal purposes.
Transactions via e-shop
Regarding the transactions via the company’s e-shop -with a large volume of e-mails and orders- all the appropriate for your data protection measures are taken. These data are disclosed and processed in the context of customer service and the processing of transactions. We have added opt-in form of your consent, as existing customers, as a condition for the collection and processing of your personal data in the context of the execution of your order and the completion of the relevant transaction. As for existing customers who have made transactions with our e-shop, these continue to be valid, although you may have not given your consent, because in this case the company’s legal interest to keep a transactional relationship with you is preferred. However, in any case -even you are existing or potential customer- if you wish to terminate our transactional relationship, and consequently to stop your data processing and storage, as well as stop receiving promotional material, you have the right to withdraw your consent (opt-out), at any time.
In any case, we take all the appropriate technical and organizational measures to protect and efficiently store your personal data, for as long as we have access to process these data, in the context of the order execution and the completion of the relevant transaction.
How to control cookies
You can control and/or delete cookies according to your preferences. Details on this topic can be found at: https://www.aboutcookies.org/. You can delete all the cookies that currently exist on your computer, as well as change the settings of your browser, so cookies are not allowed. However, in this case, you may need to adjust some preferences each time you visit a website. The user can use any website without allowing the installation of cookies, but that may affect its usability and the operation of specific services.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:
whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes
if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at: email@example.com
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.
You may request details of personal information which we hold about you. If you would like a copy of the information held on you, please write to us email us at: firstname.lastname@example.org
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible. We will promptly correct any information found to be incorrect.