Privacy and Data Protection Policy

Clarifications in regards to the processing of personal data

Why shall the Company process Data of Personal Type (DPT) and the Special Category Data of Personal Type (SCDPT)?

With the purchase of services / products that the Customer carries out through the Company’s website, they state that they wish for the Company to handle the completion of a task or the mediation between the Customer and some third party for the completion of a task with the Company’s function being an Internet service provider. The Company, based on information / data the Customer declares in its website / ordering form, should integrate such into a homogeneous category and calculate, based on said declarations, the product/ service which is suitable and relevant for the Customer.

For such to happen, the Customer needs to fill in the particular DPT and/or SCDPT noted in the relevant fields of the ordering form. This data is objectively essential to the implementation and function of the provided service. The proper and complete information for data the Company requests are considered obligatory of the Customer, according to law. It is possible that inaccurate or incomplete data the Company requests to find, cause for the Company to demand even the cancellation or report of the provided service, at any time.

For however while the contract for service provision remains in effect, the Company shall process Customer data which are necessary for its function based on the present contract with which the Customer consents to should they proceed in carrying out an ordering of service / product from the Company.

Domain Registration

To register a domain name, the registrant must provide certain personal information:

Contact Information: The registrant's name, mailing address, phone number, and email address. Identity Verification: Some registries may also require the registrant to provide additional documentation to verify their identity, such as a governmentissued ID or passport.

Additional contact point: Some registries may require the registrant to provide one or more additional contact points, who will be responsible for eg. administrative or technical aspects of the domain registration. The registrant's personal data will be used for the following purposes:

a. Verifying the registrant's identity and contact information

b. Billing and invoicing for the domain registration

c. Providing customer support and assistance

d. Communicating important information about the domain registration and renewal

The domain registrar, as the entity responsible for managing the registration of domain names, is responsible for collecting and storing the registrant's personal data in accordance with applicable laws and regulations, and they may share the registrant data with other registrars in order to register a domain. The domain registry, as the entity responsible for maintaining the database of registered domain names, will from the registrar receive the registrant's personal data. The registry uses this information to maintain accurate and up-to-date records of the registered domain names, and to ensure compliance with relevant laws and regulations. The registrar and registry may also be required to share the personal data with ICANN (Internet Corporation for Assigned Names and Numbers) as a part of compliance process with ICANN's policies.

In what kind of data processing shall the Company proceed to?

After the Customer proceeds in the ordering a product / service and has filled in all necessary fields in the order form, the Company shall, for the reasons already noted, carry on with any action or series of actions processing the Customer’s data with assistance of automated means like, for example gathering, input, organizing, rectifying, storage, adjustment, shift, recover and searching of information as well.

The Company makes use of automated means for the fulfillment of the order and providing the service. Through said means, the Company can reach decisions quicker, with greater accuracy, transparency and consistency. However, in those cases, regular relevant checks are made from pertinent Company employees.

The Company, in the name of safeguarding legal interests, often runs checks, through automated procedures to prevent scams against it.

In particular, the following individual audits are made towards compliance of the Company with instruction from european and greek legislature.

  • Audits (and automated ones) are conducted for preventing the use of products in money laundering and / or the funding of terrorism.

  • Audits are conducted and files and data are sent towards compliance of the Company with the administrative cooperation of European Union member-states.

  • Audits are conducted and files and data are sent towards compliance of the Company with the multi-part agreement of Pertinent Authorities for the automated trade of information in regards to financial matters.

For the purposes of security and detection of fraudulent behavior, Enartia has implemented an automated control system, which makes use of cookies and other similar tracking technologies, to track and analyze certain behavior of the users on the site, associated with their IP addresses and other personal data associated with the browsing on the site. The consequence of such processing is that, if a visitor attempts to engage in fraudulent conduct on the site, for example in order to benefit several times from the same promotion without having the right to do so, Enartia reserves the right to exclude such person from the promotion or to take any other appropriate measure for its own protection

Analytics activities by means of tracking through the use of cookies and similar technologies, aimed at verifying and measuring the quality and effectiveness of Enartia’s online advertising campaigns, in order to improve the performance of those campaigns, as well as the services offered by Enartia

As part of our marketing efforts and in the legitimate interest of Enartia, we may send marketing emails or texts promoting similar products or services to our customers, in compliance with the soft opt-in exemption. This exemption allows us to contact our existing customers with offers for products or services that are similar to those they have previously purchased from us

For how long shall the Company hold the Customer’s data in a file?

The Company shall hold on to the Customer’s data for however long a contractual relation is maintained between them, either in written or electronic format. In a case of, for whatever reason, this is interrupted the Company shall hold on to such for however long of a time is left for any relevant claims to become time-barred.

What rights does the Customer have in regards to the processing of their data?

The Customer, may, as appropriate, exercise the following rights:

  • The right of access (learning which data of theirs the Company is processing, for what reasons and its recipients)

  • The right of amendment (rectifying any inaccuracies or lack of data)

  • The right of deletion / right of oblivion (purge from Company files, should their presence, however, no longer be necessary)

  • The right of restricting processing (In case of doubt being presented so as to the accuracy of data etc.)

  • The right of portability (for the Customer to receive their data at a structured and commonly used format)

Such rights are exercised sans cost for the Customer, with the sending of relevant postage or email to the Data Protection Officer, unless they are repeated often and due to volume, they possess administrative weight for the Company, hence the Customer shall be burdened with the relevant cost.

Should the Customer exercise any of those rights, the Company shall undertake any possible means for the satisfactory conclusion of such a request within thirty (30) days from receiving the relevant request, after the Company notifies such either for its execution, or the subjective reasons which prevent it.

Beyond such, the Customer, may, at any time, be set against the processing of their DPT and SCDPT for the purposes of the contract service provider, withdrawing their consent. However, this will lead to the termination of the Customer’s contract services provided from the Company because (according to the above) no service works without processing of the Customer’s DPT and/or SCDPT (concerning data).

How is the Customer’s data security safeguarded?

Data security is, to the Company, an absolute commitment. To achieve such, all modern and suitable means are implemented for purposes of technological processing (for example, encryption, anonymity) as well as organizational measures, the effectiveness of which the Company checks at regular intervals.

Where shall the data be transferred?

The Customer’s data will be transferred to Company departments pertinent to the execution of the provided service and for the proper and hurdle-free implementation of such. For example, the Technical Support department, Legal, Accounting etc.

The Customer’s data might be transferred and made accessible for legal entities and / or persons with which the Company occasionally maintains contracts for the proper provision of offered services. Furthermore, in regards to the Customer’s safeguarding contract, such data might be transferred to various services, public authorities etc. However, in this case, the legal entities or persons will process the Customer’s personal data solely for provision of services towards the Company and not for personal gain, acting as executors for the processing.

In every transfer, the Company always undertakes any possible measure to ensure the transferred data are always the minimum required and the conditions are for legal and desired processing.

The team.blue Group, consisting of several brands and subsidiaries, can improve coordination and resource allocation by sharing data internally. This allows for more efficient collaboration on product, campaign, and customer service improvements. Personal data may be shared among team.blue Group companies for marketing statistics, internal administration, and reporting purposes, but only in an amount necessary for the intended use and with proper protective measures in place to prevent unauthorized access or disclosure.

Shall the Company process the Customer’s data for commercial purposes?

For the duration of processing noted above, the Company might process your DPT data (but not your SCDPT).

The Customer may be set against processing of their data (for commercial purposes) through the sending of a relative request to Data Protection Officer. In such a case, the Customer’s data will no longer be subjected to processing for commercial purposes.

Submission of an accusation / complaint?

For whichever issue involving the processing of your data, you may address Data Protection Officer (DPO) of the Company: tel. 00302811229000, email: [email protected]

In addition, the Customer always hold the right of turning to the pertinent Authorities, where they can submit the relevant complaints. For Greece, this is Independent Authority for Data Protection (Kifissia’s 1-3, P.C 115 23, Athens) or online here.

Cookie Policy

What are cookies and why does the website papaki.com use them?

The use of cookies makes it easier for the website to remember information about your visit by collecting useful data regarding your browsing preferences. Cookies help us see the performance and traffic of the website by improving its presentation and content, according to your preferences.

Cookies are small text files sent to your browser and stored on your computer, while you are visiting our website. In no case do cookies contain personal information or information that allows anyone to contact you by phone, e-mail, etc. Furthermore, the use of cookies does not allow any access to documents or files on your computer. The information that is being stored on your computer refers to data such as the websites you have visited, the date and time of the visit, as well as a random and unique user identification number.

On our website we use strictly necessary, functional, targeting (advertising), third-party and performance cookies. The use of the strictly necessary cookies does not need your consent. For the other categories of cookies you must give us your express consent in order for us to be able to improve your visit to our website.

Enartia uses cookies for functional and statistical purposes, to detect fraudulent behavior and to measure the effectiveness of advertising campaigns and services

You can enable or disable the installation of cookies on your device at any time by changing the settings of your browser. You can also configure your browser to notify you before the installation of a cookie on your device, or to follow your browser’s instructions in order to delete any cookies that have already been installed. If you use multiple devices, you must set up your browser according to your preferences on each of your devices.

In case you opt to disable all cookies, you may not be able to fully enjoy the interactive features of our Website or receive our services through our Website. In any case, we recommend that you do not disable the strictly necessary cookies.

To manage your cookies’ preferences through your browser, please select the following hyperlinks that will redirect you to your browser's instructions:

Mobile devices:

If you are using another browser, you may find the cookie settings in the help (support) section of your browser.

You can learn more about cookies on the following third-party websites:

The present Cookie Policy constitutes a further breakdown of the information banner regarding the use of cookies, which appears during your first visit on the home page of the website papaki.com.

The Cookie Policy is part of the terms of use of our website and may be amended from time to time. For this reason, you are kindly recommended to regularly check the Cookie Policy, in order to keep informed of any changes.

The Cookie Policy that is published on our Website is the one that applies at any given time. The section under the title "LAST AMENDMENT" at the end of this page stipulates when this Policy was last amended. No amendment of the Cookie Policy is applicable, unless published on our Website. If there is any substantial change to our Cookie Policy, we will notify you through a relevant message when you visit the Website. In such cases of a substantial change to our Cookie Policy, we will ask you to accept it again.

Αn elaboration on the most common Cookies is listed below:

Cookies Categories

The strictly necessary cookies are essential for the proper functioning of our website and allow you to browse on it and use its features. These cookies do not recognize your individual identity. These cookies are exempt from the obligation to obtain your consent. They are technically necessary to enable the connection to the website or to provide the internet service that you have requested as a user.

Name
Use
Duration
Third-party access
CulturePref
Necessary for cart's choice of language.
session
cdn.papaki.com
greeting_set
session
support.papaki.gr
PHPSESSID
Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages.
session
www.papaki.com
dp_last_lang
This is the language you have selected on the Deskpro portal. This is used to make the experience better on multi-lingual help desks.
session
https://support.papaki.com
ASP.NET_SessionId
Allows the proper loading of webpage content.
session
papaki.com
dpsid-portal
These are session identifiers for each of the three major interfaces in Deskpro. A session ID is used to help store various state connected with your current browser session. For example, if you log-in, then the session ID is used to store the fact that you're logged-in. Without sessions, there'd be no way for Deskpro to save any state as you browsed around the helpdesk.
session
https://support.papaki.com
OptanonAlertBoxClosed
Remembers user's preferences on cookie settings.
1 year
One Trust
OptanonConsent
Remembers user's preferences on cookie settings.
1 year
One Trust
ASPSESSIONIDXXXXXXXX
This cookie name is generally associated with use as a general purpose platform session cookie, used by sites written with Microsoft ASP based technologies. The structure of the cookie name is a common root - ASPSESSIONID, followed by a series of unique letters. It is usually used to maintain an anonymised user session by the server.
session
papaki.com
drupal_locale
Necessary for the correct language correspondences between the website and cart
10 days
papaki.com
__RequestVerificationToken
This is an anti-forgery cookie set by web applications built using ASP.NET MVC technologies. It is designed to stop unauthorised posting of content to a website, known as Cross-Site Request Forgery. It holds no information about the user and is destroyed on closing the browser.
session
www.papaki.com
csrftoken
This cookie is associated with the Django web development platform for Python. It is designed to help protect a site against at particular type of software attack on web forms.
1 year
www.papaki.com
__cfduid
Cookie associated with sites using CloudFlare, used to speed up page load times. It is used to override any security restrictions based on the IP address the visitor is coming from. It does not contain any user identification information.
30 Days
deskpro.com
XSRF-TOKEN
Cookie used to help prevent Cross-site request forgery
2 hours
status.papaki.com
laravel_session
This cookie is used internally for uploading or renewing website content.
session
status.papaki.com
_ga
Anonymous cookie. Tracks user's interaction with the website content for measuring traffic statistics, through Google Analytics.
2 years
google.com

Functionality cookies monitor the proper functioning of our website and allow the website to remember the choices you make (e.g. language preferences, username or region). They provide enhanced and more personalized features that help you so you do not have to set your options every time you visit the website. Third-party cookies may also fall within this category.

Name
Use
Duration
Third-party access
has_js
Most commonly associated with the Drupal content management system. Drupal uses this cookie to indicate whether or not the visitors browser has JavaScript enabled.
session
www.papaki.gr
dp__v
This is a visitor token. This helps connect a single visitor through multiple sessions for things like votes on articles, comments, chats, and page views. For example, if you start a chat as a guest and then come back next week, we can use this visitor token to lookup your chat history to show you.
session
https://support.papaki.com
pll_language
This cookie name is associated with the Polylang plug-in for WordPress powered websites. it stores a language preference for the visitor to support multi-lingual websites. When set as a persistent cookie, or with the default lifespan of 1 year, it has to e considered Functional rather than strictly necessary.
www.papaki.gr
__unam
This cookie is usually associated with the ShareThis social sharing widget placed in a site to enable sharing of content across various social networks. It counts clicks and shares of a page.
papaki.com
NID
This domain is owned by Google Inc. Although Google is primarily known as a search engine, the company provides a diverse range of products and services. Its main source of revenue however is advertising. Google tracks users extensively both through its own products and sites, and the numerous technologies embedded into many millions of websites around the world. It uses the data gathered from most of these services to profile the interests of web users and sell advertising space to organisations based on such interest profiles as well as aligning adverts to the content on the pages where its customer's adverts appear.
6 months
google.com
G_ENABLED_IDPS
Used for Google Single Sign On
Infinity
google.com

These cookies allow us to collect information about how you use our website in order for us to improve your experience. They help us know which pages are your favorite and which are less likeable to you. For example, we can detect which pages you visit most often, the products and services that attract the most of your interest, ads, links, videos and offers you have seen.

Name
Use
Duration
Third-party access
_gid
Anonymous cookie. Tracks user's interaction with the website content for measuring traffic statistics, through Google Analytics.
2 days
google.com
_gat_gtag_UA_XXXXXXXXX_X
Anonymous cookie. Tracks user's interaction with the website content for measuring traffic statistics, through Google Analytics.
1 day
google.com
_gat
Anonymous cookie. Tracks user's interaction with the website content for measuring traffic statistics, through Google Analytics.
1 day
google.com
optimizelyBuckets
Cookie set by the Optimizely website optimisation plaftform. Used to store the page variants assigned to a user for A/B performance testing, to ensure the user gets a consistent experience
6 months
papaki.com
optimizelySegments
This cookie is set by the Optimizely website optimisation plaftform. It holds audience segmentation information for a visitor.
6 months
papaki.com
optimizelyEndUserId
Cookie set by the Optimizely website optimisation plaftform. This cookie is a unique user identifier
6 months
papaki.com
optimizelyPendingLogEvents
Cookie set by the Optimizely website optimisation plaftform. Records user activity.
15 seconds
papaki.com
_hjIncludedInSample
This session cookie is set to let Hotjar know whether that visitor is included in the sample which is used to generate funnels.
session
script.hotjar.com
JSESSIONID
This domain is controlled by New Relic, which provides a platform for monitoring the performance of web and mobile applications.
session
nr-data.net
_hjIncludedInSample
This session cookie is set to let Hotjar know whether that visitor is included in the sample which is used to generate funnels.
session
papaki.gr
st_samesite
Used by ShareThis to track visitor’s website navigation and preferences - This is used for internal statistics and marketing.
session
c.sharethis.mgr.consensu.org
_hjCachedUserAttributes
This cookie stores User Attributes which are sent through the Hotjar Identify API, whenever the user is not in the sample. These attributes will only be saved if the user interacts with a Hotjar Feedback tool.
session
script.hotjar.com
_hjAbsoluteSessionInProgress
This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie.
30 minutes
papaki.com
_wicasa
Sets a unique ID for the session. This allows the website to obtain data for functional and statistical purposes.
3 months
team.blue Group
_ashkii
Unique ID that identifies the visitor's session.
Session
team.blue Group
_hjTLDTest
When the Hotjar script executes we try to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.
session
papaki.gr

These cookies are administered through our website by our advertising partners. They can be used by these companies to create a profile of your interests and to show you relevant ads on other websites. They work by uniquely recognizing your browser and your device. If you do not consent to these cookies, you will not enjoy our targeted ads on other websites.

Name
Use
Duration
Third-party access
fr
This domain is owned by Facebook. As a third party host provider, it mostly collects data on the interests of users via widgets such as the 'Like' button found on many websites. This is used to serve targeted advertising to its users when logged into its services.
3 months
facebook.com
_gclxxxx
Tracks visitor's interaction with website ads, for measuring advertisement impact by Google.
3 months
google.com
_hjid
Hotjar cookie. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
1 year
papaki.com
IDE
Tracks visitor's interaction with website ads on affiliate websites, for advertising use by Doubleclick (Google).
1 year
doubleclick.net
test_cookie
Tracks visitor's interaction with website ads, for advertising purposes by Doubleclick (Google).
session
doubleclick.net
VISITOR_INFO1_LIVE
Tracks visitor's interaction with Youtube videos, for advertising purposes by Youtube (Google)
1 month
youtube.com
GPS
Tracks visitor's location, for advertising purposes by Youtube (Google)
1 day
youtube.com
YSC
YouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites.
session
youtube.com
fbsr
This is a Facebook cookie that helps users who choose to connect to this site with their Facebook account through the log-in process.
1 year
connect.facebook.net

To view third-party content, you must first accept the terms and conditions set by them. These include their cookie policy, which is beyond our control.

However, if this content is not displayed, third-party cookies are not being stored on your device.

Third party providers on the web-pages of papaki.com

  • facebook.com
  • instagram.com
  • twitter.com
  • linkedin.com
  • youtube.com
  • enartia.com
  • greekecommerce.gr
  • apply.workable.com
  • google.com
  • google.gr
  • adwords.google.com
  • en.wikipedia.org
  • icann.org
  • opensrs.com
  • verisign.com
  • eurid.eu
  • afilias.info
  • paysafecard.com
  • apps.apple.com
  • play.google.com
  • enom.com
  • verisigninc.com
  • nominet.uk
  • ocecpr.org.cy
  • letsencrypt.org
  • wordpress.org
  • profiles.wordpress.org
  • woocommerce.com
  • fast.wistia.com
  • amazon.com
  • windowsphone.com
  • github.com

These third-party services are beyond our control. Providers may at any time change the terms of use, purpose and use of cookies, etc.

In some cases we use tracking technologies to gather information that identify or may identify individuals, if combined with other information. In such cases, our Privacy Policy shall apply cumulatively with this Cookie Policy.

The Cookie Policy of the website papaki.com has been drafted in the simplest possible way, in order to be understandable by all its users. If you have any questions, complaints or objections regarding our Cookie Policy, please contact [email protected]

Privacy Policy

The Company handles a Customer’s security, trust and respect. The safeguarding of Customer personal data is particularly important. Hence, the Company communicates the above to its visitors and/or Customers:

  • The Company website is a communication system to the public, with which information and services are offered, through the Internet. Visitors of the Company website are able to inform themselves of any new products and services it offers, important announcements, new jobs and be notified of any service without offering any information.

  • In case of gathering a Customer’s personal data is necessary, for the execution of some trade through the website, the following shall take effect:

    • The Company maintains a log and processes potential Customer personal data, the sole reason being the support, forwarding and implementation of the exchange with the Customer as well as the provision of high level services.

    • Customer data are safeguarded by strict discretionary criteria and are forwarded on third-party companies only if necessary for an order’s implementation or the functionality of a Customer’s service.

Website software is designed for a maximum amount of security and trust. All information contained within requests submitted in the website and are related to payment of whichever service the Customer chooses, are secure. Only authorized employees, having received proper training so as to the processing of Customer information, shall have access to such information and only when necessary for implementing Customer requests.

LAST UPDATE: 06/10/2023