The general partnership with the name “ARAPAKOS G. – KOGHILAKI OE” and the distinctive title “KOPELI”, attaches particular importance to the protection of privacy and personal data of the subjects whether they are customers, employees or associates.

This protection policy concerns the management of all personal data collected and processed by the company “ARAPAKOS G. – KOGHILAKI OE” (hereinafter referred to as the “Company”). In particular, hereby, which is posted on our official website / online store,, but also at the company’s headquarters, we inform you regarding the current Privacy Policy and the rights deriving from the General European Regulation 2016/679 (GDPR) and Law 4624/2019, in order, among other things, where necessary, to give your explicit consent to their processing.


This Policy is valid from 01/03/2022


Personal Data Processor:

Responsible for processing is the societe anonyme with the name “ARAPAKOS G. – KOGHILAKI OE” and distinctive title “KOPELI”, with TIN: 999014698, of the Tax Office of Chania, with number GEMI: 073750758000, located in the Local Community of Varypetro, Municipal Unit of Therissos, Municipality of Chania, telephone: 2821033530 and email (hereinafter referred to as the “Processor or Company”).


  1. How and what Personal Data do we process?

1.1.Personal data is usually collected actively, ie it requires positive action of the data subject. More specifically, the individual subject (eg customer, site user, employee, etc.) may provide us with personal data orally (in person or by telephone), in writing (by sending or delivering documents or any other physical material ) or electronically (by registering on the website, by sending a message to the relevant e-mail address or by filling in an existing contact form on the website or by submitting an evaluation).

1.2.So for example, we collect the data that you actively provide to us when you complete your order through our online store, or proceed with the registration process on the website, or evaluate our products, as well as when based on the information you provide to us (with any means eg telephone) fill in the printed order form orwhen you participate in any various promotional activities that our company conducts from time to timee.g. competitions, draws, etc.

1.2.In the above ways we actively collect and process, any personal data that is necessary, for the management and maintenance of the contractual, pre-contractual or post-contractual relationship between us, for the preparation and fulfillment of the contract between us, the pricing of the products provided and the execution of purposes are described below (see para. 5). Indicatively, the following table categorizes the data that we collect either actively in the ways mentioned above or passively through cookies (see par. 2)


1.3. Personal Data Table



Customer VAT(consumer) Customer VAT(business) Registered User








[a] Name, Surname, Username, email












[b] Name, username, name of representative, email










[c] Name, Surname, Patronymic, Matronym








contact info



Address / headquarters (street, number, city, area, Region), telephone, e-mail















[a] Name, surname, address












[b] Α.Φ.Μ., Δ.Ο.Υ., registered office, name











[a] Purchase products, products in the cart, wish list, selection of cookies











[b] Order history










professional qualifications, skills, interests, education, qualifications, professional experience etc.  













marital status, no. IKA, AMKA, VAT number, age, working hours etc.  









  1. How is passive data collection done?

2.1.Both the ordinary and the registered user are informed, already upon their first entry on the website with a pop-up window for the use of cookies, in order to choose to activate or deactivate them.

2.2.The user can proceed toEnabling or disabling cookies both in the environment of the website, through an automated tool (activation / deactivation) included in the above-mentioned pop-up window during the user’s first visit to the website, as well as through the browser used by the user(seeGoogle Policy).

2.3.Cookies are short texts of software code, which are sent for storage by the web server (server) of the cookie sender in the user’s terminal equipment, and have as basic function the recording and sending of stored data of the browser (“browser”) of the user , to the sender. The use of cookies facilitates the access of the visitor / user to the website and the use of specific services, the areas that are useful or popular are determined and the effectiveness of the website is evaluated. More specifically, from our website, among other things, passive, personal data is collected regarding the user’s choices regarding the presentation of the website in order to understand how visitors use our website and to improve its structure and content,

2.4.The company’s website, among other things, collects passive, personal data related to the user’s choices regarding the presentation of the website to understand how visitors use our website and to improve its structure and content, in order to reflect the special needs and their interests but also cookies necessary for the processing of your online purchases.


2.5.Cookies table


Name Features – Function Duration
wp-wpml_current_language Saves the user’s current selection of the site’s display language OF A SESSION
wordpress_logged_in_ Used by wordpress to authenticate passwords and authenticate logged in users OF A SESSION
wordpress_sec_ Used to store authentication information. Its use is limited to the area of ​​the management console OF A SESSION
wordpress_test_cookie WordPress sets this cookie while navigating the login page. It is used for

check if your web browser is set to allow or reject cookies.


woodmart_wishlist_product Records and saves the products you have added to the wish list. 7 DAYS


Counts and saves the number of products you have added to the wish list 7 DAYS
woocommerce_cart_hash Records and stores information about the cart, as a whole, when making a purchase, and detects when changes are made to the cart.


woocommerce_items_in_cart Records and stores information about the cart, as a whole, when making a purchase. OF A SESSION
wp_woocommerce_session_ It assigns each customer a unique code, so that the details of this cart can be found in the database when making a purchase. 3 DAYS


  1. Personal data of children


3.1.Our company understands the importance of protecting children’s personal data, especially in an online environment. In particular, the Website is neither intentionally designed nor intended for minors under 18 years of age. It is our policy to never collect or knowingly collect data about any person under the age of 18.

  1. Data Processing Purposes and Legal Bases

4.1.Any user, at any time can refer to this full text of the Civil Protection by selecting the relevant link at the bottom of the site to be able to provide or not their consent, when required and to remove it at any time or to exercise the his other rights.

4.2.In case you withdraw any given consent, we inform you that the company may continue to process some of your data, if there is another legal basis e.g. statutory obligation

4.3.If you consent or there is some other legitimate reason (eg legal interest, contract, legal obligation, etc.), both we and the other recipients process your personal data for the following purposes and any other compatible purpose. .

4.3. Table Editing Objectives


Compliance with the Legislation E.g. Issuance and maintenance of a file of financial data and documents, delivery of documents to any control of the competent service, keeping payroll statements, etc.
Website functionality Eg Use of email address in order to send a message, use of cookies in order to complete the online purchase or to keep the products in the basket, etc.
Preparation and Execution / Fulfillment of a Contract E.g. Receiving and storing an order, Completing an order form, storing identification / order products / shipping address, sending an email to accept an order and being informed of its progress, completing and archiving a voucher for sending products, issuing and maintaining documents (filing and filing) employment, collection and retention of CVs and employment data, etc.
Communication Service, Responding to requirements, fulfilling requests For example, telephone or electronic communication on our part at a conventional and pre-contractual stage for information purposes, answering questions and complaints, etc.
Optimization and Upgrading of services provided E.g. Market Data Analysis in terms of anonymity and confidentiality in order to draw conclusions and improve the services provided, Conduct tenders, etc.


4.4.The processing of your personal data is based on one of the restrictively mentioned bases of legality of the processing (Consent, Contract, Legal obligation, Vital Interest, Public Interest). More specifically, we collect and process your personal data in accordance with the following legal processing bases:

4.4.a. Processing for the execution of the contract(article 6 par. 1b GKPD):

For example, under this legal basis, we process your personal data:

– when accepting your proposal for concluding a contract between us and informing you about the availability and delivery time of the products

– during the preparation and shipping of the products you have selected

– when issuing financial data

– when completing a product shipping voucher

– during the recording of working hours, the issuance of payroll statements, the payment of salary, etc.


4.4.b. By law right / obligation to process(article 6 par. 1c GKPD):

For example, under this legal basis we process your personal data:

-when issuing the tax data / documents provided by law

-when communicating information about your transactions with us to the tax authorities

– when keeping payroll statements


4.4.c. Legal interest(article 6 par. 1f GKPD):

For example, under this legal basis we process your personal data:

– when we respond to questions or complaints that you submit to us through any available communication channel, such as, for example, via email or social media

– when we consider the consumer preferences of our customers to upgrade the services provided

– in resolving any legal dispute between us

– when after a previous transaction between us we send you advertising messages to your declared email address, explicitly reminding you of your right to oppose it

4.4.d.Consentation(article 6 par. 1a GCP):

For example, under this legal basis we process your personal data:

– when and if we provide them to third parties for other purposes

-when we examine the result of a competition in which you participate

– when we publish your evaluation

  1. Who has access to your personal data (recipients)?

5.1.The company adheres to the rule of classified access to personal data. Your personal data is processed only by the personnel of the company who is in charge of the respective responsibilities of the data processing purposes.

5.2.In addition, some data may be processed by external collaborators and other processors (eg the accountant processes the issued documents) if this is necessary to meet the above purposes, and provided that the latter meet the specifications sets the GPA for the protection of personal data, undertake to maintain the necessary confidentiality, respect the rights of data subjects provided for in the Regulation and process them exclusively for the above purposes.


  1. How long do we keep the data?

6.1.Your personal data is kept only for the period deemed necessary to serve the above purposes of the collection and are deleted safely immediately afterwards, unless the current legislation provides for their continued maintenance (eg obligation to keep documents and accounting documents).

6.2.In the event that the legal reason for processing them is the contractual relationship between us, if for any reason it is terminated, we may, in addition to the above, retain your personal data for as long as necessary until the relevant limitation period expires.

6.3.Regarding the data that are collected passively, through cookies, the exact table for which they are kept is indicated in the above table (see par. 2).

6.4.In case the legal reason for processing your data is the consent given by you, if it is revoked, within 5 days we will delete them, unless there is another legal basis e.g. a legal obligation, in which case we continue to maintain them for as long as necessary.



  1. What general principles do we use when processing your personal data?

7.1.In the context of the execution of our work, we ensure that the processing of personal data is based on one of the restrictively mentioned bases of legality of processing (Consent, Contract, Legal obligation, Vital Interest, Public Interest) and on the other hand is in accordance with them. rules and principles provided by Regulation (EU) 2016/679 and Law 4624/2019. The purposes of the processing are clear, legal and known in advance to the data subject, while the data collected is as much as is required for these purposes and is retained as long as is required for their implementation. We take adequate organizational, technical and physical security measures to prevent risks such as loss, unauthorized access, destruction or illegal use.


  1. What are the rights of the data subject and how can he exercise them?

8.1. Right of Access:Each subject has the right to request confirmation as to whether or not his personal data are being processed, and if so, access to it and information concerning the purposes of the processing, the categories of data and their recipients. If the personal data is processed by electronic means and in a structured and commonly used format (eg collection through the website), the user receives a copy of the data that equally concerns him in a commonly used electronic format.

8.2.Right of Correction:Any subject may request the correction of inaccuracies or the completion of incomplete personal data

8.3.Right to Oblivion:Any subject may request the deletion of his personal data by revoking his consent, unless the obligation to retain personal data is imposed by applicable law or their processing is based on a valid legal reason other than consent (eg legal interest). .

8.4.Portability Right: Each subject has the right to request and within a reasonable time to receive personal data provided to the controller to read it to another controller

8.5.Right to Object and Restrict processing:Any subject may intervene by suspending the processing of his data, if verification of its accuracy or legality of processing is pending.

8.6. Right to file a complaint:Any subject can file a complaint before the Personal Data Protection Authority (Personal Data Protection Authority, Offices: 1-3 Kifissias, PC 23 23, Athens Call Center: + 30-210 6475600, ), if he considers that his rights are infringed in any way, having previously exercised them before the controller, without a satisfactory response within a reasonable time.

8.7.For the exercise of the above rights the data subject may contact the controller via e – mail to the data mentioned above.Further specifically with respect to the personal data of the subject collected through the website, the access and deletion rights can be exercised through an automated process, by clicking on a relevant link at the bottom of the website and registering the relevant request.In this case, the user receives a copy of the data concerning him in a commonly used electronic format

8.8.These rights are exercised free of charge, unless they are repeated frequently and due to volume have administrative costs for us, in which case the subject will be charged with the relevant costs. The controller complies as soon as he has become aware and within a reasonable time with the exercised right, while he is entitled to refuse to comply with it if his exercise is contrary to law, or conflicts with another superior.

8.9.Compliance with certain rights may lead to unjustified inability to fulfill contractual or pre-contractual obligations of the company.


  1. What security measures are taken by the company?

9.1.The company receives appropriate organizational (Indicative: Data access classification, proper physical file management which is maintained only when necessary due to the nature of the data, insurance for loss), technical (Indicative: Authentication – User authentication, backup, firewall) and physical security measures (prohibition of unauthorized access by unauthorized persons) in order to ensure the security of the personal data processed, as well as their protection against accidental or unlawful destruction, loss, alteration, prohibited dissemination or any other form of unlawful processing.

  1. Civil Protection Update

10.1.The company may update, supplement or modify this Personal Data Protection Policy, in accordance with the applicable regulatory and legislative framework, at which time it will post it on the website