CONSENT DECLARATION

PURSUANT TO THE PERSONAL DATA PROTECTION REGULATION

1. General Information

Through the Website, hereinafter referred to for brevity as the Company, Blue Company SA may collect the personal data it requires from you in order to create an individual account on its website, through which you may place orders or subscribe to the Newsletter. The Company may also collect the personal data it requires in order to process your order if you choose not to create an account but to complete your order as a “Guest”. The Company may also collect the personal data it requires in order to send you newsletters if you are not a registered customer but have chosen to subscribe through the newsletter subscription form.

The personal data collected by the Company is collected, processed, recorded and stored confidentially by the Data Controller, in accordance with the applicable provisions on personal data protection in Greece — Law 2472/97, as currently in force — and the provisions of European law, Regulation (EU) 2016/679.

Any personal data collected shall never be disclosed to third parties, except where provided for by law and by the competent authorities, and except as set out in paragraph 3.3 hereof. Its personal nature shall be preserved. The Company keeps electronic records containing such data exclusively for communication, statistical purposes, improvement of the services provided and customer management.

2. Right of Access, Rectification, Erasure and Reversal of the Process

If you have created an account on the Company’s website, you have the right to access, rectify or delete your personal information, as well as to object to the processing of your data, by contacting the Company’s Data Controller at any time:

by email at shop@uniformjeans.com;
by telephone from 9:00 a.m. to 2:00 p.m., Monday to Friday;

or by logging into your account using the username and password you provided during registration and going to the menu “GDPR Tools — Access, portability or deletion of your personal data”.

If you placed an order as a guest and wish to edit your personal information, you may contact the Company’s Data Controller at any time:

by email at shop@uniformjeans.com;
by telephone from 9:00 a.m. to 2:00 p.m., Monday to Friday.

If you subscribed to the newsletter through the subscription form, you may unsubscribe at any time by clicking the link at the bottom of each of our newsletters, or you may request your removal by sending us an email at shop@uniformjeans.com.

If you encounter any problems regarding the above, you may contact the Company’s Data Controller using the contact details mentioned above.

Minors may access the website only with the consent of their legal representatives or guardians.

3. Management of Personal Data by Our Company

3.1 Methods of Data Collection

At the time of your registration on the Website, we collect your personal data using the form available in the “My Account” section. In this way, the Company collects your first name, surname, telephone number(s), address, postal code, city, country and email address. In addition, you may be asked to provide further information, such as your gender, date of birth and preferences regarding products/services.

When you fill in your details in the order form on the “Checkout” page and click the “Continue” button, we collect the personal data you have entered in the form, as defined in the Terms of Use. In this context, we collect your first name, surname, email address, address — delivery and billing address, if different — city, postal code and telephone number, with the option to enter two telephone numbers.

If you do not complete your order, we will send you an assistance email so that, if you encountered any problem, we may help you. If you complete your order but it is not delivered to you within four working days, we will send you an assistance email and SMS in order to resolve any problems relating to the delivery of your order. When you receive your order, we will send you a thank-you email, which may include a discount coupon as well as an invitation to leave a review.

When you fill in your details in the newsletter subscription form and click the “Man” or “Woman” button, we collect the personal data you have entered in the form. In this context, we collect your email address and gender.

Finally, if you have registered, when you request to view pages on the Website, the Company’s servers automatically identify your computer’s IP address — the numerical internet address assigned to each computer on a network. The IP address has the following format: XXX.XXX.XXX.XXX.

If you do not complete the mandatory fields, we will not be able to complete our transaction.

We may obtain your personal information from various sources. We may collect this information when you provide it at a checkout or store, on our Website, on our social media platforms or at one of our events. When you visit this Website, we also collect certain information by automated means, using technologies such as cookies, web server logs and web beacons. More information about these technologies is available on the Cookie Policy page.

3.2 Use of Personal Data

The personal data we collect from you each time you place an order is necessary for the overall management of your order by the Company and its providers or appointed partners. This management includes the detection of online fraud and fraud relating to modern payment methods, the prevention and management of payment incidents — including non-payment — and the protection of the Company’s rights in relation to its commercial activity.

Personal data relating to orders is kept in our records for tax purposes for as long as required by the applicable tax provisions in each case. After this period has expired, it is automatically anonymised.

The personal data we collect from you when you create an account is necessary in order to provide you with faster service when placing an order and for your personal use, such as allowing you to view the orders you have placed.

In addition, if you have chosen to subscribe to our newsletter, this data may be used to inform you about products and services provided by the Company, as well as its offers or promotional activities. This information is kept in our records for five years, unless you choose to delete your account through the deletion/anonymisation option available in your account tools.

For the deletion/anonymisation of the personal data relating to your orders, the retention period required by the applicable tax provisions in each case must first have expired. If you choose to delete your data before that period has expired, the personal data relating to your orders will not be deleted immediately, but will be automatically anonymised after that period has expired.

The personal data we collect from you when you subscribe to the newsletter through the subscription form is necessary in order to inform you by email about commercial proposals relating to products or services, promotional or advertising activities, and is kept for five years unless you express your objection using the methods referred to in paragraph 2.

We have the right to process the data we hold in order to interpret the use of our Website by visitors, including frequency of views from other websites, sales statistics and the origin of visitors to our Website, etc.

Data relating to the profile of our visitors shall be kept only by the Company, as provided by Greek law.

The Company shall not transfer or make available in any way your personal data and information to subsidiaries, third parties or commercial or business partners without prior relevant notice to you.

If the Company is required by law or by court order to disclose the personal data of its visitors, it shall notify the visitor accordingly, where possible, unless the Company considers that it is not required to do so.

Taking into account the level of technology relating to the telecommunications sector, the Company cannot ensure the confidentiality and integrity of the authentication of emails that the visitor sends to or receives from the Company.

Finally, we may use the information in other ways, for which we will provide specific notice at the time of collection.

3.3 Data Recipients

All personal data is intended for use by the Company. With the exception of photographs, the personal data collected from the Website may occasionally be requested by our commercial partners in order to ensure the fulfilment of the above-mentioned purpose, as well as for the detection of fraud relating to payments and the management of commercial activities organised by the Company or its commercial partners.

The Company limits the recipients as far as possible in order to ensure adequate protection, in accordance with the applicable Greek and European legislation.

The Company is also required to transfer some of your personal information to cooperating businesses for the purpose of sending the products you have purchased to the delivery address you have provided to us — telephone number, address and recipient’s full name — to the SMS service provider for the sending of messages relating to your order — mobile telephone number — to its accounting department, or for communication with you by email regarding your order — address, full name and other payment details.

In the agreements concluded with the above cooperating businesses, the Company has included an obligation on their part to use your personal data only for the purposes described above, in accordance with the legislative provisions applicable from time to time and with the requirements of the competent judicial, police and other administrative authorities.

3.4 Security and Confidentiality of Personal Data

The Company has made significant efforts to take all precautionary measures in order to maintain the confidentiality and security of personal data and to prevent its distortion, damage, destruction or access by unauthorised third parties. Technical and organisational security measures include state-of-the-art technology.

Nevertheless, the Company cannot control the risks associated with the operation of the Internet and therefore draws your attention to the existence of potential risks relating to its use and operation.

3.5 Information We Collect by Automated Means

When you visit this Website, we collect certain information by automated means, using technologies such as cookies, web server logs and web beacons.

We may use third-party web analytics services on this Website, on our social media pages or in our mobile applications. The service providers that manage these services use technologies such as cookies, web server logs and web beacons to help us analyse how visitors use the Website.

The information collected through these means, including the IP address, is disclosed to these service providers, who use the information to evaluate the use of the Website. More information about cookies, web beacons and similar technologies, as well as the use of this information, can be found here.

4. Information We Share

We do not sell or otherwise disclose personal information we collect about you, except as described herein. We may share your personal information with:

our partners for the purposes described in the Company’s Personal Data Protection Policy;
service providers who provide services on our behalf based on our instructions. We do not authorise these providers to use or disclose the information unless this is necessary to provide services on our behalf or to comply with legal requirements. Examples of such service providers include entities that process credit card payments, process orders and provide network hosting and advertising services;
other third parties with your consent.

In addition, we may disclose information about you:

(i) if we are required to do so by law or legal process;
(ii) to law enforcement authorities or other government officials; or
(iii) when we believe that disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation into suspected or actual fraudulent or illegal activity.

We also reserve the right to transfer the personal information we hold about you in the event of a sale or transfer of all or part of our business or assets. If such a sale or transfer takes place, we will use reasonable efforts to direct the transferee to use the personal information you have provided to us in a manner consistent with our Personal Data Protection Policy.

Following such a sale or transfer, you may contact the entity to which your personal data has been transferred with any questions regarding the processing of such information.

5. Your Rights and Choices

We offer you certain choices in relation to the personal information we collect from you, including how we use the information and how we communicate with you. To update your preferences, ask us to remove your information from our mailing lists or submit a request, please contact us as set out below.

5.1 Opting Out of Email Communications

You may tell us at any time not to send you advertising communications by email, as referred to in paragraph 2 hereof.

5.2 Withdrawal of Consent

You may withdraw any consent you have provided to us or object at any time, on legitimate grounds, to the processing of your personal information. We will apply your preferences within a reasonable period of time.

In some cases, withdrawing your consent for our use or disclosure of your personal information may mean that you will not be able to make use of some of our products or services.

5.3 Review, Update and Amendment of Personal Data

Subject to applicable law, you may have the right to request access to and receive details about the personal information we hold about you, to update and correct inaccuracies in your personal data, and to request that it be blocked or deleted, as applicable.

The right of access to personal information may be limited in certain cases by the requirements of local law. You may request to review, change or delete your personal data as described in paragraph 2.

6. How We Protect Personal Data

We maintain appropriate administrative, technical and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use.

Among other measures, the data is stored on a server certified according to ISO 9001:2015, ISO 27001:2013 and ISO 27001.

7. How to Contact Us

If you have any questions or comments about this notice, or if you would like to update the information we hold about you or your preferences, please contact our Data Controller using the details stated at the beginning of this document.