fbpx

Privacy Policy

Privacy Policy

The protection of your personal data is important to us.

With this policy, “NOMIKI BIBLIOTHIKI ANONYMOUS COMMERCIAL AND INDUSTRIAL COMPANY” GROUP OF PUBLISHING AND TRADING COMPANIES (hereinafter referred to as the “Company” or “we” or “our”), which is located in Athens, (23 Mavromichali 23, P.O. Box 10680), sets forth and discloses the terms under which, acting as the law defines it as a “Data Controller”, collects, stores, uses and generally processes your personal data, which it collects when you visit, register or use its websites (hereinafter the “Websites”) and its mobile applications (hereinafter the “Applications”), as well as when you interact with its physical stores.

This Privacy Policy also describes how we use, share and protect your personal data, the choices you have regarding your personal data, and how you can contact us. This Privacy Policy complies with the terms under Regulation (EU) 679/2016 and any other relevant applicable legislation.

If you have any questions regarding this Privacy Policy, as well as any issue related to the processing of your Data and the exercise of your rights, you may contact us at the following e-mail address (e-mail) dataprotection@nb.org

  1. A few words about the Company’s Website

The Company’s website college.nb.org is the online store for the presentation and sale of products and services.

In addition, through the NOMIKI BIBLIOTHIKI websites and applications, you can access a range of services provided by the Company, such as:

  • purchase of tickets for conferences and workshops
  • access to educational programmes and seminars either by live streaming or on demand
  • access to the electronic content of scientific journals and books
  • information on accounting, tax and business issues
  • information on content applications for mobile devices
  • information on legal software and technology
  • subscription to our newsletter in order to have informative / advertising material sent to you
  • listing / registration of your advertisement
  • registration for trial use of our legal content search platform (Qualex)
  • sending web push notifications
  1. What is Personal Data?

The term “personal data” refers to any information concerning an identified or identifiable natural person (i.e. information of natural persons, such as name, postal address, e-mail address, contact telephone number, etc.) which identifies or can identify you, hereinafter referred to as “Personal Data or Data”.

  1. What is Personal Data Processing?

Any operation or set of operations which is performed, whether or not by automated means, on personal data or on sets of personal data (such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, information search, use, disclosure by transmission, dissemination or any other form of making available, alignment or combination, restriction, erasure or destruction).

  1. Is the provision of your Personal Data mandatory?

The provision of the Data to the Company may be necessary to achieve the purposes specified in this Privacy Policy or may be optional.

The mandatory or optional nature of the provision of Data is indicated by an asterisk (*) next to Personal Data of a mandatory nature.

If you refuse to provide the data marked as mandatory on the Sites, it will be impossible for the main purpose for which the Data is collected to be achieved and it may make it impossible for the Company to fulfil the sales contract or provide the other services available on the Sites.

The provision of additional Data to the Company, in addition to those marked as mandatory, is optional and does not entail any consequences in relation to the main purposes of Data collection, since their provision serves exclusively to optimise the quality of the services provided by us.

  1. What Personal Data do we collect from you?

We only collect the strictly necessary Personal Data that is appropriate and clear for the purpose for which it is intended. This Data includes the following:

a. Data that you provide to us when you register and create a user account on the Company’s Sites or applications, via the internet or your mobile phone, or through your personal contact with our stores or our salespeople, and specifically data such as your email address (e-mail)* and password / login password (as required) and name, surname, postal address, telephone number (as optional):

b. Data and information that you provide us through transactions between us (purchases, orders, etc.) and communication between us (through our physical stores, our online store, our salespeople, telephone, e-mail or any other way / medium).

c. Data relating to the payment method for the transactions you carry out with us.

d. Data that you provide to us when you subscribe to our newsletter.

e. Data about the products and services that you usually preferably choose, in order to recommend products or services of interest to you and to further improve your shopping experience with us. Of course, you always have the option not to share such data with us.

f. Traffic data of our website.

g. Information for the registration / listing of your advertisement (Name, Surname, Phone, Email, Content)

h. Data for the registration for the trial period of the Qualex platform, such as name, email, county and phone number.

i. Information collected from the use of cookies in your browser. Learn more about how cookies are used here: (Policy Cookies)

j. To provide the best possible website experience, we collect technical information about your internet connection and browser, as well as the country and phone code where your computer is located, the web pages that appear during your visit, the ads you click on, and any search terms you used.

k. Your social media username, if you interact with us through these channels to help us respond to your comments or questions.

l. Educational data, such as education, skills, knowledge of foreign languages, professional experience (only in cases where you are responding to a job advertisement).

  1. How do we use your Personal Data?

Where applicable we use your Data:

  • To complete orders for products and services: The Company processes your Data in order to fulfil its contractual relationship, to process the order for products and / or services, to provide customer service, to comply with legal obligations, to oppose, raise or exercise legal claims. If we do not collect your Data when you complete the order (through our physical stores, in person or telephone service from our sales staff or through our online store, we will not be able to process your order and comply with our legal obligations. Please note that we may need to transfer your Data to third parties to deliver the product or service you have ordered (For information on how we make personal data available to third parties, see conditions 9, 10, 11 and 12 below).

In addition, we may retain your Data for a reasonable period of time in order to fulfil our contractual obligations, for example product returns, as required by the relevant consumer protection legislation, as well as to comply with our legal obligations regarding the specific legislation in force (tax, etc.)

  • To create a User Account: The Company processes your Data in order to provide you with account functions and to facilitate the purchase of products and / or services.
  • For Contact: The Company uses your Data to respond to your requests / queries, refund requests and / or any complaints. The information you share with us enables us to manage your requests and respond to you in the best possible way. We may also keep a record of your queries / requests to us so that we can better respond to any future communication. We do this based on our contractual obligations to you, our legal obligations and our legitimate interests to provide you with the best possible service and to be able to improve our services based on your personal experience.
  • For sending newsletter / offers: With your consent, we will use your Personal Data, preferences and transaction details to inform you by e-mail, internet, telephone and / or social media about relevant products and services, including personalised offers etc. Of course, you have the possibility to withdraw this consent at any time.
  • For Web Push Notifications. Of course, you have the possibility to withdraw this consent at any time
  • To participate in a loyalty program: The Company may process your Data for the purposes of your participation in a loyalty program, i.e. both the processing of your membership application, the accumulation and redemption of points and the enjoyment of customer benefits in general, as detailed in the terms of participation of the loyalty program. This enables us to offer you personalised offers that are of interest to you. Of course, you can choose whether to take advantage of them or not.
  • To develop and improve the products and services we provide to you. This is done in our legitimate business interests.
  • Because we want to provide you with offers and proposals that are more relevant to your interests and needs.
  • To ensure that you are always shown the most interesting content on our Sites or in our applications, we will use the Data you have provided to us by giving us your consent to receive application notifications or, for our Sites, your consent to the placing of cookies on your device. For example, we may display a list of products you have recently looked at or offer you recommendations based on your shopping history and any other Data you have shared with us.
  • To send you research and evaluation requests so that we can improve our services. These messages will not include advertising content and will not require prior consent when sent by email or text message (SMS). We have a legitimate interest in doing so as this helps our products or services to be more relevant to you. Of course, you are free to opt-out of receiving these requests from us at any time by updating your preferences on your online account.
  • To protect your account from fraud and other illegal activities: This includes using your Data to maintain, update and protect your account. We also monitor your browsing activity with us to identify and quickly resolve any problems and to protect the integrity of our website. All the above is part of our legitimate interest. For example, we check your password when you log in and use automated IP address tracking to detect possible false logins from unexpected sites.
  • To process payments and prevent fraudulent transactions: We do this based on our legitimate business interests and it also helps to protect our customers from fraud.
  • To comply with our contractual obligations to you, or pursuant to statutory provisions or to enforce court orders.
  • To send you communications required by law or necessary to inform you of changes to the services we provide to you. For example, updates on these privacy notices, product recall notices and legally required information about your orders. These service messages will not include promotional content and will not require prior consent when sent by email or text message (SMS). If we do not use your personal data for these purposes, we cannot comply with our legal obligations.

Finally, we inform you that the processing of your Data is carried out either by the Company’s specially authorized personnel or through computer systems and electronic devices by the Company and exceptionally by third parties, who, having been contractually bound to maintain confidentiality and protect your Data, carry out tasks necessary to achieve the purposes strictly related to the use of our Sites, its services and the sale of products through our Sites. Information about this can be found below in terms 9 and 10.

As regards the use of Cookies by our Company, please refer to here: (Πολιτική Cookies)

  1. What is the legal basis for the processing of your Data by the Company?
  • Data protection legislation which sets out various reasons why a company may collect and process your personal data, including the terms of our contractual relationship
  • your consent, where required. For example, when you opt in to receive newsletters. When collecting your personal data, we will always inform you which data is necessary in relation to a particular service.
  • The Company’s obligations arising from the law (e.g. tax legislation, e-commerce legislation, etc.)
  • the legitimate interest of our Company. In certain circumstances, we collect your Data in a manner that is reasonably expected as part of the operation of our business and that does not materially affect your rights, freedom or interests.
  1. Who are the recipients of your Data?

Access to your Data is available to the Company’s authorized personnel, which is limited to the absolutely necessary persons and who are bound by confidentiality, and to our affiliated companies or third party service providers, which process your Data as Processors on our behalf, in accordance with our instructions and on the basis of a specific agreement for the processing of your Data.

  1. How is your Data shared?

Disclosure of Data by our Company

The Company shares your Data with:

  • Third party service providers who process personal data on behalf of the Company, for example (but not limited to) for credit card and payment processing, transfers and deliveries, hosting, management and maintenance of our data, email distribution, research and analysis, management of promotions, and management of certain services and data. When we use third-party service providers, we enter into agreements that require them to implement appropriate technical and organizational measures to protect your personal data.
  • Other third parties, to the extent necessary for the purposes of: i) compliance at the request of an authority of the Greek State, a court order or applicable law; (ii) preventing illegal uses of our Sites and Applications or violations of our Terms of Use of our Sites and Applications and our policies; (iii) our own protection of third parties; and (iv) contributing to the prevention or investigation of fraud (e.g. counterfeiting).
  • Other third parties to whom you yourself have given your consent.

Disclosure of Data by you

  • When you use your social media information on our Sites or Apps, you may create a public profile that includes information such as your username, profile picture and city. You may also share content with your friends or the general public, including information about your interaction with the Company. We encourage you to use the tools we provide to manage sharing on Company’s social media to control the information you make available through Company’s social media elements.
  1. What is our policy with third party Processors processing your Data in accordance with the above:
  • We only provide the information needed to perform their specific services.
  • They may only use your Data for the precise purposes we specify in our contract with them.
  • We work closely with them to ensure that your privacy is respected and protected at all times.
  • If we stop using their services, any of the Data they hold will be deleted or made anonymous.

To improve your customer experience on our Sites and Apps, we use the following companies who will process your Personal Data as part of their contracts with us:

  • Facebook
  • Google
  • YouTube
  • Instagram
  • Twitter
  • LinkedIn
  • ACS
  • LiveChat
  • CookieYes
  • Convertful
  • HubSpot
  • Moosend
  • OneSignal
  • PayPal
  • Viva Wallet
  • Klarna (μέσω Viva Wallet)
  • IRIS (μέσω Viva Wallet)
  • Digital Wallets (Apple Pay, Google Pay, Samsung Pay κλπ) μέσω Viva Wallet
  • Microsoft
  • Meta

If you wish to receive more information about the disclosure of your Data to third parties, please contact us by e-mail atdataprotection@nb.org

  1. How do we ensure that Processors respect your Data?

The Processors processing on our behalf have agreed and contractually bound themselves to the Company:

  • to maintain confidentiality,
  • not to send your Data to third parties without the Company’s permission,
  • to take appropriate technical and organisational security measures,
  • to comply with the legal framework for the protection of personal data and in particular the (EU) 979/2016 Regulation (otherwise GDPR).
  1. Data transfer

The personal data we collect (or process) in the context of our Sites and Applications will be stored within the European Union. However, some of the recipients of the Data with whom the Company shares your Personal Data may be located in countries other than the country in which the original collection of your Personal Data took place. The laws in those countries may not provide the same level of data protection as the country that originally provided your Personal Data. However, when we transfer your Personal Data to recipients in other countries, including the United States, we are committed to protecting your Personal Data as described in this Privacy Policy and in accordance with applicable law.

We take steps to comply with applicable legal requirements for transferring Personal Data to recipients in countries outside the European Economic Area or Switzerland that do not provide an adequate level of protection. We use various measures to ensure that your Personal Data transferred to these countries enjoy adequate protection under data protection rules. These include signing the Contractual Clauses, certifying that the recipient has adopted the European Binding Rules

  1. For how long do we keep your Data?

We retain your Personal Data for as long as necessary in order to fulfil the purposes set out in this Privacy Policy (unless a longer retention period is required by applicable law). Generally, this means that we will retain your Personal Data for as long as you have an account with our Company. With respect to your Personal Data relating to product purchases, we retain this data for a longer period in order to comply with our legal obligations (such as tax and trade law and for warranty purposes where applicable). At the end of this retention period, your data will be deleted completely or anonymised, for example by aggregation with other data, so that it can be used in an unidentifiable way for statistical analysis and business planning.

Some examples of Customer Data retention periods:

  • Orders

From the completion of an order, we retain the personal data you provide for five years so that we can comply with our legal and contractual obligations.

  • Guarantees

If your order includes a guarantee, the relevant Personal Data will be retained until the end of the guarantee period.

  • Newsletter

Your declaration of consent to receive a newsletter will be kept for as long as you receive a newsletter from the Company and in any case no longer than six months after the newsletter is discontinued.

  1. Is your Data safe?

We are committed to safeguarding your Personal Data.

Recognizing the importance of the security of your Personal Data, we have taken all the appropriate organizational and technical measures to ensure the security and protection of your Data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum security.

The college.nb.org website uses the TLS 1.2 protocol, for secure online commercial transactions. This encrypts all the Data you provide, including your credit card number, name and address, so that it cannot be decrypted or altered during transmission over the Internet.

In addition, the information used to identify you as an account user is two: the Username and the Personal Secret Security Code (Password). Each time you enter your details, you are granted access to your personal account. This process is achieved securely through encryption during their transfer to the Internet and the Company’s servers. Following the same standards, you are given the opportunity to change your Personal Secret Security Code (Password) as often as you wish. After entering the desired password, the new password is encrypted and stored in the Company’s systems. For this reason, the only person who knows your password is you yourself and you are solely responsible for maintaining the secrecy of the password from third parties.

These measures are reviewed and modified when and where necessary.

  1. What are your rights?

You have the right to access your Personal Data.

This means that you have the right to be informed by us if we process your Data. If we process your Data, you can ask to be informed about the purpose of the processing (the type of your Data we hold, who we give it to, how long we store it, whether automated decision-making is carried out or not) and your other rights such as rectification, erasure, restriction of processing and lodging a complaint with the Data Protection Authority.

You have the right to rectify inaccurate personal data.

If you find that there is an error in your Data, you may submit a request to us to correct it (e.g., correcting your name or updating a change of address).

You have the right to erasure / right to be forgotten.

You can ask us to delete your Data if it is no longer necessary for the processing purposes listed above or you wish to withdraw your consent.

You have the right to portability of your Data.

You may request to receive the Data you have provided in a readable form or ask us to transfer it to another controller.

You have the right to restrict processing.

You have the right to request a restriction of your data processing for as long as the examination of your objections to the processing is pending.

You have the right to object to and withdraw consent to the processing of your Data.

You may object to the processing of your Data and we will stop processing the Data if there are no other compelling and legitimate reasons that override your right. If you have consented to the collection, processing and use of your Personal Data, you may withdraw your consent at any time with future effect:

  • Choosing not to receive Marketing Communications

You can opt out of receiving marketing communications by changing your email and SMS subscriptions by clicking the unsubscribe link or following the instructions included in the message.

Alternatively, you can contact us using the contact details provided in clause 17 below.

When we rely on our legitimate interest: When we process your personal data based on our legitimate interest, you can ask us to stop for reasons relating to your personal situation. We must then do so if we do not believe we have a legitimate compelling reason to continue to process your Personal Data.

  1. How can you exercise your rights?

To exercise your rights, you can submit a request to us at dataprotection@nb.org with the title “Exercise of Rights” and we will review and respond to you as soon as possible.

Exceptionally:

  • if you wish to correct your Data in your user account, you can log in and make any correction / change without having to submit a Request.
  • If you wish to withdraw your consent to be sent a newsletter you can do so by selecting the link “To unsubscribe from the “newsletter mailing list” “click here” at the bottom of each newsletter.
  • if you wish not to receive web push notifications from the Company you can deactivate the option from your browser setting.

Identity check

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Policy. If you have authorized a third party to make a request on your behalf, the third party will have to prove that they have your permission to act for this purpose.

  1. When do we respond to your Requests?

We will respond to your Requests free of charge and without delay, and in any case within one (1) month after receiving your request. However, if your Request is complex or there is a large number of Requests, we will let you know within the month if we need to obtain an extension of another two (2) months within which we will respond.

  1. What is the applicable law when we process your Data?

The applicable law is Greek law, as formulated in accordance with the General Data Protection Regulation 2016/679/EU, Law 4624/2019 (as applicable) and in general the applicable national and European legislative and regulatory framework for the protection of personal data.

Any dispute arising from or relating to the protection of your Personal Data shall be subject to mediation in accordance with the Mediation Regulation of the European Organisation for Mediation and Arbitration (EODID). In the event that the dispute or part thereof is not resolved through mediation, the dispute or the unresolved part thereof shall be resolved exclusively, finally and irrevocably by an arbitral tribunal, appointed and conducting the arbitration in accordance with the EODID Arbitration Rules.

  1. Where can you go if we violate the applicable law on the protection of your Personal Data?

You have the right to lodge a complaint with the Data Protection Authority if you believe that our processing of your Personal Data violates the applicable national and regulatory framework of data protection law.

Personal Data Protection Authority, Postal address: 1-3 Kifissias Street, P.O. Box 115 23, Athens, tel.: 210. 6475600, e-mail: contact@dpa.gr

  1. How will you be informed of any amendments to this Policy?

We update this Privacy Policy whenever necessary. If there are significant changes to the Privacy Policy or the way we use your Personal Data, we will post an update of this Privacy Policy on our website before the changes take effect and notify you by any appropriate means.

We encourage you to periodically read this Policy to know how your Data is protected. This Privacy Policy was last modified 13 September 2022 .