Privacy policy

Privacy Policy

Last updated: April 17, 2026

1. Who We Are

Dinos Virginia Jewelry ("we", "us", "our") operates the website www.dinosvirginiajewelry.com. We are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and Greek Law 4624/2019.

Controller: Virginia Stathakatou Loverdou Leni Email: dinosvirginiajewelry@gmail.com Address: K.Palaiologou 30, Agios Nikolaos, Crete, Greece VAT Number (ΑΦΜ): EL029959960

2. What Data We Collect

We may collect the following personal data when you visit or make a purchase from our store:

  • Identity data: name, billing/shipping address
  • Contact data: email address, phone number
  • Transaction data: purchase history, payment details (processed securely — we do not store card data)
  • Technical data: IP address, browser type, cookies, and browsing behavior on our site

3. How We Use Your Data

We use your data to:

  • Process and fulfill your orders
  • Send order confirmations and shipping updates
  • Respond to your inquiries and provide customer support
  • Comply with legal obligations (e.g., tax and accounting requirements)
  • Improve our website and shopping experience (analytics)
  • Send marketing communications, only with your explicit consent

4. Legal Basis for Processing

We process your data on the following legal bases:

  • Contract: to fulfill your order
  • Legal obligation: to comply with Greek and EU law
  • Legitimate interest: to improve our services and prevent fraud
  • Consent: for marketing emails and non-essential cookies

5. Cookies

We use cookies to enhance your browsing experience and analyze site traffic. You can manage your cookie preferences via the cookie banner on our website. For more details, please refer to our Cookie Policy.

6. Sharing Your Data

We do not sell your personal data. We may share it with trusted third parties solely to operate our store, including:

  • Shopify (e-commerce platform)
  • Payment processors (e.g., PayPal, Shopify Payments)
  • Shipping and logistics providers
  • Email marketing tools (if applicable)

All third parties are contractually required to handle your data securely and in compliance with GDPR.

7. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined above, or as required by Greek and EU law (typically up to 5 years for tax records).

8. Your Rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time (without affecting prior processing)

To exercise any of these rights, contact us at [your contact email]. We will respond within 30 days.

9. Complaints

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) at www.dpa.gr.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated date.