Privacy Policy (GDPR Compliant)

Last updated: 20/11/2025

At Opa Greek Supermarket, we value your privacy and are committed to complying with the General Data Protection Regulation (GDPR) and applicable EU data laws.

By using our website, you agree to the practices described below.

1. Data We Collect

We collect the following categories of data:

A. Information you provide

  • Name
  • Email
  • Shipping/billing address
  • Phone number
  • Payment details (handled securely by Stripe — we do NOT store card numbers)
  • Account credentials (if you create an account)
  • Support messages

B. Automatically collected data

  • IP address
  • Device/browser information
  • Cookies and tracking data
  • Pages visited and actions taken on the website

C. Order data

  • Products purchased
  • Order history
  • Delivery information

2. How We Use Your Data

We use your data to:

  • Process and ship orders
  • Provide customer support
  • Send transactional emails (order confirmation, shipping updates)
  • Improve website functionality
  • Prevent fraud and enhance security
  • Comply with legal obligations

We do NOT sell your data to any third party.

3. Legal Basis for Processing

Our processing activities are based on:

  • Contract (to fulfill your orders)
  • Legitimate interest (site security, analytics)
  • Consent (newsletter, cookies)
  • Legal obligation (tax, accounting, invoicing)

4. Data Sharing

We share your data only with:

  • Stripe (payments)
  • Shipping carriers (delivery)
  • Our hosting providers
  • Analytics providers (anonymized)

All partners comply with GDPR.

5. Data Retention

We keep your data only as long as necessary:

  • Order & invoice data: up to 10 years (legal requirement)
  • Account information: until you delete your account
  • Analytics & cookies: according to cookie lifetime

6. Your GDPR Rights

You have the right to:

  • Access your data
  • Correct inaccurate data
  • Delete your data ("right to be forgotten")
  • Restrict processing
  • Object to processing
  • Request data portability
  • Withdraw consent at any time

To exercise these rights, contact:
📧 Email: [email protected]

7. Cookies

We use cookies to:

  • Improve site performance
  • Enable essential functions (cart, checkout)
  • Provide analytics

You may accept or reject non-essential cookies via our banner.

8. Data Security

We apply industry-standard security measures, including:

  • HTTPS encryption
  • Secure servers
  • Access control
  • Stripe PCI-DSS payment security

9. Changes to This Policy

We may update this policy periodically. The "Last updated" date will reflect the most recent version.

Contact

For privacy inquiries:
📧 Email: [email protected]

Last updated: 20/11/2025