1.1. Senia G Ltd. (hereafter: Service Provider) operates its webshop on the modern-paintings.com website (hereafter: Website). By this document Service Provider informs User on the terms related to the procession of personal data. This Privacy Notice discloses the types of information Service Provider gathers, the practices of using them, and the legal options users have regarding the collection of such information.
1.2. Service Provider – as data processor – expresses to be bound by the legal content of present notice. Service Provider makes the commitment that all their information processing and management comply with existing legislation.
1.3. Service Provider handles all personal information with the consent of users and according to applicable laws.
1.4. By using, accessing or downloading the Website, User consents to the collection and use of their personal data (as hereunder described).
1.5. Service Provider’s data processing principles and practices comply with the national and European legislation, namely with Data Protection Act 1998 (DPA) and the General Data Protection Regulation (GDPR) (EU) 2016/679.
1.6. Service Provider processes personal data exclusively until they reach the goal of the information collection and use. Within the process they comply with all obligations under law.
1.7. Service Provider has implemented security policies, rules and technical measures to protect and safeguard the personally identifiable information under their control.
1.8. Data protection rules and regulations relating to Service Provider’s data processing practices are continuously updated and can be accessed on the Website.
1.9. Service Provider reserves the right to update the present Privacy Notice. Information regarding such update will be released on the Website.
2. NAME OF DATA PROCESSOR
Senia Group Ltd.
1 Mykinon street, Nicosia 1065 Cyprus
Tel.: +357 96 616844
3. DATA PROCESSING OF PURCHASES
3.1. The aim of data processing is to complete the order, delivery and invoicing of products ordered on the Website of Service Provider in compliance with existing law and warranty obligations.
3.2. The personal information we collect and process:
– your name
– your mailing/invoicing address
– your delivery address (if different from mailing/invoicing address)
– your email address
– your phone number(s)
3.3. Legal basis of data processing
3.3.1. Data collection and processing is maintained according to the consent of the User and the national and European laws.
3.3.2. The User gives his/her consent - after reading and accepting the present privacy notice - by purchasing a product on the Website.
3.4. Duration of data processing
3.4.1. The processing of personal data User has submitted through their purchase starts with the purchase itself and lasts 1 year.
3.4.2. The provisions under 3.4.1 do not affect in any way the data retention obligations regulated by law. In the webshop operated by the Service Provider the invoices issued based on the submitted orders are recorded and stored for the period determined by law (6 years).
3.5. Disclosing information on User and data processing
3.5.1. We will not disclose your personal information to any other party other than Service Provider and their management; and use your data exclusively for the purposes determined in.
3.5.2. Online payment
The online payment is made via an online interface selected by the User. The Service Provider declares that they do not see and have access to the credit card data; the data appear only inside the online payment interface selected by the User.
220.127.116.11. The online payment is made via an online interface selected by the User. The Service Provider declares that they do not see and have access to the credit card data; the data appear only inside the online payment interface selected by the User
18.104.22.168. For the online payment User accepts that their data processed through the purchase are handed over to the operator of the online payment interface. The aim of the transfer is to acknowledge transactions, to protect User through fraud-monitoring and to reach aims determined by the data processing of the Service Provider.
22.214.171.124. Our contracted partners for online payment:
– PayPal (Europe) S.à.r.l. et Cie, S.C.A. – 22-24 Boulevard Royal L, 2449 Luxembourg
– Worldpay UK – The Walbrook Building, 25 Walbrook, London EC4N 8AF, UK
3.5.3. Personal data processors
126.96.36.199. In order to complete orders and accounts Service Provider may use data processors (e.g. delivery services). Service Provider is not liable for the data processing practices of such parties.
188.8.131.52. Data Processors used:
– Dachser SE – Thomas-Dachser Straße 2, 87439 Kempten, Germany
– DHL International UK – Southern Hub, Unit 1, Horton Road, Colnbrook, Berkshire, SL3 0BB, UK
– DHL Express Italy S.r.l. – Viale Milanofiori Palazzo U/3 Strada 5, Italy
– General Logistics Systems – Germany-Straße 1-7, 36286 Neuenstein, Germany
– Parcelforce Worldwide – 25 Caldecotte Lake Dr, Caldecotte, Milton Keynes MK7, UK
– Royal Mail – Pond Street, Sheffield, S98 6HR, UK
– TNT Express (UK) – House Holly Lane, Atherstone, Warwickshire CV9 2RY, UK
4. DATA PROCESSING RELATING TO INFORMATION
4.1. The aim of data processing is to provide Users with information requested by them before the purchase. Service Provider does not send unsolicited communication (e.g. commercials, advertising leaflets) to their email address.
4.2. Legal ground for data processing: User gives their consent by voluntary submission of personal data when requesting information or offer.
4.3. The processed data comprises the following personal data:
– your name
– your email address
4.4. Duration of data collection and processing: Service Provider stores and processes personal data collected during the request of information or offer for one year.
4.5. Disclosing your information and data processing: Service Provider will not disclose your personal information to any other party other than Service Provider and their management; and will use your data exclusively for the purposes determined in 4.1.
6.1. Service Provider uses Google Analytics, Google Remarketing, AdWords conversion tracking to measure the number of visitors and visitor behaviour (how long they spend on the Website, whether they are new or recurrent visitors, which pages they click on), advertising efficiency and to carry out statistical analyses.
6.2. By using the Website, User agrees that programmes listed under 6.1 can place these types of cookies on their device and accept that Service Provider track their user’s behaviour and uses other services provided by the programmes.
6.3. Programmes listed under 6,1 do not collect personal information and cannot identify users.
6.4. Further information on Google data processing: https://policies.google.com/privacy/partners?hl=en-GB
6.5. User has the right to disable cookies data collection and storage at any time on the link: https://tools.google.com/dlpage/gaoptout
7.1. Service Provider might share certain content, products, promotions of the Website or the Website itself on facebook.com.
8. Service Provider will not disclose your personal information to any other party with the exception of cases where they are legally required by law to disclose your personal information. Service Provider disclaims responsibility for the consequences of such disclosure.
9. DATA SECURITY
Service Provider declares that they have implemented security policies, rules and technical measures to protect and safeguard the personally identifiable information under their control from unauthorized access, improper use or disclosure, unauthorized modification, unlawful destruction or accidental loss. All the personnel that have access to and are associated with the processing of User’s personally identifiable information are obligated to respect the confidentiality of the information.
10. USER’S RIGHTS
10.1. Right to be informed
User has the right to be informed about their personal data and any related information processed by the Service Provider at any time. At the request of the User the Service Provider is obliged to provide information about the data related to the user, the aim of data processing, legal grounds, duration and about whom and with what purpose the data is released to. User is obliged to provide the requested information in writing within 30 days of submission.
10.2. Right to rectification, to erasure, to restrict processing
10.2.1. User is entitled to rectification or erasure of erroneously recorded data at any time. Service Provider erases data within 15 workdays after the request is submitted- The erasure does not apply to data processing regulated by law (e.g. GAAP), those are stored by the Service Provider until date set by regulations.
10.2.2. User may also request the restriction of their data. Service Provider restricts personal data at the request of User or if the erasure breaches User’s lawful interests according to available information. Personal data restricted in the aforementioned way may be processed until the data processing goal restricting the erasure still exists.
10.2.3. Service Provider notifies User and those to whom these data were released for processing about rectification, erasure or restriction. Notification may be waived if it does not infringe User’s lawful interest with regard to the aim of data procession.
10.2.4. In case Service Provider does not comply with User’s request of rectification, erasure or restriction, they need to release in writing the factual and legal arguments for the refusal of rectification, erasure or restriction within 15 days of the request being received.
10.3. Right to object
User has the right to object to processing their personal data. User is obliged to handle the objection, make a decision regarding its validity and notify the applicant as soon as possible but no longer than 15 days after submission.
10.4. Right to data portability
User has the right to require the Service Provider to give them back a copy of the personal data they previously provided. The data has to be provided in a commonly used and machine-readable format within 30 days of the submission.
10.5. Service Provider releases information regarding data procession only if User provides sufficient evidence in regard to their identity.
11. LEGAL ENFORCEMENT
11.1. User may make a complaint at the address below in case they consider that their personal data have been misused or Service Provider has not granted their request.
Senia Group Ltd.
1 Mykinon street, Nicosia 1065 Cyprus
Tel: +357 96 616844
Information Commissioner’s Office (ICO).
11.2. User is entitled to assert its rights before courts in case Service Provider has breached the legal provisions regarding data procession or has not granted their request.