Skip to main content

Privacy Policy (GDPR)

Controller
Lazee Rider I.K.E., Aristeidoy 27 16674 Glyfada, Greece. Email: hello@lovelyletterings.com . Phone: +302117259603. If applicable, DPO: Tsobanoglou Yoann security@lovelyletterings.com . Supervisory authority: Hellenic Data Protection Authority (HDPA), 1–3 Kifisias Ave, 115 23 Athens, contact@dpa.gr, +30 210 6475600. dpa.gr

What data we collect & why (lawful bases)

  • Account & order data (name, email, phone, billing/shipping address, order contents): to perform a contract and pre-contract steps (checkout, delivery). GDPR Art. 6(1)(b).

  • Payments (partial card details, transaction IDs): to process payments via our providers [Stripe/PayPal/etc.]. GDPR Art. 6(1)(b).

  • Communications (emails, messages, support): to respond to queries and maintain records. GDPR Art. 6(1)(b),(f).

  • Marketing (email/newsletters, social promotions): only with consent; you can withdraw anytime. GDPR Art. 6(1)(a) & EDPB Consent Guidelines. edpb.europa.eu

  • Analytics & cookies: see Cookie Policy (consent where required under Greek ePrivacy Law 3471/2006). dpa.gr

Personalised engraving & uploads
If you upload designs/names/phrases for engraving, we process the file(s) to fulfil your order (contract) and keep them for proof, warranty, or re-orders (legitimate interests). You must have the necessary rights—see Terms & Conditions. (Greek Copyright Law 2121/1993; DSM updates). library.opi.gr+1

Data recipients

  • E-commerce & hosting: WordPress/WooCommerce and our host [provider].

  • Payments: [Stripe/PayPal/bank].

  • Logistics: couriers/shippers to deliver orders.
    All act as independent controllers or processors under data processing agreements as required by GDPR. (GDPR implemented in Greece via Law 4624/2019). dpa.gr

International transfers
Where a provider stores data outside the EEA, we use lawful transfer mechanisms (e.g., SCCs) as provided by GDPR.

Retention

  • Orders & invoices: 10 years (tax law).

  • Customer service threads and proofs: up to 24 months after completion, unless needed for legal claims.

  • Marketing data: until you unsubscribe or withdraw consent.

Your rights
Access, rectification, erasure, restriction, portability, objection, and complaint to the HDPA. How to complain: HDPA portal (Gov.gr/HDPA). dpa.gr+1

Security
We apply appropriate technical and organisational measures, limit access, use HTTPS, and minimise data.

Updates to this notice
We may update this policy; we’ll post the new date here.

Last updated: 04/11/2025