Refund policy

Privacy Policy

 

Last Updated: August 25, 2025

This Privacy Policy describes how our K-Beauty online store, based in Greece (hereinafter referred to as the “Company” or “we”), collects, uses, and protects your personal data, in accordance with the General Data Protection Regulation (EU 2016/679 - GDPR) and applicable Greek legislation. By accessing and using our website, you unconditionally accept the terms of this Policy. If you do not agree with the terms, please do not use our website and services.

1. What Personal Data We Collect

We collect only the essential personal data that you voluntarily provide when using our online store, in order to process your orders and provide our services. This includes basic identification and contact details such as:

  • Full Name: Your first and last name

  • Email Address: Your contact email

  • Shipping Address: Your residential or work address for product delivery

  • Phone Number: A contact number for order updates or emergencies

These details are voluntarily provided by you during account creation, order submission, or communication with us. We do not collect sensitive personal data and we only request what is necessary for the stated purposes. Additionally, certain information may be collected through cookies during your visit (see Section 2).

2. Use of Analytics, Advertising & Email Marketing Tools

We use third-party tools to analyze website traffic, improve services, advertise, and send newsletters. These tools may collect information via cookies or similar technologies. Specifically, we use:

  • Google Analytics: A tool by Google that helps us understand how users interact with our website. It collects anonymous data like IP address, browser type, pages visited, and time spent on site. We do not collect personally identifiable information through Google Analytics, and the data is stored by Google under its privacy policy. You can disable cookies at any time via your browser settings if you wish to opt out.

  • Facebook Pixel: A tool from Meta (Facebook/Instagram) for advertising and remarketing purposes. It helps us track conversions (e.g., if you completed a purchase after viewing an ad) and show you personalized ads on social media. The Facebook Pixel places cookies and may collect information about your visit (pages viewed, actions taken, etc.). We do not share personal identifiers (like name or email) with Facebook via the Pixel — tracking is done using pseudonymized data (e.g., cookie ID). You can manage your ad preferences through your Facebook account or disable cookies.

  • Email Marketing Platforms (e.g., Mailchimp, Klaviyo): If you sign up for our newsletter or give consent, your name and email will be securely stored on an external platform we use for email marketing. These platforms act as data processors under GDPR and will not use your data for their own purposes. All emails include an “Unsubscribe” link so you can opt out at any time.

  • Cookies: These tools function through the use of cookies – small data files stored in your browser. We use cookies solely for legal purposes: site functionality, traffic analysis, and personalization (like targeted ads). You can delete or disable cookies via your browser settings, though some website functions may not work correctly. For more details, see our Cookie Policy (if available) or contact us directly.

 

3. Payments via Third-Party Providers (PayPal, Banks, Cards)

To process your payments, we work with trusted third-party payment providers. This means that when you make a purchase, your payment is processed through external services (e.g., PayPal or banking gateways like Visa, MasterCard, etc.). We do not collect or store your credit/debit card details.

Specifically, during payment, you are redirected to a secure environment (SSL/TLS encryption) of the payment provider, where you enter your card information. The provider (e.g., your bank or PayPal) receives your data directly and informs us only about the success or failure of the transaction. We receive essential information (e.g., payment confirmation, amount, transaction ID) but never your card number, CVV, or other sensitive data.

All payment providers we use comply with strict security standards (like PCI-DSS) and relevant data protection laws. Please also review their respective Privacy Policies (e.g., PayPal’s Privacy Policy) for further information.

4. Use of Data for Newsletters & Promotional Content (Consent)

 

We only use your personal data for promotional purposes if you have given your explicit consent. Specifically, your email (and possibly your first name) may be used to send newsletters, special offers, product updates, and other marketing content related to our store and K-Beauty products.

  • Newsletter Subscription: If you enter your email in the subscription form or select the relevant option during account/order creation, we consider this as your consent to receive marketing emails from us. Your email will be used solely for the requested content.

  • Right to Withdraw – Unsubscribe: You can revoke your consent and unsubscribe at any time. Every email includes an “Unsubscribe” link that removes your email from our mailing list. Alternatively, you may contact us directly (see Section 8) to request removal. Revoking consent does not affect the legality of prior processing.

We will not use your contact details for promotional purposes unless you have consented. Newsletter signup is optional and not required to make a purchase.

 

5. Use of Website by Minors

 

Our website is intended for individuals aged 18 and over. Use of our store by minors under 18 is strictly prohibited. We do not knowingly collect personal data from minors.

If you are under 18, please do not use our site or provide any personal information (e.g., do not register or place orders). If we become aware that data from a minor has been collected without appropriate parental consent, we will delete it as soon as possible. Parents and guardians should supervise their children’s online activity and notify us if they become aware of unauthorized submissions.

 

6. Your Rights Under the GDPR

 

As a data subject, you have several rights regarding your personal data under the GDPR. We fully respect and safeguard these rights. Specifically, you are entitled to:

  • Right of Access: You may request confirmation on whether we process your data and access a copy of the personal data we hold.

  • Right to Rectification: You may request correction of inaccurate or incomplete personal data.

  • Right to Erasure (“Right to be Forgotten”): You may request deletion of your data when it is no longer necessary, or if you withdraw consent. We will delete data unless other legal obligations require us to retain it (e.g., tax or accounting purposes).

  • Right to Restrict Processing: You may request temporary or permanent restriction of processing under certain conditions (e.g., data accuracy is contested).

  • Right to Data Portability: You may request a structured, commonly used, machine-readable format of your data (e.g., CSV) and transfer it to another controller, where technically feasible.

  • Right to Object: You may object at any time to data processing based on legitimate interest. We will stop unless we have compelling legal reasons. You also have an absolute right to object to direct marketing or profiling.

  • Right to Withdraw Consent: If processing is based on your consent (e.g., newsletters), you can withdraw it at any time. Withdrawal applies going forward.

  • Right to Lodge a Complaint: If you believe your data rights have been violated, you may file a complaint with the competent supervisory authority. In Greece, this is the Hellenic Data Protection Authority (HDPA) at www.dpa.gr, address: Kifisias 1-3, Athens, 11523.

To exercise any of your rights, please contact us (see Section 8). We aim to respond within 30 days. Requests are free of charge, although we may request identity confirmation (e.g., email verification or ID) for security purposes.

 

 

7. Data Security

We are committed to protecting your data and have implemented appropriate technical and organizational security measures, including:

  • Encryption & SSL: Our website uses HTTPS with SSL/TLS encryption to ensure secure data transmission.

  • Access Restrictions: Only authorized employees with a business need can access personal data. All personnel are bound by confidentiality obligations.

  • Trusted Partners: We work only with service providers (e.g., hosting, Shopify platform, payment processors, couriers) that comply with GDPR and data protection best practices.

  • Security Monitoring & Testing: We regularly update our systems and conduct security assessments to detect vulnerabilities. Personal data is stored in secure databases protected by firewalls and antivirus.

While no system is 100% secure, we take all reasonable steps to protect your data. We do not disclose or share your data beyond the scope outlined in this Policy (e.g., service providers or legal obligations). In case of a data breach that may compromise your rights, we will notify you promptly as required by GDPR.

 

 

8. Contact Regarding Privacy Matters

 

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, feel free to contact us:

  • Email: info@nua.com.gr

  • Postal Address: K-Beauty Company, Paradigmatos Street 123, 11111 Athens, Greece

You may also use the contact form on our website (if available).

 

 

We want you to feel fully informed about your rights and how we handle your data. Your privacy is our priority. This Privacy Policy may be updated periodically to reflect changes in our practices or legal requirements. The latest version will always be posted on our website with the updated “Last Modified” date. Please check this page regularly. Continued use of the site after changes implies acceptance of the updated practices.


If you need further clarification, we are here to help. Thank you for trusting our store for your purchases!