Privacy Policy

Last updated: March 2026

Pinatas.gr is committed to protecting your personal data. This policy explains what information we collect, how we use it, and what your rights are.

Who We Are

Pinatas.gr is a Greek business selling handcrafted piñatas, operating at www.pinatasgr.com. For any privacy-related questions, contact us at pinatas.gr@gmail.com

What Information We Collect

When you place an order or contact us, we may collect:

  • Your name and email address
  • Your delivery address and phone number
  • Payment information (processed securely — we do not store card details)
  • Order history and correspondence
  • Photos or files you send us for custom orders
  • IP address and browsing data via cookies

How We Use Your Information

We use your information to:

  • Process and fulfil your orders
  • Send you order confirmation and tracking information
  • Respond to your enquiries and customer service requests
  • Send marketing emails if you have opted in (you can opt out at any time)
  • Improve our website and services
  • Comply with our legal obligations under Greek and EU law

Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your data on the following legal bases:

  • Contract: to fulfil your order
  • Legitimate interest: to improve our services and prevent fraud
  • Consent: for marketing communications — you can withdraw consent at any time
  • Legal obligation: where required by law

Who We Share Your Data With

We share your data only with:

  • Courier and delivery companies — to deliver your order
  • Payment processors — to process your payment securely
  • Shopify — our e-commerce platform (see Shopify's privacy policy at shopify.com)
  • Email marketing platforms — only if you have opted in to marketing

We do not sell your personal data to third parties. Ever.

How Long We Keep Your Data

We keep your order and customer data for 6 years to comply with Greek tax and accounting regulations. Marketing data is kept until you unsubscribe.

Your Rights Under GDPR

As an EU resident you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Delete your data (the "right to be forgotten")
  • Restrict how we process your data
  • Object to our use of your data for marketing
  • Data portability — receive your data in a machine-readable format

To exercise any of these rights, email us at pinatas.gr@gmail.com. We will respond within 30 days.

If you believe we have handled your data incorrectly, you have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA) at www.dpa.gr.

Cookies

We use cookies to improve your browsing experience, remember your preferences and analyse website traffic. Please see our Cookie Policy for full details.

Changes to This Policy

We may update this policy from time to time. The date at the top of this page will always reflect the most recent version.

Contact Us

📧 pinatas.gr@gmail.com 📞 +30 698 888 6587 🕐 Monday to Friday, 9:00am – 5:00pm