PRIVACY POLICY – PERSONAL DATA
PRIVACY POLICY – PERSONAL DATA

PRIVACY POLICY – PERSONAL DATA

This is valid as of 05.09.2023

GENERAL – AB.GR / AB APP

1. PURPOSE

The company "ALFA – BETA" VASSILOPOULOS SINGLE MEMBER SOCIETE ANONYME (hereinafter AB), member of the Ahold Delhaize Group, recognizes the importance of the issue of personal data security and electronic transactions. AB considers the protection of all necessary technical measures and the observance of the current legislation to be of utmost importance.
The trust of customers, partners and suppliers is of particular importance to AB. In order to maintain this trust, we must process personal data in a secure manner and in accordance with applicable law.
The purpose of this policy is to inform data subjects about the data collected for their service, to inform them about offers and new services. Through this policy, data subjects can be informed of their rights in accordance with applicable law.
In the context of this policy:
"Personal Data" means any information through which an individual is identified or identifiable.
"Processing of Personal Data" is any action performed using personal data, such as their collection, storage, use, disclosure to third parties that undertake the management of personal data in the name and on behalf of AB to achieve a specific business purpose.

2. KEY PRINCIPLES OF PERSONAL DATA PROTECTION

AB recognizes that the existence of clear guidelines for the proper use of personal data is an integral part of the proper functioning of the company and is absolutely necessary to ensure the personal data we handle and may concern customers, partners, and suppliers. For this reason, AB:

  • is committed to protecting the data of customers, partners and suppliers;
  • handles only those data that are necessary for legitimate business purposes;
  • provides its customers with information on the use of their data and how to exercise their rights;
  • uses personal data for the benefit of its customers;
  • complies with applicable laws and regulations.

Based on these principles regarding the security of personal data, the following applies:

Collection and processing
AB collects and processes personal data in a legal manner and in accordance with applicable law. The personal data collected and processed are absolutely necessary for the intended purpose and data subjects are clearly informed as regards both the purpose of collecting and processing their data and their rights.

Processing management
AB enables data subjects to manage their personal data and to manage the form of processing they want and if they want it. AB enables data subjects, in accordance with applicable law and the trading relationship connecting it with the data subjects, to consent or to withdraw their consent, as the case may be.

Providing information
AB has created various channels of information of the data subjects, in order to always provide them with clear and complete information as to the purpose of processing their personal data. Through these information channels, data subjects also receive clear information, in addition to the purpose of processing, about any third-party recipients of their data that, as part of serving the intended purpose, act in the name and on behalf of AB. Customers can access the relevant information through the AB site www.ab.gr

Use and data retention period
AB uses the data of the data subjects solely for purposes related to its business activities and in accordance with the values of the AHOLD – DLHAIZE Group. In any case, data use is limited solely to the purpose for which they have been collected. AB may use your data to inform you about offers, new products, new services, and anything else related to the operation and organisation of our company.
The retention time of the data is determined taking into account the purpose for which they have been collected and the applicable law. AB does not retain data for a longer period of time than required either under the trading relationship, connecting the data subject to AB, or under applicable law.

Security measures
AB has taken all appropriate technical measures to secure your personal data. It provides limited access only to those of its employees / partners that need to have access to the data. It takes all necessary measures to avoid any unauthorized access to, use of or modification to such data. It complies with applicable law and has established data protection procedures.

Updated data
AB always strives to ensure that the personal data it processes is always up to date, complete and relevant to the purpose of the processing being performed.

Data access
Only authorized employees of AB have access to the data. AB cooperates with third companies for the purposes of communication, advertising, information, to whom, if and when required, personal data are disclosed. AB ensures that all necessary organizational and technical means for data protection have been obtained from those companies and that they have informed and obliged their employees regarding the confidential nature of such data.

Exercise of rights
Under the applicable law you have the right to:

  • be informed about the processing of your personal data
  • gain access to your personal data
  • request the correction of incorrect, inaccurate or incomplete personal data
  • request the deletion of personal data when it is no longer necessary or if the processing is unlawful
  • object to the processing of your personal data for marketing purposes or for reasons related to your particular situation
  • submit a request to restrict the processing of your personal data in specific cases
  • receive your personal data in a machine-readable format and send it to another controller ("data portability")
  • to submit a request so that decisions based on automated processing, concerning, or significantly affecting you and based on your personal data, are made by natural persons and not only by computers. You also have the right in this case to express your opinion and appeal the decision.

In order to exercise your rights, you should contact AB either by calling 18202 (charge based on the current price list of each telecommunications provider) or by filling out the relevant form at https://ask.ab.gr/s/contactsupport, detailing the request and the data subject or at dpo@aholddelhaize.com.

3. GENERAL MATTERS

Links to other websites
Other companies' websites may be accessed through AB's website. AB is not responsible to users for any leakage of their personal data due to their use of products and third-party services through the company's website.

COOKIES

AB may use cookies to recognize users. Cookies are small text files stored on each user's terminal which do not receive any information nor gain access to a user's personal data or documents. Cookies are used solely for the purpose of facilitating the user's access to specific products and/or services and for statistical purposes in order to determine the areas, in which AB products and/or services are popular or for marketing purposes.

With your consent, if required by the applicable law, we use cookies such as Adobe Analytics that help us understand how users interact with our websites and to improve website performance. With your consent, we also use third party cookies such as Google Advertising cookies to deliver content via targeted advertising that is relevant to you, limit the number of times an ad is shown to a user, mute ads you have chosen to stop seeing and to measure the effectiveness of advertising on our websites.

Information such as ads click data, country, device type, browser type and time of day may be used by Google to estimate conversions (i.e. desired actions on our websites such as a purchase, click on an ad etc.) that cannot be properly reported due to limitations in browsers, apps and cross device tracking. In addition, such aggregated data collected from cookies is analyzed by Google to predict conversions that likely occurred amongst users who did not give consent. Analysis of this data by Google models helps us further improve our website and ads.

Cookies
Use of cookies from the ab.gr website

Cookies are small text files that are stored on your computer from the websites you visit or from certain emails you open. They are widely used for the operation of websites, as well as for providing commercial or marketing information to website owners.
AB Vassilopoulos uses cookies on this website for the following purposes:

1. Necessary cookies
These cookies are necessary to visit our websites. These cookies allow, for example, the navigation of the various sections of the website or the completion of forms. If you reject cookies, certain sections of the website may not work properly.

2. Functional cookies
Functional cookies are cookies that provide you with a more personalized browsing experience. These cookies store your preferences as well as your settings regarding your favourites.

3. Performance cookies
For performance monitoring purposes, we use cookies to collect information about the use of our websites by visitors in order, on the one hand, to satisfy more visitors' needs and to improve the content of our websites and, on the other hand, to facilitate the use of our websites. For example, one particular cookie helps us count the number of unique visitors, while another identifies the pages that are most popular.

4. Third party cookies
So-called "third party" cookies may be used to display personalized ads. Personalized ads mean ads that are tailored to your gender, age, area, or preferences. No data about your identity are collected or stored by using third-party cookies.

5. Built-in content
This website sometimes links to other websites through a link that the user clicks on. When you visit those external websites, it is possible that cookies will also be created by them. For more information on the creation of cookies on these websites, AB Vassilopoulos recommends that you refer to the Privacy Policy of those websites.

Deleting or blocking cookies

If you wish to block cookies, you can do so through the browser you are using.

Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-9
Chrome: https://support.google.com/chrome/answer/95647?hl=el&hlrm=nl
Firefox: https://support.mozilla.org/el/kb/energopoihsh-apenergopoihsh-cookies-parakoloy8hsh-protimhsewn?redirectlocale=el&s=cookies&r=5&as=s&redirectslug=enable-and-disable-cookies-website-preferences
Safari: http://support.apple.com/kb/PH5042
 
When disabling the use of cookies, you should be aware that some graphics may not be properly displayed or that you may not be able to use certain sections of the website.

List of cookies used by the ab.gr website

For a detailed list of cookies used on this website, see the list below.  The list is updated periodically by upgrading the services provided.

Cookie: groceryCookieLang 
Purpose: This cookie is used to maintain the user's chosen language.
Type: Functional cookie - expiration: 1 year

Cookie: AWSELB 
Purpose: This technical cookie helps manage, access the website and user sessions (Load balancer).
Type: Necessary cookie - session cookie

Cookie: StoreAndDate
Purpose: This cookie is used to allow better space management (caching).
Type: Necessary cookie - session cookie

Cookie: JSESSIONID
Purpose: This cookie is used to manage the user's session.
Type: Necessary cookie - session cookie

Cookie: websiten|#|lang
Purpose: This cookie is used to manage the website's language.
Type: Necessary cookie - session cookie

Cookie: ASP.NET_SessionID
Purpose: The cookie is created automatically by asp.net.
Type: Necessary cookie - session cookie

Cookie: Adobe Analytics cookies: c_m, gpv, s_cc. s_chStacking, s_fid, s_isFP, s_pfm, s_sq, s_stv
Purpose: These cookies allow you to analyse and customise the site, as well as generate statistics. Some are session cookies, others are retained for 1, 2 or 5 years.
Type: Third party cookies

Cookie: Facebook Pixel
Purpose: Marketing and re-targeting on Facebook. Sending information about: Language, page type, category, order amount, delivery method, total order discount
Type: Third party cookies.

Cookie: Google AdServices
Purpose: Measuring Adwords Campaign Performance
Type: Third party cookies

Cookie: DoubleClick (google)
Purpose of the "DSID" cookie: the measurement of results, frequency and targeting for Doubleclick of advertising systems over a period of 15 days
Purpose of the "HERE" cookie: the measurement of results, frequency and targeting for Doubleclick of advertising systems for a period of 21 months
Purpose of the "id" cookie: the measurement of results, frequency and targeting for Doubleclick of advertising systems for a period of 2 years
Purpose of the "_gcl_dc" cookie: to assign sales to the correct channel for a period of 92 days
Type: Third party cookies

Cookie: Linkwise
Purpose: affiliate marketing campaigns
Type: Third party cookies

Cookie: e-satisfaction
Purpose: Measuring user satisfaction on the site
Type: Third party cookies

Cookie: baloon script
Purpose: Help users navigate the website
Type: Third party cookies

Cookie: cpab
Purpose: This cookie is used to manage session information
Type: Third party cookies

Cookie: cp_laternotif
Purpose: It is used to manage notifications in popups.
Type: Third party cookies- Session cookie

Cookie: cp_trigger_add2cart
Purpose: Used to manage the addition of products to the basket
Type: Third party cookies - Session cookie

Cookie: cp_total_cart_items
Purpose: It is used to manage the basket
Type: Third party cookies

Cookie: cp_total_cart_value
Purpose: It is used to manage the basket
Type: Third party cookies

Cookie: cp_sessionTime
Purpose: It is used to manage the user's stay time on the website.
Type: Third party cookies - Session cookie

Cookie: bi 
Purpose: It is used to manage request load.
Type: Third party cookies

Cookie: cptmpc1/cptmpc2/cptmp3
Purpose: It is used to manage information when refreshing a page.
Type: Third party cookies - Session cookie

You can change the cookie settings, here.

4. SPECIAL MATTERS

4.1 ΑΒ PLUS SCHEME TERMS & PERSONAL DATA SECURITY

Personal Data Security

The safety of the data you entrust to us so that we can contact you for news, offers and other benefits tailored to your needs is important to us. That is why we are committed to handling your personal data safely and respectfully.
Our day-to-day operation is based on rigorous policies. We take all the necessary security measures in compliance with national and Community regulations for the protection of personal data. 

About your personal data:

1. Data Collection
An integral part of the loyalty programme is the collection of the data required to establish a relationship of trust between us and this data is included in the application for the issuance of the loyalty card. This information is the minimum required for the loyalty scheme to work and enables us to offer you the benefits that you will choose through the profile selection. At the same time, we also receive details of purchases you have made with your card. These details are collected for statistical purposes so that we may offer you products and services that interest you if you have selected the respective profile. For more detailed information click here.
AB collects the information you fill in when applying for the AB Plus card and when modifying such data upon your request. The above data include title, first name, last name, home address, mobile phone, e-mail, landline, and date of birth, and does not include special categories of data as defined by the national and Community legislation for the protection of personal data.  
AB also collects card transactional data, which is used for statistical purposes or to send targeted communications based on the profile of each member of the loyalty programme, as selected by the member.

2. Purpose of Processing
In the context of running our loyalty scheme and based on AB Plus’ updated terms, we collect your personal data aiming to provide better and customized services and offers. Moreover, depending on the profile you select, you can enjoy more benefits as a member of the loyalty programme. 

  • ΑΒ Plus Basic: By selecting this profile, you consent to receive general promotional offers and notifications that apply to all members of the loyalty programme by email, short text messages (SMS and Viber), or by post.
  • AB Plus Personal: By selecting this profile, in addition to any benefits offered to the basic profile customers, you consent to the analysis of the data registered with your AB Plus card, and of your purchases and customer preferences, for the purpose of receiving personalised information, promotional communications, updates and offers by email, short text messages (SMS and Viber) or by post.
  • AB Plus Unique: By selecting the AB Plus Unique profile, in addition to any benefits offered to the personal profile customers, you consent to the analysis of the data registered with your AB Plus card and of your purchases and customer preferences, for the purpose of receiving personalised information, promotional communications, updates and offers from AB and other business partners of AB, through AB's channels, by email, short text messages (SMS and Viber), by post or through the social media (custom audience services). AB only shares encrypted data for this purpose. 

Depending on the selected profile, and in order to offer you the benefits corresponding to your profile, AB may process your data in order to send you updates, special content, offers and requests to participate in surveys, competitions, etc. to the contact details you have provided [address, email address, mobile phone number (SMS / Viber, etc.)]. You can change your communication preferences and profile through your account as you wish from time to time. Any change to your preferences may affect the benefits available to you, as same are described above. It is expressly stated that, in case of a change in your communication preferences, you may lose points, benefits, etc. that are registered on your card as part of a specific communication profile, in which case AB shall bear no liability towards you.
It is expressly specified that AB can modify the aforementioned preference and communication profiles in accordance with its commercial policy and the laws applicable from time to time, amending these terms and conditions accordingly. In this case, users will be adequately and appropriately notified of the new preference and communication profiles and will be given the necessary time to make the necessary selections/changes.

3. Retention Period
Personal data is retained for as long as the card is active and for a maximum period of five (5) years after the last use of the card. If the card is cancelled and if there is a legal interest or legal obligation of AB, the retention period shall not exceed 5 years.
Personal data is retained for as long as the card is active and for five years after the year it was last used. 

4. Data Management
AB is responsible for the management and processing of your personal data and takes all appropriate technical and material security measures while fully maintaining the privacy of your data. The same measures are taken by third parties who may have access to your data to send communications and provide other services to you on behalf of our company, always to provide a better service.
Data recipients may be third party companies with which AB has signed contracts for the purpose of providing services to its customers on its behalf and always with the aim of better service, indicatively and not restrictively for sending communications and offers, for carrying out satisfaction surveys, for the registration of data, for the management of requests, etc. Each company has taken all the necessary security measures and is committed to complying with the conditions of confidentiality as well as AB's privacy policy and are obliged to comply with the provisions of the European General Regulation for Data Protection (GDPR).
AB and its affiliates:
Comply with the provisions of the national and Community legislation for the protection of personal data and with the decisions of the Hellenic Data Protection Authority.
Implement appropriate technical, material, and organizational security measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and against all other forms of unlawful processing.
Maintain the privacy of personal data and do not disclose personal data in any way to any third parties unless you have been notified, or unless the data must be provided in accordance with the applicable law, such as when personal data must be disclosed to a competent public authority to comply with a legal obligation. AB shall ensure that persons authorized to process personal data are bound by the same confidentiality obligations.

5. Customer Rights

Under the applicable law you have the right to:

  • be informed about the processing of your personal data
  • gain access to your personal data
  • request the correction of incorrect, inaccurate or incomplete personal data
  • request the deletion of personal data when it is no longer necessary or if the processing is unlawful
  • object to the processing of your personal data for marketing purposes or for reasons related to your particular situation
  • submit a request to restrict the processing of your personal data in specific cases
  • receive your personal data in a machine-readable format and send it to another controller ("data portability")
  • to submit a request so that decisions based on automated processing, concerning, or significantly affecting you and based on your personal data, are made by natural persons and not only by computers. You also have the right in this case to express your opinion and appeal the decision.

In order to exercise your rights, you should contact AB either by calling 18202 (charge based on the current price list of each telecommunications provider) or by filling out the relevant form at https://ask.ab.gr/s/contactsupport, detailing the request and the data subject.

4.2. E-SHOP DATA PROTECTION

A. When submitting an order, you are asked to enter the necessary information for the execution of your order (name, contact phone number, delivery address).

B. Recipients of these data may be third party collaborating companies that have undertaken the promotion of AB's products and/or services as well as third partner companies that have undertaken the task of delivering the order.

C. When registering and processing personal data, AB, its employees, and its affiliates comply with the provisions of the European General Regulation 2016/679 on Data Protection ("General Regulation"), with the applicable Greek legislation regarding the data protection and with the decisions of the Protection Authority.

D. The purpose of the processing is the submission and receipt by you of your order by providing your consent for this purpose. Personal data are collected for specified purposes, namely for the execution and servicing of the transactional relationship and are not further processed, unless the data subject himself has stated otherwise. It is clarified that further processing for scientific or statistical purposes is not considered incompatible.

E. Duration: Personal data is kept for as long as the user's account is active and has not been cancelled. In case of cancellation, the data can be kept if there is a legal interest of AB or its legal obligation. In this case, the retention period cannot exceed five (5) years.

F. AB and its affiliates apply appropriate technical, material, and organizational security measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unlawful disclosure, or access (including remote access) and against all other forms of unlawful processing (including unnecessary collection or further processing). These measures ensure a level of security commensurate with the risk, taking into account the development of technology, the cost of implementation and the nature, scope, context and purposes of the processing.
AB and its affiliates maintain the confidentiality of personal data and do not disclose personal data in any way to any third party without the prior notification of the subject, except in the cases expressly provided for in the applicable legislation, such as indicatively in the event that the disclosure of personal data must be made to a competent public authority for the purpose of complying with a legal obligation. AB ensures that persons authorized to process personal data are bound by the same confidentiality obligations.

G. Rights: Under the applicable law you have the right to:

  • be informed about the processing of your personal data
  • gain access to your personal data
  • request the correction of incorrect, inaccurate or incomplete personal data
  • request the deletion of personal data when it is no longer necessary or if the processing is unlawful
  • object to the processing of your personal data for marketing purposes or for reasons related to your particular situation
  • submit a request to restrict the processing of your personal data in specific cases
  • receive your personal data in a machine-readable format and send it to another controller ("data portability")
  • to submit a request so that decisions based on automated processing, concerning, or significantly affecting you and based on your personal data, are made by natural persons and not only by computers. You also have the right in this case to express your opinion and appeal the decision.

In order to exercise your rights, you should contact AB either by calling 18202 (charge based on the current price list of each telecommunications provider) or by filling out the relevant form at https://ask.ab.gr/s/contactsupport, detailing the request and the data subject.

This policy will be renewed and updated from time to time in accordance with applicable national and EU law.