PRIVACY POLICY & GDPR COMPLIANCE

Privacy Policy

Last Updated: 30/09/2025

This Privacy Policy explains how CARPEBO SINGLE MEMBER P.C. (hereinafter referred to as the “Company,” “we,” “us,” or “our”) collects, uses, stores, and protects your personal data when you visit and interact with our Website nuteroo.com (hereinafter the “Website”).

We are committed to safeguarding your privacy and ensuring compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Greek data protection laws.

1. Data Controller

The Data Controller responsible for processing your personal data is:

CARPEBO SINGLE MEMBER P.C.

  • Company Registration Number: 161870546000

  • VAT No.: EL801706623

  • Registered Address: 2nd km Xanthis Lagous, Xanthi, Greece

  • Contact Email: info@carpebo.com

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: first name, last name, billing and shipping addresses.

  • Contact Data: email address, phone number.

  • Transaction Data: order details, purchase history, payment method (excluding full card details).

  • Technical Data: IP address, browser type, operating system, cookies, and usage data.

  • Marketing Data: your preferences regarding newsletters, promotional offers, and communications.

3. Purpose and Legal Basis of Processing

We process your personal data for the following purposes:

  1. Order Fulfillment: to process, deliver, and manage your purchases. (Legal basis: performance of contract)

  2. Customer Support: to respond to inquiries and provide assistance. (Legal basis: legitimate interest)

  3. Payment Processing: through secure payment providers (Stripe, VivaPayments, PayPal). (Legal basis: performance of contract)

  4. Shipping and Logistics: sharing necessary data with courier partners (DHL Courier, Box Now). (Legal basis: performance of contract)

  5. Marketing and Communication: sending newsletters, promotions, and product updates (only with your explicit consent). (Legal basis: consent)

  6. Legal and Tax Compliance: maintaining records for accounting and regulatory purposes. (Legal basis: legal obligation)

4. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data. Data may be shared only with:

  • Payment Service Providers: Stripe, VivaPayments, PayPal.

  • Shipping Providers: DHL Courier, Box Now.

  • IT and Hosting Providers: secure server and e-commerce platform partners (WooCommerce/WordPress).

  • Legal and Tax Authorities: where required by law.

All third-party providers are bound by GDPR-compliant contracts and process data only as instructed.

5. Data Retention

  • We retain personal data only for as long as necessary for the purposes stated in this Policy.

  • Transaction and invoicing data are retained for at least 10 years to comply with tax laws.

  • Marketing data are retained until you withdraw your consent or unsubscribe.

  • After the retention period expires, data are securely deleted or anonymized.

6. Your Rights Under GDPR

As a data subject, you have the following rights:

  1. Right of Access – to request a copy of the personal data we hold about you.

  2. Right of Rectification – to correct inaccurate or incomplete data.

  3. Right to Erasure (“Right to be Forgotten”) – to request deletion of your data, subject to legal obligations.

  4. Right to Restriction of Processing – to limit how your data are processed.

  5. Right to Data Portability – to receive your data in a structured, commonly used format.

  6. Right to Object – to object to processing based on legitimate interests or direct marketing.

  7. Right to Withdraw Consent – to withdraw previously given consent at any time.

Requests to exercise your rights may be sent to info@carpebo.com. We will respond within 30 days, in accordance with GDPR.

7. Cookies and Tracking Technologies

  1. The Website uses cookies to improve functionality, analyze usage, and deliver personalized content.

  2. Cookies may include session cookies, analytics cookies (e.g., Google Analytics), and marketing cookies.

  3. You may manage or disable cookies through your browser settings.

  4. For more details, please refer to our separate Cookie Policy.

8. Data Security

  1. We implement appropriate technical and organizational measures to protect your personal data, including SSL encryption, firewalls, and access controls.

  2. While we take all reasonable precautions, no system can be completely secure. Therefore, we cannot guarantee absolute data security.

9. International Data Transfers

  1. Personal data may be transferred to and processed in countries outside the European Economic Area (EEA), but only where adequate safeguards are in place (e.g., Standard Contractual Clauses, adequacy decisions).

  2. By using our services, you consent to such transfers where necessary.

10. Marketing and Newsletters

  1. By subscribing to our newsletter or opting in during checkout, you consent to receive marketing communications.

  2. You may withdraw your consent at any time by clicking the unsubscribe link included in each email or by contacting us directly.

  3. Transactional emails (e.g., order confirmation, shipping updates) are necessary for fulfilling your order and cannot be unsubscribed from.

11. Changes to This Privacy Policy

  1. We reserve the right to update this Privacy Policy from time to time.

  2. Any changes will be posted on the Website with a revised “Last Updated” date.

  3. We encourage you to review this Policy periodically.

12. Contact Information

For any questions, concerns, or to exercise your GDPR rights, please contact:

CARPEBO SINGLE MEMBER P.C.
Email: info@carpebo.com
Address: 2nd km Xanthis Lagous, Xanthi, Greece