Privacy policy

Introduction
The controller of your personal data is the company “L. Kyritsis Orthopedics S.A.”, headquartered in Chalandri, 297 Mesogeion Avenue – 15231. The company is legally represented, with VAT number: 093104675, registered with the Tax Office: KEFODE Attikis, and business registration number (GEMI): 004390601000. Phone: +30 210-6775555, email: eshop@kyritsis-orthopedics.com

For the proper operation of our services and to better serve you, we process your personal data in accordance with Law 2472/1997 and its relevant amendments.

We process data from individuals who:

  • Have made a purchase through our website
  • Have filled out any contact form on our website
  • Have participated in promotional campaigns via forms
  • Visit our physical stores

What Constitutes Personal Data
Personal data refers to information related to an identified or identifiable living individual. Multiple pieces of data that, when combined, can identify a specific person also qualify as personal data. Data that has been anonymized, encrypted, or pseudonymized but can still identify a person is still considered personal data and falls under the GDPR. Only data that has been irreversibly anonymized so that the person is no longer identifiable ceases to be considered personal data. The GDPR protects personal data regardless of the technology used to process it. It applies to both automated and manual processing, whether data is stored digitally or in physical format.

Sensitive Personal Data
When you visit us, we may collect sensitive data such as gender, financial, and medical information, for:

  • Issuing orthopedic product/service order forms
  • Providing requested paramedical services

The legal basis for this is the execution of the contract between us (Article 6(1)(b) and Article 9(2)(h) of the GDPR). Retention period: 20 years, in order to provide long-term support (e.g., repeat constructions, treatment tracking, etc.)

Personal Data of Minors
If it becomes necessary to process data of minors under 15 years old, we do so only with the written and explicitly expressed consent of their legal guardians. We take reasonable steps to verify that the consent has indeed been given by the person with parental responsibility, including ID checks and supporting documents.

Data Protection Compliance
Our company fully complies with:

  • The General Data Protection Regulation (GDPR 2016/679)
  • Any specific national or European data protection legislation
  • Law 3471/2006 on electronic communications
  • The Medical Professional Code of Conduct
  • Decisions of the Hellenic Data Protection Authority (DPA)

We collect personal data only for clear and lawful purposes, and do not process it further in any way that is incompatible with those purposes.

On kyritsis-orthopedics.com, we only collect the personal data required to process your order, in a lawful, fair, and transparent manner.

Collected data includes: Full name, address, phone number, and email address.

Data Sharing and Security

  • User data will never be disclosed, published, or sold to third parties unless required by law (e.g., Law 2225/1994 or Directive 24/2006)
  • Depending on the selected payment method, relevant data (e.g., credit card number) may be shared with the respective bank and deleted from our system after the order is completed for enhanced security.
  • Depending on the shipping method, relevant personal data may be processed by third-party logistics or customer service providers (e.g., courier companies or call centers). These parties may act as joint or independent controllers or processors, and must follow the same security standards.
  • If a customer requests delivery to a third party, the customer accepts full responsibility for informing that third party and obtaining their consent for data sharing.

Data collected through contact forms is stored and used only to respond to your request. The legal basis is your consent (Article 6(1)(a) GDPR). Data is deleted after your communication is completed, unless legal obligations require otherwise.

We do not transfer personal data outside the EU. If necessary (e.g., for cloud services), such transfers will comply with GDPR Articles 44 and onwards.

Your Rights
You have the right to:

  • Access
  • Correct
  • Delete (or anonymize)
  • Restrict processing
  • Object to processing

To exercise these rights, email: eshop@kyritsis-orthopedics.com

If you have placed orders, account data cannot be deleted due to ERP system requirements—but it can be anonymized.

In the event of a data breach or suspected breach, we are obligated to inform both the affected individuals and the Hellenic Data Protection Authority within 72 hours. Only authorized personnel have access to personal data, following strict procedures. Customer data is stored with all necessary security technologies (encryption, firewalls, antivirus, etc.).

Newsletter Subscription
Subscribing to our newsletter via kyritsis-orthopedics.com is optional and not required for browsing or placing orders. By entering your email and confirming it, you give explicit consent to receive promotional content about products, events, and marketing messages.

While we make every effort to ensure proper delivery, the company is not liable if newsletters end up in spam. You can unsubscribe at any time via the link in each newsletter.

Transaction Security
Our website uses SSL (Secure Sockets Layer) encryption to securely exchange data between devices, protecting your personal information..

IP Address Tracking
We may track your IP address for informational (e.g., Google Remarketing), statistical (e.g., Google Analytics), and security purposes.
You can disable IP tracking through your browser settings, but this may limit access to certain features of the site.

Complaints & Contact
You may submit complaints to the Hellenic Data Protection Authority (DPA): 1-3 Kifisias Ave., 11523 Athens, Phone: +30 210 6475600, Website: https://www.dpa.gr

 

Cookies Policy
We collect digital visitor data using cookies. Cookies are not required for the site to function, but they improve your browsing experience.

What Are Cookies?
Cookies are small text files stored on your computer or device when you visit a website. Each browser (e.g., Chrome, Firefox, Safari) stores cookies that may contain anonymized info about pages visited and devices used.

Cookie Usage
You can delete or block cookies at any time. However, some site features may not function properly without them. Cookies are also used by third parties like Google and Facebook for, Statistics (Google Analytics), Advertising (Google Display, Facebook Ads), Remarketing (Google Remarketing).

You may opt out of Google cookies here.

All cookie-related information is used only as described and not for personal identification.

Types of Cookies Used

  • Necessary (Functional)
  • Statistical
  • Promotional/Marketing

You can change your cookie preferences here.

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Statistics

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.

Promotional

Promotional are used to deliver content that is more relevant to the visitor's preferences. They are commonly used for targeted advertising, promotion of offers as well as for measuring effectiveness. The services we use are Google Adwords and Facebook.