Welcome to NEVROBLAZER
The protection of your data and its security is important to us. We are committed to protecting your personal data. The company currently active in Greece regarding the sale of products of the NEVROBLAZER brand (hereinafter, “NEVRO”) is based at 2, Nikomidias Street in Naoussa. N. Imathias. You can contact us by post at the above address, by email at the info@nevroblazer.com or by phone +306972879480. In this Privacy Policy you will find all relevant information that applies to the use of the personal data of our users and customers, how we use it and how this information can benefit you. There is transparency about what we do with your personal data so that you can understand the consequences of why we use it and the rights you have in relation to your data. We have all the information included in this Privacy Policy available to you so that you can check when you consider it necessary and additional information for each processing of your data during your cooperation with us. In order to make transparent the way we collect, use, store, transfer and protect the personal data (PII) we receive, our company encourages visitors to its website and anyone interested to read this Privacy and Data Protection Statement (“OnlinePrivacyStatement” or “PrivacyStatement”).

INTRODUCTION
The Company applies this Privacy Policy in accordance with the Personal Data Protection Act and informs that it uses only the personal data voluntarily provided by the visitors of our websites, as customers or potential customers or when we communicate with you otherwise, in order to be able to provide information, information about the type of personal data that our company collects, information about why we use your data, how they are processed (collection, storage, use, transmission), the means of their protection and the rights that users have against this processing, which in any case is carried out in a reliable and transparent manner. When collecting this information, we act as a data controller in compliance with the applicable legal framework and in order to protect your personal data as a safest and most secure way.

Basic concepts and definitions referred to herein:
When we refer to personal data we mean any information concerning a specific natural person or person whose identity can be ascertained, i.e. any information concerning an identified or identifiable natural person (“data subject”). Identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as information that identifies or can identify you, such as your image, your name, postal address, e-mail address, contact number, tax identification number, location data, online identifier or to one or more factors that they are peculiar to the physical, physiological, genetic, psychological, economic, cultural or social identity of the natural person concerned. When we refer to the processing of your personal data we mean any operation or series of operations carried out with or without the use of automated means, on personal data or on sets of personal data, i.e. processing is the collection, registration, organization, structuring, storage, adaptation or alteration, retrieval, search for information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, erasure or destruction. “Data Controller” means the natural or legal person, public authority, agency or other body that, alone or jointly with others, determines the purposes and the way of processing personal data, in this case the Company “Processor” means the natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller, in this case on behalf of the Company.
‘consent’ of the data subject means any freely given, specific, informed and informed indication of the data subject’s intention to express his or her agreement, by a statement or a clear affirmative action, to the processing of personal data concerning him or her; ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. “Sensitive personal data or special categories of data” means data such as: religious, ideological, political opinions or actions, information on health, gender or biometric data, race and national origin, administrative or criminal proceedings or sanctions. “Profiling” means any form of automated processing of personal data using personal data for the purpose of assessing specific personal characteristics associated with a person. ‘Special categories of personal data/Sensitive personal data’ means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a person, data concerning health or data relating to the sex life of a natural person or sexual orientation Orientation. “Data file” means any structured set of personal data that is accessible in such a way that the data can identify that person.
We take all necessary measures and adhere to all globally accepted and international standards-based security policies to protect the personal data of customers we process in such a way as to ensure that the processing of personal data always takes place in accordance with the obligations set by the legal framework governing both the company itself, as well as third parties who may process personal data on behalf of the company. The legal framework that follows and binds our Company, which operates on the basis of the applicable National and Community legislation: the relevant provisions of the National Law on the Protection of Personal Data and on the Safeguarding of Confidentiality of Communications (we refer to Law 2472/1997 on the protection of personal data, Law 3471/2006 on the protection of privacy in the electronic communications sector, as in force, the regulations for ensuring the Confidentiality of Communications of A.D.A.E. as published in the Government Gazette B’ 2715/17.11.2011 and in force, the Presidential Decree 47/2005 and the relevant provisions of Community Law (European General Data Protection Regulation / GDPR – 2016/679). Indicatively, the following laws are mentioned, from which we are governed: Law 4624/2019 (Implementing Measures of the General Data Protection Regulation of the European Parliament [2016/679]) Law 2472/1997 on the protection of individuals with respect to the processing of personal data. Directive 95/46/EC of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Directive 2002/58/EC of the European Parliament and of the Council concerning the processing of personal data and the protection of privacy in the electronic communications sector. Law 3471/2006 on the protection of personal data and privacy in the electronic communications sector Regulations issued and under publication of the competent administrative bodies.

2. WHO WE ARE
The legal entity bears the name “Eleni Mitsiani”, which operates under the corresponding registered brand NEVRO, offers luxury clothing products and high quality accessories for sale on the website of www.nevroblazer.com, in the mobile application and in its physical stores. It is located at 2, Nikomidias Street in Naoussa, Imathia, with P.C. 59200 and in GREECE and the e-mail address is: www.nevroblazer.com. Our complete details are: Full name of legal entity: Eleni Mitsiani E-mail address: www.nevroblazer.com Postal address: 59200, NAOUSSA IMATHIAS, GREECE.

3a. LEGAL BASIS OF THE PROCESSING OF PERSONAL DATA NEVRO processes your personal data transparently, in accordance with the principles of legality, proportionality, confidentiality and integrity, limitation of purpose and accuracy, specific data retention time and data minimization if such processing is necessary: for the conclusion of a contract between us or for NEVRO’s compliance with its legal obligation or for the pursuit of its legitimate interests or for the fulfillment of its duty performed in the public interest, or if it is based on your prior express consent, if the processing is not based on any of the above-mentioned legal bases for processing. In conclusion, we will only use your personal data when permitted by law. The legal basis for processing your personal data may be: a) your consent, where our legal basis is consent, you have the right to withdraw your consent at any time. In case you choose to use access or connection through a social network, we are entitled to process your data based on the consent you give at the time of approval of the transfer of your data from the social network as well as following our own actions to inform and send special offers for our services and products, or updates of promotional activities or offers, downloading of informative material (newsletter), etc. We process your data because it is necessary for the execution of the terms governing the use of the Platform. You reserve the right to withdraw your consent to send promotional updates at any time by contacting us using our contact details. b) the necessity of processing your data in the context of the execution of the purchase or service contract with you for the fulfillment of our legal obligations. Some data processing related to the purchase process is only triggered because you request or approve it, such as storing payment (card) data for future purchases or processing the data necessary to scan your purchase receipts through the Payments App section or to provide you with features such as Coming Soon/Comingsoon/Backsoon. In these cases, the processing of your data is based on your consent. c) the necessity of processing your data in compliance with our legal or regulatory obligation. For example, keeping records of our sales for tax compliance or facilitating through a payment process. d) the necessity of processing your data in the context of customer service. When you contact us, especially to manage events related to your order or to the product / service acquired through the Platform, the processing of your data is necessary for the performance of the purchase contract. When your query relates to the exercise of your rights of which we inform you below or to claims about our products or services, we are entitled to process your data is for our compliance with our legal obligations. We have a legitimate interest in responding to requests or queries raised by you through the various existing channels of communication. We understand that the processing of this data is also beneficial to you, insofar as it allows us to adequately assist you and answer the questions you raise. e) the expansion and use of our Marketing Service. We are entitled to process your data for marketing purposes on the basis of the consent you give us e.g. when you agree to receive personalized information through various means, when you authorize us to send push notifications to your mobile device, or when you accept the legal terms and conditions in order to participate in a promotion or to post your photos on the Platform or on our social media, or when you receive a newsletter. In order to show you personalized information, we consider that we have a legitimate interest in drawing up a profile with the information we have about you (such as the browsing you make, your preferences or your purchase history) and the personal data you have given us, such as age range or language, as we understand that processing this data is also beneficial to you because it allows you to improve your user experience and obtain access to information/products according to your preferences. f) The analysis of usability and quality. We have a legitimate interest in analyzing the usability of the Platform and the degree of user satisfaction, as we understand that the processing of this data is also beneficial to you because its purpose is to improve the user experience and to offer a higher quality service. g) The necessity for the extraction of statistical data h) Issuance of invoices and Customer receipts i) Execution of customer collections update in the company’s information systems.

When we consider legitimate interests, we make sure to think about and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are outweighed by the impact of such processing (unless we have your consent or are otherwise required or permitted by law).

3b. CATEGORIES OF INFORMATION WE COLLECT
We reserve the right to collect, process, store and transfer different types of personal data about you, which we have grouped together as follows: Identity data includes the title, gender, first name, maiden name, last name, nationality, place and date of birth, marital status, username or similar identifier. If you interact with us through social media, this may include your social media username and details about your image Contact data includes billing address, delivery address, email address and telephone numbers. Financial data includes bank account and payment card details. Transaction data includes details about payments to and from you, information about your purchases, orders, returns, etc. Technical data includes internet protocol (IP) address, login details, browser type and version, time zone and location, browser add-on types and versions, operating system and platform, and other technology on the devices used to access this website. Connection, location and Internet browsing data (if for example you contact us from your mobile phone) Profile Data & Commercial Information includes your username and password, purchases or orders made, your interests, preferences, comments and survey responses, as well as any data we have added ((for example, if you have subscribed to our newsletter). Social Media Account ID, profile photo and other data available to the public or data available by linking your social media inside. Usage data includes information about how you use our website, products and services. Marketing and communications data includes your preferences for receiving direct marketing from us and from our third parties and your communication preferences. Tracking data includes information that we or others collect about you from cookies and similar tracking technologies, such as web signals, pixels, and mobile IDs.

NEVRO ensures that the personal data it processes are: They are processed lawfully and legitimately in relation to the data subject Collected for specified express and legitimate purposes They are appropriate, relevant and limited to what is necessary for the purposes for which they are processed They are accurate and up-to-date They shall be processed in a manner that guarantees the appropriate security of the personal data, including their protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. They shall be kept only for the period necessary for the purposes of the processing of personal data.

4. HOW PERSONAL DATA IS COLLECTED
Personal data are collected with the explicit consent of the subjects, which is given either by the latter before any processing or collection of their personal data takes place, or by the company itself when you visit our website, where we may collect data from you. In the aforementioned consent, the data subjects are clearly informed, in accordance with the provisions of the applicable legislation on the Protection of Personal Data, that the personal data required for the fulfillment of the intended purpose are to be collected and processed and they are informed of all the recognized rights that they may exercise. We collect and analyze data each time you use our services (whether the services are provided directly by us or by other companies acting on our behalf), when you visit a physical store of ours, when you use our websites or when you use our call centers, from the data of the device, connectivity and configuration; including the protocol (IP) address used to connect your computer or device to the internet, such as when registering, accessing your account or profile to execute bill payment orders, updating your details electronically, reporting network failures, submitting applications, etc.
We may collect or receive data in many different ways. Below we list the main ways in which we do this: We collect Personal Data when you contact us through this website, or otherwise connect with us by mail, phone or email, or through chat or social media, or post on social media pages, or subscribe to a newsletter or participate in a survey or other direct advertising/marketing, contest or promotional offer. When you ask questions or ask for information or contact us in general. When you create an account on our website. When you make purchases from our e-shop or from our stores When we provide you with our services i.e. for your billing and execution of your order We may receive certain data automatically when you interact with us between other means of this website. For example, this may be data about your preferences, browsing or how you use this website. We may also collect data when you click on one of our ads (including those you see on third-party websites or on social media).

NEVRO collects personal data and automatically stores information about you through the use of web technologies (e.g. cookies) and similar tracking technologies when receiving reports of errors or usage data from software applications on your OnLine devices or via WiFi communications at the company’s offices. If you use a mobile device, we may also collect data that identifies your device, settings, and location.

5. PURPOSE/USE OF PROCESSING THE PERSONAL DATA OF OUR CUSTOMERS
NEVRO respects your privacy and protects your personal data. The way we collect data above explained the different ways in which we can receive or receive data. Your personal data are not used for purposes other than those intended by our business and the subjects (e.g. requests of visitors to its websites), who expressly consent to the collection and processing of their data, unless we receive your permission, or unless this is required or permitted by law or by professional specifications. We request and reserve the right to process your personal data for more than one legal reason depending on the following purposes for which we use your data and only to the extent that we need it or intend to use it:
In order to register you as a new customer, first through the conclusion of a contract and to manage your registration as a user of the Platform.If you decide to register as a user on our Platform, we must process your data to identify you as a user of the Platform and to give you access to the various functions, products, products and services available to you due to your status as a registered user. You can also make use of access or login through social networks like Facebook, either sign up as a new user or link the connection to your current account. In this case, your login credentials as well as the e-mail in case you approve it, will be entered from your social media account. By using this login option, the social network may send us some additional information regarding your public profile, for example, your name, gender, approximate age or profile picture, in accordance with the social network’s terms of use, which we advise you to read carefully. We will not retain this additional information unless you give us your approval. In addition, using this feature may mean that you will be sharing with the social network certain information about your activity. In any case, we recommend that you check your privacy settings and social media privacy policies to know how these social networks process your data For the development, fulfillment and execution of the contract of sale or provision of services that you have concluded with us on the Platform. This purpose includes the processing of your data, mainly for the performance of the purchase contract, to contact you about the execution, promotion and dispatch of products, updates or informational notices related to the functions, products or services for which a contract has been concluded, including the sending of quality surveys and in order to be able to determine the degree of customer satisfaction with the service provided to manage the payment of the products you purchase, regardless of the payment process used, to ensure that you can use other available features or services, to manage potential returns after you have made a purchase and to manage requests for information about product availability, product bookings through the platform or depending on the availability of other options; to activate the necessary mechanisms in order to avoid possible fraud against you and against us during the purchase process; If we believe that the transaction may be fraudulent, this processing may result in us blocking the transaction.
To process and deliver your order, including: (a) Management of payments and pricing, fees and charges (b) Collection and recovery of funds due to us. Manage the payment of the products you purchase, regardless of the payment process used. For example: when you purchase any of our products through the Website or the Application, you choose to activate the function of storing your card data for future purchases, we must process the data indicated for the activation and development of this feature. Consent to enable this feature allows automated payment data to appear in subsequent purchases, so that you do not have to re-enter it into each new process, and this data will be considered valid and active for subsequent purchases. You may modify or cancel your cards at any time through the section corresponding to the payment information, or from the registered user account that you have registered on our website, for billing purposes and to make available to you tickets and invoices of the purchases you have made through the Platform.
To manage our relationship with you, including: (a) Updates to changes to the terms and conditions or privacy statement b)sending email notifications about your requests to our website. Necessary for the purpose of complying with a legal obligation and for your legitimate interests and for updating our records and examining how customers use our products / services. To run and protect our business and website (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and data retention). In order to serve our legitimate business interests (ours and third parties).

To give you the opportunity to participate in a draw, a competition or to complete a questionnaire. Conduct promotions (for example, to organise competitions or to send a list of the products you have stored to the email address you indicate). By participating in any promotion, you authorize us to process the personal data you have shared with us depending on the promotion and we may share it through various means such as social networks or the Platform itself. In each promotion you participate in, you will be provided with the terms and conditions where we will provide you with more detailed information about the processing of your data. To circulate photos or images that you have shared publicly on the Platform or through our social media channels, provided that you have given us your explicit consent for this purpose

For marketing purposes; to deliver relevant website content and advertisements to you and to measure and understand the effectiveness of the advertisements we serve or to make suggestions to you about goods or services that may be of interest to you. In this case you may receive personalized offers and benefits, invitations to events, newsletters, personalized information about our products or services through various means (such as email or SMS). We may also provide you with this information via push notifications if you have activated it on your mobile device. Accordingly, please note that this data processing involves analyzing your user or customer profile to determine what your preferences are and, therefore, which products and services are most suited to your style when sending the information to you and based on your purchases and browsing history (i.e. depending on the products you clicked on); we will make suggestions for products that we think may be of interest to you. In any case, you have the right to withdraw your consent at any time and / or object to this processing of your personal data, without any negative consequences for you. Analysis of usability and quality with data analysis tools in order to improve the website, products / services, our relationships with customers and their experiences. If you enter our Platform, we inform you that we will process your browsing data for analysis and statistical purposes, i.e. to understand how users interact with our Platform and thus to be able to introduce improvements to it. In addition, we sometimes conduct quality surveys and actions aimed at knowing the degree of satisfaction of our customers and users and identifying those areas in which we can improve. In order to comply with our legal obligation and the resolution or settlement of legal claims that may arise in our relationship with each other: (i) legal proceedings, requests by legal and governmental authorities, (ii) claims for violation of third party rights by any content, (iii) protection of the rights, property or personal safety of users or the public, (iv) establishment or exercise of our legal rights or defense against legal claims, or (v) as otherwise it is required by law.
To prevent and detect illegal acts. Necessary for our legitimate interests (to protect our business and our visitors and visitors to the website through fraud monitoring and suspicious transaction monitoring). You can contact us if you need clarification on the specific legal reason on which we rely in order to process your personal data.
6. SHARING OF PERSONAL DATA The personal data entered by the user are stored in the NEVRO database. By registering and/or submitting your personal data to our websites, you simultaneously consent to the use of this data in accordance with this Privacy Statement. We use your personal data to respond to your requests. The user’s personal data is not published, is not sold, is not shared. At NEVRO it is part of our philosophy and our basic principle that we will not share your information with third parties for their own independent business or marketing purposes without your consent, as access to the files, which include the data of the data subjects, is limited solely to authorized persons, who have taken the role of processors. When information is transmitted in accordance with the above, we limit the scope of the information disclosed to what is strictly necessary to achieve that purpose. In addition, since some of our activities are carried out by third parties, we strive with contractual guarantees to ensure that the processing of your personal data is carried out in a secure manner and fully compatible with this privacy policy. In particular, and in order to facilitate your shopping settings, we often need to share your personal data with third parties. Service providers and suppliers are third parties who provide services on our behalf and are bound by data processing agreements and are obliged to ensure confidentiality and data protection in accordance with the Personal Data Protection Regulation. Service providers are contractually bound not to use your information in any other way than to help us provide you with the products and services provided by NEVRO. We reserve the right to disclose your personal data to a third party to whom we reserve the right to choose to sell, transfer or merge parts of our business or assets. Alternatively, we reserve the right to acquire or merge with other businesses. In the event that there is a change in our business, the new owners have the right to use your personal data in the same way as set out in this privacy statement.We also reserve the right to disclose your personal data to a third party when you ask us to do so or when we consider it to be required by law.
In order to fulfill the purposes stated in the Privacy Policy, it is necessary to give access to your personal data to legal persons and third parties who provide us with support in the services we offer you and who facilitate the provision of our services to you. and specifically to the following bodies: Financial Institutions Fraud detection and prevention agencies; Technology service providers, Partners and providers of supply, transport and delivery services, Service providers related to customer service or/or any third party that may carry out the processing on our behalf. Partners and service providers related to marketing and advertising. Other third parties with your consent or at your behest. It excludes the making available of data to supervisory, municipal, judicial and prosecutorial authorities, upon their request in order to respond to requests from the government or law enforcement agencies or when this is required by the provisions of applicable law, judicial provisions or state regulations.
6.1 MINORS
As reflected in the Website’s Terms of Use and Cookie Policy, the services provided through the website are addressed to a general audience. NEVRO understands the importance of protecting children’s personal data, especially in an online environment. Our website, products and services are directed exclusively at people who are at least 17 years of age or older.Our policy is to never collect or knowingly keep data about any person under the age of 18, unless this is part of an undertaking to provide professional services, we do not target children and do not knowingly collect personal information from children under the age of 18. If you are under the age of 18, do not use or provide any information on this website or on any or through any of its features, do not register on the website, make no purchase through the website and do not give any information about yourself to us, including your name, address, phone number or email address. However, as it is not always possible to determine the age of the persons who access and use our websites, we advise parents or legal guardians to contact us in case they notice the unauthorized provision of data by minors, so that they can exercise their rights accordingly such as the deletion of their data. 
If we determine that we have collected personal data from a child under the age of 18, we will delete this information unless consent or authorization has been given by the child’s guardian. If you believe that we may have information from or about a child under the age of 18, please contact us.
7. HOW WE STORED AND SECURE THE INFORMATION WE COLLECT – DATA KEEPING How long we keep the information we collect from you depends on the type of information.
The information deemed necessary during your registration, such as first name, surname and email, is retained for the entire period of time that your registration as a user still exists and for as long as required by the nature of the service provided by the Company for the purposes specified in this Privacy Policy, with the express reservation of retention for as long as the relevant legislation determines. Regardless of how we process your data for the period strictly necessary to achieve the respective purpose, we will then keep them duly stored and protected for the period of time during which liability could arise from the processing, in accordance with the applicable legislation. As soon as the limitation period for each claim has elapsed, we will proceed to the deletion of personal data. To determine the appropriate retention period of personal data, we examine the quantity, nature and sensitivity of personal data, the potential risk of harm caused by unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, whether we are able to fulfil these purposes by other means and the applicable legal obligations. In some cases, you have the right to ask us to delete your data: please refer to the section on the deletion request below for more information. In some cases, we reserve the right to anonymize your personal data (so that it cannot be associated with you) for research or statistical purposes and in this case, we reserve the right to use this information indefinitely without further notice.
The period of storage of the data is decided on the basis of the following specific criteria depending on the case: When processing is imposed as an obligation by provisions of the applicable legal framework, your personal data will be stored for as long as required by the relevant provisions. Also, when it is necessary to comply with our legal or regulatory obligations, resolve disputes or strengthen the terms and conditions of use, we may retain some of your data as required, even if the account has been closed or there is no longer any need to provide our services to you. When the processing is carried out for the development, fulfillment and performance of the purchase or service contract, we will process your data for the period of time necessary to manage the purchase of the products or services you have acquired, including any returns, complaints or claims related to the purchase of that product or service. Sometimes, we will only process the data until the moment you decide, as is the case with the payment (card) data you have requested us to store for future purchases. In any case, your personal data are limited to what is strictly necessary for the achievement of these purposes, are accurate and are kept for a period of time determined by the processing purposes, are protected by adequate security measures having already taken all the necessary technical and organizational measures for this purpose and are not transferred to third countries, but to authorized employees of the Company for the sole purpose of providing each service. In order to manage your registration as a user of the Platform, we will process your data for the period of time you remain a registered user (i.e. until you decide to unsubscribe).
Customer Service, we will process your data for as long as necessary to satisfy your request or request. Marketing, we will process your data until you unsubscribe or cancel your subscription to the Newsletter. If you participate in promotions, we will retain your data for a period of 6 months from the end of the action. Usability and quality analysis, we will process your data during the period during which we take an action or a specific quality survey or until we anonymize your browsing data. We will also keep your account data for as long as you keep it and you have not requested its deletion. If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce terms and conditions, we may retain some of your information as required even after your account has expired or we no longer need to provide you with our services.
8. WHAT ARE YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA
We are committed to maintaining the confidentiality of your personal data and ensuring that you can exercise your rights. The user has the ability at any time to update, change or delete any of his data that is registered on our website with a simple notification / request through the e-mail which he/she stated during his/her registration. Any request of the person/subject is submitted to NEVRO at the e-mail address: info@nevroblazer.com NEVRO will respond free of charge to your request, without delay and in any case within one month of receipt of the request, except in exceptional cases, in which case the above deadline may be extended by two more months, if required, taking into account the complexity of the request or the number of requests. In the event that the satisfaction of your request is impossible, NEVRO will inform you within one month of receipt of the request, of the reasons for this and of the possibility to lodge a complaint with the Personal Data Protection Authority, as well as of your right to appeal before the competent judicial authorities. If your request is found by NEVRO to be manifestly unfounded or excessive, nevro may impose a reasonable and proportionate fee, taking into account the administrative costs for its satisfaction, or refuse to follow up your request. Details of the Protection Officer: For any request related to the processing of personal data of your data, as above, please contact the Data Protection Officer (DPO) of ΝEVRO: Name: Despina Koutsouflianou Telephone: 6973044946 Email: despina.koutsouflianou@gmail.com Website: www.pandektis.com Postal Address: Korai 8 str , NAOUSA GREECE
Any natural person whose data is processed by NEVRO enjoys the following rights in accordance with the Regulation relating to your personal data that we have stored at any time, in accordance with the applicable legislation and free of charge. 1. Right to transparent information on the exercise of your rights (Art. 12, 13, 14 GDPR), 2. Right of access: (Article 15 gdpr) You have the right to be aware of and verify the lawfulness of the processing. Thus, you have the right to access the data and receive additional information about their processing. You have the right to know and confirm that the processing of your data is carried out in a lawful manner. If you have submitted personal data to our company, in most cases you have the right of reasonable access to this data in order to correct any inaccuracies. You may also request the modification or removal of information about you by contacting the NEVROBLAZER.COM and we will make all reasonable and practical efforts to satisfy your request, as long as this is in accordance with applicable law and professional standards. 3. Right to rectification: (Article 16 GDPR) You have the right to correct, update or modify your personal data or by contacting our company at the above contact details in contact with the Data Protection Officer (DPO) at the above contact details. 4. Right to erasure: (Article 17 GDPR). You have the right to request the erasure of your personal data in any case but we note that this right is subject to certain limitations. You can do this in order to protect your legitimate interests or even without justification. In cases such as, indicatively, when there is a contract, an obligation to process personal data imposed by law, public interest, etc., this right is subject to specific restrictions or does not exist depending on the case.5. Right to restriction of processing: (Article 18 GDPR). You have the right to request a restriction of the processing of your personal data in the following cases: (a) when you question the accuracy of the personal data and until it is verified, (b) when you object to the deletion of personal data and request instead of deletion the restriction of their use, (c) when the personal data are not needed for the purposes of processing, but they are necessary for you to establish themselves, exercise, support of legal claims, and (d) when you object to the processing and until it is verified that there are legitimate reasons that concern us and outweigh the reasons for which you object to the processing. 6. Right to object to processing: (Article 21 GDPR). You have the right to object at any time to the processing of your personal data in cases where, as described above, this is necessary for the purposes of legitimate interests that we pursue as controllers, as well as to the processing for the purpose of direct marketing and consumer profiling. 7. Right to Portability: You have the right to receive free of charge your personal data in a form that will allow you to access, use and process them with the commonly used processing methods. You also have the right to ask us, if technically feasible, to transfer the data directly to another controller or third party.We will provide you, or a third party you indicate, with your personal data in a structured, common machine-readable format. This right only applies to automated information for which you have given your consent to use that in cases where we have used the information to enter into a contract with you.
8. Right to withdraw your consent: (Article 7 gdpr). Right to withdraw your consent already given, i.e. to withdraw your consent freely at any time. The lawfulness of the processing of your data is not affected by the withdrawal of consent up to the time you requested the withdrawal. In order to withdraw your consent, please contact the Data Protection Officer (NEVROBLAZER’s DPO) at the above contact details. 9. Right to complain: In case it is proved that your personal data has been leaked by NEVRO resulting in material or non-material damage, you have the right to complain to the competent supervisory authority (Personal Data Protection Authority, www.dpa.gr, 1-3 Kifissias Avenue, 115 23, P.C. 115 23, Athens, +30 210 6475600, +30 210 6475628, contact@dpa.gr) To exercise the above rights or if you have questions about the privacy policy or if you need help exercising or understanding the privacy options, please contact us at the e-mail address: ………. or write to us at: ……
9. SECURITY AND INTEGRITY OF PERSONAL DATA
NEVRO is in constant alignment and compliance with the terms of the General Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of data and makes every effort to comply with it. We want to keep your personal data secure, so we have implemented appropriate security measures to prevent accidental loss, use or access in an unauthorized manner, modification or sharing, using procedural and technical safeguards, including password checks and the “firewall”. We also ensure that only individuals associated with the business can access your data, including employees, agents, suppliers and other third parties. They will only process your personal data in accordance with our instructions and are subject to a duty of confidentiality. Takes all necessary technical and organizational measures appropriate for the security and integrity of personal data to ensure an adequate and adequate level of security appropriate to address the risks to prevent accidental loss, misuse or destruction and unauthorized and/or illegal access to, disclosure, use, modification or disclosure of it and to provide the best possible protection of the data stored and preventing malicious interception and leaks. For this purpose, all electronic monetary transactions carried out on our website are protected by our encryption technology. We store all the personal data you provide on the secure (password-protected and firewall) servers but although we will do our best to protect your personal data we cannot guarantee the absolute security of the data that is handled over the internet and therefore you are responsible for keeping the password you use confidential, we will not ask you for your password until you log in to our website. Besides, within our capabilities, access to your personal data is limited to those who need to be informed of them. To this end, if any visitor/user is aware of any illegal, malicious, inappropriate or unfair use of personal data, he/she undertakes the obligation to notify the fact directly to the company.
10. CHANGES TO THE PRIVACY POLICY
NEVRO may unilaterally amend this Privacy Statement in order to respond to applicable personal data protection practices and to reflect changes in accordance with applicable law or for operational purposes. When we make changes to this statement, we will update the “update date” at the bottom of this page. Please refer to this Policy at regular intervals in order to check the Date of Application of this Policy in order to be informed about how NEVRO protects your data. Any revision will be implemented as soon as we post the revised Policy. If there are material changes to this Policy or our information practices change in the future, we will notify you by making public the changes to our website.If we make material changes to this Policy that extend our rights to use the personal data that we have already collected from you, we will inform you and provide you with an option for the future use of this data. If we want to use your personal data in a way that we have not previously specified and for a different purpose, we will contact you to inform you about how the law allows us to do this and, if necessary, ask for your consent. The revised privacy statement will take effect from the date of its publication/posting on our company’s website.

11. THIRD PARTY WEBSITE LINKS
Our website may include links to third-party websites, distinct microsite websites, add-ons and applications. We may provide links to a number of other websites that we believe may offer you useful information and services. However, these sites may not follow the same privacy policies. If you select or enable these links you grant the right to third parties to collect or share data about you.Once you use these links to leave our website, we recommend that you read the privacy notice of each website you visit. We do not control third-party websites and such websites are not governed by this privacy statement, and we are not responsible for their privacy statements. In the case of additional services provided to you by third parties through the booking process, you should be aware that NEVRO may be the processor on behalf of these third parties. Therefore, whenever you use these links or microsite or when you leave our website, we recommend that you read the privacy statement of these third parties
11A. COUNTRIES THAT HAVE ACCESS TO YOUR INFORMATION
Our servers, which store and protect your information, are located within the European Economic Area (EEA). Whenever we transfer your personal data outside the EEA, we ensure a similar degree of protection for them by ensuring that one of the following protection measures is implemented: We will only transfer your personal data to countries where the European Commission deems that they provide an adequate level of protection for personal data. For more information, see the European Commission: Adequacy of personal data protection in non-EU countries. Where we use certain service providers, we reserve the right to use specific contracts approved by the European Union, which provide personal data with the same protection as they have in Europe. For more information, see the European Commission: Model contracts for the transfer of personal data to third countries. Where we use providers based in the United States of America, we reserve the right to transfer data to them if they participate in the Privacy Shield which requires them to provide similar protection for personal data shared between Europe and the US. For more information, see the European Commission: EU-US Privacy Shield. Please contact us for any clarification on the specific mechanism used by us when transferring your personal data outside the European Economic Area.
12.WHAT HAPPENS WHEN YOU GIVE US THE DATA OF THIRD PARTIES
We offer features or services that require us to process the personal data of a third party that you provide to us, such as in the case of activating and sending the Gift Cheque or managing the request for a Gift Cheque. If you provide us with personal data of third parties, you warrant that you have informed them of the purposes and manner in which we should process their personal data.
13.COOKIES, WEB BEACONS AND OTHER SIMILAR TECHNOLOGIES
Our website uses “cookie” and “webbeacon” technologies. We use cookies and webbeacons to be able to distinguish you from other visitors, to record your IP address and how you use our website, and to identify the website from which you logged in to our own website. This information is used to fulfill our obligations as defined by contracts with our business partners, but also to help us provide you with a better service by improving the design of our website, as well as our products, services and promotions. In no other way do we record information about how you use other websites. Non-personal data or anonymized/pseudonymised information obtained through cookies and webbeacons may be shared or received by service providers on our behalf. A cookie is a small data file that is placed on your computer’s hard drive when you visit a website. A “session cookie” expires as soon as you complete your session (i.e. when you close your browser). A “persistent cookie” stores information on the hard drive so that when you complete the session and return to the same website at a later time, the cookie information is still available. A webbeacon is a small piece of code that represents a clear graphical image and is used in conjunction with a cookie.
When you visit our website, we reserve the right to use both a session cookie and a persistent cookie. This nevro cookie may contain information (such as a unique user ID) used to record your use of our website and in some cases to record your email address. Your email address is only stored in this cookie. Webbeacon enables us to record specific types of information about actions taken when visiting a website, such as a visitor’s cookie number, the time, date, duration and number of page views, a description of the page on which the webbeacon is placed, and the details of products or services purchased by the user. We may also use Flash cookies (Locally Stored Objects) or other similar technologies. A Flash cookie is a small data file that is placed on a computer through Adobe Flash technology that may already have been installed on your computer or uploaded by you to your computer. We use these technologies to personalize and enrich your experience on our website, to facilitate processes, to personalize and store your settings. Flash cookies can help visitors to our website set, for example, their preferences regarding the upload size of a video file. They help us improve our websites by calculating which points are of most interest to customers. We do not use Flash cookies for promotions or behavioral advertising. Flash cookies differ from your browser cookies and the cookie management tools provided by your browser do not remove Flash cookies. If you disable Flash cookies or other similar technologies, it is possible that you may not have access to certain features and services that make your experience on the website more efficient and enjoyable. You have the option to disable cookies at any time through your browser options, but if you do, we will not be able to record your purchases or allow you to make a purchase from our website. In addition, we will not be able to identify you as a registered user so that you can access your account information.
14.RIGHT TO COMPLAIN TO THE DPA
Furthermore, we inform you that you reserve the right to lodge a complaint at any time with the supervisory authority of your country regarding data protection issues. In Greece, this authority is the Hellenic Data Protection Authority and for the competence of the Authority and how to lodge a complaint, you can visit its website (www.dpa.gr). We would, however, appreciate if we were given the opportunity to jointly manage your concerns before approaching the data protection authority and therefore please contact us initially, using the contact details mentioned above.
15. REQUEST
To help you get the most out of the NEVRO experience it is important that your personal data is accurate and up-to-date. We hereby ask you to inform us in case your personal data changes during your relationship with us. We reserve the right to request certain information from you in order to confirm your identity and to ensure your right to access your personal data (or to exercise any of your other rights). This is a protection measure that ensures that personal data are not disclosed to any person who has no right to receive them. We also reserve the right to contact you for more information about your request in order to reduce the response time. For any clarification regarding this privacy statement, including any request to exercise your legal rights, please contact us at the above details