Delivery throughout Greece 

Free shipping for all orders over €25 within Athens

Biologiko Xorio - logo

Privacy Policy

Privacy Policy

Biologiko Χorio SA, VAT 800847213, address  Grigoriou Lampraki 83, PC 16674, GLYFADA, tel. +30 2104446490 (hereinafter for reasons of brevity called "Data Controller" or the Company).

 

This Privacy Policy is in conformity with REGULATION OF THE EUROPEAN UNION 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data, also known as General Data Protection Regulation or GDPR.

 

According to article 13 of the above mentioned Regulation of the European Union (Regulation 2016/679) the Biologiko Χorio SA would like to inform you of the following:

 

Dear visitor,

 

Our Company "BIOLOGIKO XORIO SA" thank you for choosing our website (hereinafter referred to as "the Website" for reasons of brevity) and invites you to pay attention to the following information - update (hereinafter referred to as "Information").

 

This information contains a description of all the processing (on personal data) performed by the " Data Controller " during your navigation on this site as well as during your communication (by telephone or in writing) with the Data Controller. At this point we would like to clarify that this information relates to your navigation on this site with the exception of any redirects (to third party sites) that may be made.

 

Information

A. Details of the Data Controller

 

The Data Controller is the company BIOLOGIKO XORIO SA, VAT 800847213, Grigoriou Lambraki Street and no. 83, PC 16674, Glyfada (hereinafter referred to as " Data Controller ").

 

The "Data Controller" has also designated a Personal Data Protection Officer (hereinafter referred to as "DPO or DPO"), with whom you can contact directly for the exercise of part or all of the all your rights, as well as receive any information regarding the processing of your personal data. You can also contact the "DPO" for additional information and / or clarifications related to this information.

 

For your convenience, the following are the contact details of the Personal Data Protection Officer:

 

 

Contact details

 

Name: Stefanos

Email: [email protected]

Last name: Andriakopoulos

 

B. Personal data we process.

 

B1. Navigation data.

 

While browsing this site, the navigation software or browser may collect some data that is necessary for the smooth operation of the site.

 

The collection of the above data is not used for their association with identifiable or identified third parties.

 

This category of data includes the IP addresses or domain names of computers used by users logged in to the site, the URI (Uniform Resource Identifier) ​​addresses of the requested resources, the time of the request, the method used to the request to the server, the size of the file received in response, the numeric code indicating the response status of the server (successful, error, etc.) and other parameters related to the operating system and the computer environment of the user.

 

It is important for us to emphasize that the data described above is used only to obtain anonymous statistical information about the use of the Website as well as to check its proper functioning.

 

The only exception to this rule is the case where the data could be used to clarify crimes (cybercrime) against the Website and any transfer will be completed only upon the order of Justice.

 

B2. Data provided voluntarily by the visitor (otherwise called "Data Subject") of the Website.

 

The Data Controller processes the following personal data provided by you by completing the Data input forms of the Website:

 

Personal data such as: name, surname, phone number, email address.

 

In addition, the Controller may process any other type of personal data that the Data Subject may include in an email exchange with the former.

 

B3. Data collected during your telephone communication with the Company

The Data Controller processes personal data provided by you during your telephone communication with our online store. Specifically, your calls to our Company’s customer service department are recorded and retained in accordance with this Policy. If you do not agree to the recording of your call, you may choose alternative means of communication with our Company.

 

C. Purpose of processing your personal data and its legal basis.

All personal data you provide (in your capacity as a Data Subject) by completing the various forms on this website is processed by the Controller for the following purposes:

 

C1. Collection, storage, and use of data collected when ordering products through our online store or by telephone

 

a. Purpose of Processing: Management and execution of your order, cross payment, issuance of invoices and generally processing your order and informing the consumer about its progress. Recording your call when ordering products has the additional purpose of providing proof of the transaction.


b. Provision of personal data is a requirement for the performance of your contract, and your failure to provide such data prevents the conclusion and performance of your contract with the Company.


c. Legal basis for processing your personal data: The processing is necessary for the performance of a contract to which the data subject (customer – consumer) is a party, or in order to take steps at the request of the data subject prior to entering into a contract (Article 6(1)(b) GDPR).


d. Data retention period: For as long as required by tax legislation. Recorded telephone conversations are retained for six months, unless there is another legal basis for further processing and retention (e.g., legal claims of the Company arising from contract or law).

C2. Processing: Storage and use of Data collected via telephone, mail, e-mail, and any other form of communication with the Company

 

a. Purpose of Processing: Your data is processed for the purpose of communicating between us and in order to respond to/fulfill/manage your requests, resolve issues, answer questions and complaints, provide information, advisory support, inform on product availability, etc. The recording of your calls to our customer service department for inquiries regarding orders, submitting requests, questions, etc., also serves the additional purpose of providing proof of professional communication.

 

b. Provision of personal data is mandatory in order for us to serve you. Refusal to provide such data prevents communication and processing of your requests.

 

c. Legal basis: The processing is necessary for the purposes of the legitimate interests pursued by the Data Controller (customer service), pursuant to Article 6(1)(f) of the GDPR.

 

d. Data retention period: We retain the personal data collected through any form of non-public communication with the Company for a period of one year following the conclusion of our communication. In particular, your recorded calls to the Company are retained for a period of six months, unless there is another legal basis for further retention (e.g., legal claims of the Company arising from contract or law).

C3. Marketing activity (commercial announcements) in products and services that can be offered by the Controller.

 

  1. The Controller intends to process your personal data in order to send you commercial announcements for products and services offered by the Controller himself. In addition, pursuant to Article 28 of the GDPR, the Controller may designate third parties as Controllers to serve the purpose set out in this Paragraph (paragraph C1). Summarizing, the purpose of the processing of your personal data as presented in Section C1, is the sending of advertising material, promotion and sale of products, promotions of our company, offers in products and / or services, as well as market research or research and / or commercial announcements.
  2. The nature of the provision of personal data to serve the purpose described in paragraph C1 is "Optional". In case you refuse the above data provision, it will be impossible for the Controller to send promotional and marketing messages.
  3. The legal basis for the processing of your personal data to serve the purpose (as presented in Paragraph C1) is your explicit "Consent".
  4. Period of retention of your personal data for the purpose of service as set forth in Section C1: Your personal data will be processed for the purpose of service (as set forth in Section C1) until you decide to oppose its processing otherwise by time point where you will withdraw your consent.

 

C4. Providing clarifications on products and services that can be offered by the Controller.

  1. The Controller intends to process your personal data in order to provide you with clarifications regarding products and services that it may offer you.

 

In addition, pursuant to Article 28 of the GDPR, the Controller may designate third parties as Performers of the Processing to serve the purpose set forth in this Paragraph (paragraph C2).

  1. The nature of the provision of personal data to serve the purpose described in paragraph C2 is "Optional". In case you refuse the above data provision, it will be impossible for the Controller to send clarifications regarding products and services that he may offer you.
  2. The legal basis for the processing of your personal data to serve the purpose (as presented in Section C2) is your explicit "Consent"
  3. Period of retention of your personal data for the purpose of service as set forth in Section C2: Your personal data will be processed for the purpose of service (as set forth in Section C2) until you decide to oppose its processing otherwise by time point where you will withdraw your consent.

 

D. Informing the Controller regarding Article 32 of the GDPR

 

The Data Controller may process your personal data always respecting the National and EU (EU Regulations, EU Directives, etc.) legislation and to serve the purposes presented in this information using paper, electronically by telematics, and in any other case, by appropriate methods to ensure security and confidentiality in accordance with the provisions of Article 32 of the GDPR.

 

E. Recipients of your Personal Data

 

For the purposes described in paragraph C above, your personal data will be made available to the Data Processors, who will act as authorized entities to process your personal data (hosting/ courier services).

 

We emphasize that you reserve the right to revoke your consent whenever you choose. In the special case that you do so (i.e. withdraw your consent) it will be impossible for the Controller to continue to use your personal data for the purpose for which you withdrew your consent.

 

Finally, we inform you that your personal data will not be transmitted to potential third-party recipients outside the European Union and will not be disseminated. An exception to this rule is your use of your right to the privacy of your personal data and under the strict condition that the Controller may terminate your request.

 

F. Minor Website Visitor.

 

This Website is for adults only. The Controller does not process personal data of persons under 16 years of age. Data Subjects over the age of 16 and under the age of 18 require the consent of the parent's parent for processing.

 

If the Guest declares that he / she is under 16 years old, the field related to the collection of consent will not be accessible.

 

G. Rights reserved by the Visitor (otherwise "Data Subject") of the Website

 

In relation to the processing purposes described in this information and in paragraph C thereof, as a Data Subject, you will be able, as provided by the GDPR, to exercise the rights set out in Articles 15 to 21 of the above Regulation. Ε. Your rights are presented in more detail below:

 

a. Article 15 GDPR "RIGHT OF ACCESS"

 

The above-mentioned article gives you the right to receive confirmation as to whether the Controller has processed or is in the process of processing personal data concerning you and the right to obtain a copy of your personal data undergoing processing.

 

b. Article 16 GDPR "RIGHT TO CORRECTION"

 

The above-mentioned article gives you the right to proceed, without undue delay on the part of the Controller, to correct inaccurate personal data concerning you and / or to fill in incomplete personal data.

 

c. Article 17 GDPR "REMOVAL RIGHT (RIGHT TO FORGET)"

 

The above-mentioned article gives you the right to demand, without undue delay on the part of the Controller, the deletion of personal data concerning you, when (indicatively):

  • Data is no longer necessary for the purposes for which it was collected
  • You have withdrawn your consent and there is no other legal basis for processing.
  • You have successfully objected to the processing of your personal data.
  • The data was processed illegally
  • Data must be deleted in order to fulfill a legal obligation

 

It is emphasized that the Controller may refuse to delete the data to the extent that the processing is necessary to fulfill a legal obligation.

 

d. Article 18 GDPR "Article 18 GDPR"

 

The above-mentioned article gives you the right to limit the processing, when (indicatively):

  • Question the accuracy of your personal data
  • Processing is illegal and you do not exercise your right to delete your personal data but instead exercise your right to restrict their use

 

e. Article 20 GDPR "RIGHT TO DATA PORTABILITY"

 

The above-mentioned article gives you the right to request to the Data Controller the transfer of your personal data directly to another data controller, if this is technically possible.

 

f. Article 21 GDPR "RIGHT TO OBJECT"

 

The above-mentioned article gives you the right to oppose at any time the processing of your personal data in order to defend your legal interest, provided that there is no legal reason for the Controller to continue processing the overriding interests of the rights and freedoms of the Data Subject.

 

All your rights can be exercised, against the Controller, by contacting the information provided above (see Paragraph A). The Controller will terminate your request, without undue delay, and in any case no later than one month after the submission of the application for entitlement.

 

The exercise of your rights as a Data Subject is free under Article 12 of the GDPR.

 

In addition, we inform you that the Controller may request further information to confirm the identity of the interested party.

 

Finally, we inform you that you always reserve the right to submit a complaint to the Personal Data Protection Authority either in writing (1-3 Kifissias, PC 115 23) or electronically (www.dpa.gr). According to the website www.dpa.gr, before submitting the complaint, you should contact the controller, e.g. exercising the rights provided for in Articles 15 to 22 of the ICCPR, where applicable. In cases where the controller has designated a Data Protection Officer (DPO) you can contact him or her for any issues related to the processing of your personal data and the exercise of your rights. DPO details are usually posted on the webmaster's website. If the issue is not resolved, you can file a complaint with the Authority.

 

H. Amendment to the Privacy Policy

 

This Privacy Policy takes effect from 17/9/2021. We may modify this Privacy Policy if required by law and / or technological development. In case of modification, we will post the revised version here and change the "last updated date" at the end of the policy. You should check this regularly to stay up to date with the latest policy updates. Use of the services of this website implies the unconditional acceptance of the terms of the privacy policy.

 

Date of Last Update: 16/7/2025

 

Close
vegan
Vegan

The product is suitable for those who follow the rules of veganism.

cruelty_free
Cruelty Free

The raw materials of the product are not tested on animals.

ducan_diet
Dukan Diet

The product is suitable for those who follow the rules of the Dukan diet.

fortified
Fortified

The product has ingredients that give energy, endurance and well-being.

high_fibre
High Fibre

The product contains at least 6g of fibre per 100g or at least 3g of fibre per 100kcal.

high_protein
High Protein

20% of the energy value of the product is provided by protein.

keto_diet
Keto Diet

The product is suitable for those who follow the rules of the Keto diet.

non_organic
Non Organic

The product is conventional with added value.

parabens_free
Paraben Free

The product does not contain parabens (esters that act as preservatives).

vegetarian
Vegetarian

The product is suitable for those who follow the rules of vegetarianism.

organic
Organic

The product is produced according to the rules of organic agriculture-farming.

pop
PDO

The product is a Protected Designation of Origin product and is produced in a recognized geographical area, which is responsi- ble for its characteristics and quality.

low_salt
Low Salt

The product does not contain more than 0.3g of salt per 100g or per 100ml of product.

salt_free
Salt Free

The product does not contain more than 0.0125g of salt per 100g or per 100ml of product

gluten_free
Gluten Free

The product contains less than 20ppm gluten and is suitable for those with celiac disease (gluten enteropathy).

lactose_free
Lactose Free

The product does not contain lactose and is suitable for those who are lactose intolerant.

no_sugar_added
No Sugar Added

The product has no added sugar and the sugars come from sweeteners and/or from the natural sugars of its raw materials.

sugar_free
Sugar Free

The product does not contain more than 0.5g of sugars per 100g or 100ml of product.