Last updated: 28 Feb 2026
At PANINO, we respect your privacy and handle your personal data with transparency, security, and restraint. This Policy explains what data we collect, why we need it, and what rights you have.
1) Who is the Data Controller
The data controller is Panino Café & Snacks, Eth. Antistaseos 1, Ierapetra 722 00.
Contact: info@paninocafe.com | Tel.: +30 2842 026120
2) What data we may collect
Depending on how you use the website, we may collect:
- Contact details you provide (e.g., name, email, message via a form).
- Technical data (e.g., IP address, device/browser type, basic usage information).
- Cookie data (see “Cookies” section).
We do not seek to collect sensitive data and we kindly ask you not to include it in messages/forms.
3) What we use it for
We use data only when there is a clear purpose, such as:
- To respond to an inquiry/message.
- To ensure the website functions properly (security, prevention of malicious activity, technical support).
- To improve the user experience (e.g., traffic analysis, where applicable).
- To comply with legal obligations when required.
4) Legal basis for processing
Processing is carried out, as applicable, based on:
- Your consent (e.g., non-essential cookies),
- Performing your request (e.g., responding to a message),
- Our legitimate interest (e.g., website security),
- A legal obligation (where applicable).
5) Cookies
The website may use cookies:
- Necessary: for basic functionality/security.
- Statistics/Analytics (optional): to understand how the site is used and improve it.
- Functional (optional): to remember preferences.
You can manage cookies via your browser settings or via the Change cookie settings option at the bottom of the page (if available).
6) Disclosure to third parties
We do not sell or “rent” your data. We may share limited data only:
- With hosting/technical support providers (hosting, security),
- With analytics tools (e.g., analytics), only if used and with appropriate settings,
- When required by law or a competent authority.
These providers act as data processors and are bound by contractual data-protection obligations.
7) Retention period
We keep data only for as long as necessary:
- Contact messages: typically up to 12 months (unless otherwise required).
- Technical logs: for a reasonable period for security/diagnostics.
- Cookies: according to their type and your settings.
8) Security
We take technical and organizational measures to protect data (e.g., restricted access, updates, infrastructure security). No system can guarantee 100% security, but we apply practices that substantially reduce risk.
9) Your rights
You have the right to:
- Access your data,
- Rectification,
- Erasure (“right to be forgotten”), where applicable,
- Restriction of processing or objection,
- Data portability, where applicable,
- Withdraw consent (without retroactive effect).
For requests, contact: info@paninocafe.com.
You also have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA).
10) Links to third-party websites
Our site may include links to third-party services (e.g., delivery platforms). This Policy does not cover their practices—please review their own privacy policies.
11) Changes to this policy
We may update this Policy when needed. The “Last updated” date at the top shows when the most recent change was made.
