Company
News
E-Cert
Competitions
Career
Xalkiadakis Logo
Xalkiadakis Logo
Hot Suggestions Flyer Cretan Products Seasonal Stores
Privacy Policy

Privacy Policy

PRIVACY & COOKIES POLICY

  1. GENERAL

These terms govern the use of the online store xalkiadakis.gr (hereinafter the “e-shop”) of the company “Xalkiadakis S.A.” (hereinafter the “Company”).

The online store uses an SSL security protocol with RSA encryption (4096 bits) for the secure transmission of your data.

  1. COLLECTION AND PROCESSING OF PERSONAL DATA

The Company complies with the applicable legislation on the protection of personal data, in particular the General Data Protection Regulation (EU 2016/679 – GDPR), and applies all appropriate technical and organisational measures to protect personal data from unauthorised access, use, alteration or loss. For the ongoing protection of data, the technical security measures are regularly monitored and adjusted according to needs and technological developments.

The processing of personal data is carried out in accordance with the applicable lawful basis under Article 6 of the GDPR, including in particular the performance of the sales contract, compliance with a legal obligation, the legitimate interest of the Company or, where required, following the explicit consent of the user.

The personal data collected when placing an order may include:

  • Full name
  • Billing address
  • Delivery address
  • Telephone number
  • E-mail address
  • Purchase history
  • Order frequency
  • Participation in promotional activities

Retention period

The Company, as Data Controller, retains personal data only for as long as is required for the fulfilment of the processing purposes, the performance of the sales contract, customer service and compliance with its tax, accounting and other legal obligations.

  1. COOKIES POLICY AND TRACKING TECHNOLOGIES

When browsing our e-shop and provided that you give us your explicit consent through the cookie management mechanism (CookieTrust), we use cookies and third-party technologies for:

  • analysing traffic,
  • improving the user experience,
  • measuring the effectiveness of our advertisements,
  • displaying personalised advertisements.

Google Analytics & Google Ads

These are used to collect statistical information regarding the use of the website and to display personalised advertisements (remarketing) on the Google network.

Meta (Facebook) Pixel & TikTok Pixel

These are used to understand users’ interaction with the e-shop, to measure the effectiveness of advertising campaigns and to display relevant advertisements.

Microsoft Clarity

We use Microsoft Clarity to understand how the website is used through behavioural metrics, heatmaps and session recordings, with the aim of improving functionality and user experience, in accordance with Microsoft’s Privacy Policy.

The user may at any time accept, reject or modify their cookie preferences through the website’s cookie management mechanism.

3.1 Advanced Measurement, Enhanced Conversions and Server-Side Tracking

For the safer management of data and the more accurate measurement of the effectiveness of our advertisements, we use server-side tracking technologies.

Where the relevant consent has been provided for advertising purposes, the Google Enhanced Conversions and Meta Advanced Matching features are also used.

In this context, certain first-party data, such as the e-mail address or telephone number provided when completing an order, are converted into encrypted form (SHA-256 hashing) before being securely transmitted to the respective platforms exclusively for the purposes of measurement and conversion matching.

  1. DATA DISCLOSURE AND PROCESSORS

Personal data are not sold or disclosed to unauthorised third parties.

They are disclosed only to partners acting on behalf of the Company as Processors, who are contractually bound to maintain confidentiality and comply with the applicable personal data protection legislation.

In particular:

More Digital processes data relating to the performance of advertising activities and analytics,

Apifon provides services for sending newsletters, SMS and Viber messages,

the providers Google, Meta, TikTok and Microsoft process data in the context of analytics, advertising and measurement services, in accordance with their respective privacy policies.

In the event of a transfer of personal data outside the European Economic Area, the Company ensures that appropriate safeguards are applied in accordance with Articles 44 et seq. of the GDPR.

  1. NEWSLETTERS AND PROMOTIONAL COMMUNICATION

The Company sends newsletters and promotional messages (e-mail, SMS or Viber) regarding products, services and offers.

For this purpose, the e-mail address and mobile phone number that you provide are collected and retained:

  • when you subscribe to the newsletter,
  • when you complete a purchase from the e-shop,
  • when you register for the Xtra Card loyalty programme.

The sending of informational messages is carried out in accordance with the applicable legislation and, where required, following your consent or in accordance with the conditions of Law 3471/2006 regarding an existing customer relationship.

The Apifon platform is used for the management and sending of communications and acts as Processor on behalf of the Company.

You may at any time withdraw your consent or unsubscribe from the recipients list through the unsubscribe link included in each newsletter e-mail or by contacting the Data Protection Officer.

  1. RIGHTS OF DATA SUBJECTS

You have the right to:

  • access your personal data,
  • rectify inaccurate data,
  • erasure,
  • restriction of processing,
  • data portability,
  • object to processing,
  • withdraw your consent at any time, where the processing is based on consent.

To exercise your rights, you may contact the Company’s Data Protection Officer:

Postal address:
Chalkiadakis S.A.
1st km of the Gazi – Krousonas Provincial Road
P.C. 71005

E-mail address:
dpo@xalkiadakis.gr

You also have the right to lodge a complaint with the Hellenic Data Protection Authority (www.dpa.gr), if you consider that the processing of your personal data violates the applicable legislation.

  1. APPLICABLE LAW

For any matter not expressly regulated by this Policy, the provisions of Regulation (EU) 2016/679 (GDPR), Law 4624/2019, Law 3471/2006, as well as the applicable decisions and guidelines of the Hellenic Data Protection Authority, shall apply.

CCTV System Protection Policy

See here the detailed CCTV system protection policy.

Cart

Your cart is empty

Subtotal: 0€
Edit Cart Complete Order
Company
Corporate Responsibility
Help
Useful
Contact
2810824140 Send Email Stores Send CV
41 Stores
XALKIADAKIS S.A.
G.E.MH No: 77088727000
© 2026 All Rights Reserved
Terms and Conditions Privacy Policy Code of Conduct

© 2026 Chalkiadakis all rights reserved

Developed by Beupset
Guru Logo