Physio Supply logo Physio Supply

Privacy Policy

Last updated: March 8, 2026

1. How We Operate

Welcome to Physio Supply. We operate as an e-shop specializing in physiotherapy equipment and rehabilitation products. Our website provides a platform for browsing and purchasing professional-grade equipment. We are committed to protecting your privacy and ensuring the security of your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Greek laws.

2. Collection & Processing of Personal Data

We collect and process personal data only when necessary for the provision of our services. The processing is based on the following legal grounds:

  • Contractual Performance: Processing needed to fulfill your orders and manage your account.
  • Legal Obligation: Compliance with tax and other legal requirements.
  • Consent: When you have explicitly agreed to processing (e.g., newsletters).
  • Legitimate Interest: For security, fraud prevention, and improving our services.

3. Data Controller

The Data Controller responsible for the processing of your personal data is Physio Supply.

Phone:+30 6944343731

Email: physio.supply.volos@gmail.com

4. Consent

By using our website and services, you consent to the collection and use of your information as described in this policy. Where specific consent is required (e.g., for marketing emails), we will ask for it explicitly. You have the right to withdraw your consent at any time by contacting us.

5. Types of Data Collected

We may collect the following categories of personal data:

  • Identification Data: Name, surname.
  • Contact Data: Email address, phone number, shipping and billing address.
  • Registration Data: Username, password (encrypted), and purchase history.
  • Payment Data: Payment method details (Note: We do not store full credit card numbers; these are processed securely by our payment providers).
  • Technical Data: IP address, browser type, and device information collected via cookies.

6. Purpose of Processing

Your data is used for:

  • Processing and delivering your orders.
  • Managing your user account and customer service inquiries.
  • Sending order confirmations and shipping updates.
  • Marketing communications (only if you have opted in).
  • Ensuring website security and preventing fraud.
  • Complying with tax and legal obligations.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Order Data: Retained as required by tax laws (typically 5-10 years).
  • Account Data: Retained until you request account deletion.
  • Marketing Data: Retained until you withdraw your consent.

8. Your GDPR Rights

Under the GDPR, you have the following rights:

  • Right to Access: You can request a copy of the data we hold about you.
  • Right to Rectification: You can ask us to correct inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): You can request that we delete your data, subject to legal retention obligations.
  • Right to Restriction: You can ask us to limit how we use your data.
  • Right to Portability: You can request your data in a structured, machine-readable format.
  • Right to Object: You can object to the processing of your data for specific purposes.

9. Exercising Your Rights

To exercise any of your rights, please contact us via email at physio.supply.volos@gmail.com or by phone at +30 6944343731. We will respond to your request within 30 days.

10. Data Protection Officer (DPO)

For any concerns regarding your data privacy, you may contact our designated Data Protection Officer at the contact details provided above.

11. Security Measures

We take the security of your data seriously. We implement appropriate technical and organizational measures, including:

  • SSL encryption for data transmission.
  • Secure servers and firewalls.
  • Access controls to limit data access to authorized personnel only.
  • Regular security assessments.

12. Breach Notification

In the unlikely event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, in accordance with GDPR requirements.

13. Registration Data

When you register for an account, you are responsible for maintaining the confidentiality of your password. We recommend using a strong password and not sharing it with others. You are responsible for all activities that occur under your account.

14. Cookie Policy

Our website uses cookies to enhance your browsing experience.

  • Necessary Cookies: Essential for the website to function (e.g., shopping cart).
  • Analytics Cookies: Help us understand how visitors use our site (e.g., Google Analytics).
  • Marketing Cookies: Used to track visitors across websites to display relevant ads.

You can control and manage cookies through your browser settings. Blocking certain cookies may impact the functionality of the website.

15. Returns & Refunds

We want you to be completely satisfied with your purchase.

  • Right of Withdrawal: You have the right to withdraw from your purchase within 14 days of receipt without giving any reason. The product must be returned in its original condition.
  • Defective Products: If you receive a defective product, please contact us immediately for a replacement or refund.
  • Refund Process: Refunds are processed within 14 days of receiving the returned items, using the original payment method.

For detailed instructions on returns, please contact our customer support.