PRIVACY POLICY
Yasu Hellas S.A. — Last updated: 04-02-2026
1. Who we are
“Yasu Hellas Société Anonyme” (“Yasu”, “we”) is the data controller of your personal data under Regulation (EU) 2016/679 (GDPR) and Greek Law 4624/2019.
Registered office: The Mall Athens, 35 Andrea Papandreou st. ,Marousi 151 22, Athens
VAT No.: 012220835 — G.E.MI. No.: 115694202000
Contact: privacy@yasu.gr —+30 210 610 46 30
2. Data we collect
Contact details: name, email, phone, delivery address.
Account data: username, password (encrypted), preferences.
Order and payment data: payments are processed by certified providers (PCI-DSS) — we do not store card details.
Technical data: IP address, device/browser type, usage data, cookies (see Cookies Policy).
3. Purposes and legal bases
Performance of contract (Art. 6(1)(b)): orders, deliveries, account, support.
Legitimate interests (Art. 6(1)(f)): security, service improvement, fraud prevention.
Consent (Art. 6(1)(a)): newsletter, marketing, non-essential cookies.
Legal obligation (Art. 6(1)(c)): tax, accounting, requests from authorities.
4. Retention
Orders/invoicing: 10 years (tax law).
Account: while active + 2 years.
Marketing: until consent is withdrawn.
Support communications: 3 years.
5. Recipients and transfers
Your data may be shared with hosting, payment, courier/delivery, email and analytics providers, as well as accountants, legal advisors and competent authorities where required by law. We sign Article 28 GDPR agreements with all processors.
Transfers outside the EEA take place under appropriate safeguards (Adequacy Decisions, Standard Contractual Clauses — Arts. 46–49 GDPR).
6. Your rights
You have the right to access, rectify, erase, restrict, port, object, not be subject to automated decision-making, and to withdraw consent (Arts. 15–22 GDPR).
To exercise: privacy@yasu.gr — we respond within 1 month.
Complaints: Hellenic Data Protection Authority (HDPA), 1-3 Kifissias Avenue, 11523 Athens — www.dpa.gr — contact@dpa.gr — +30 210 6475600.
7. Security
We use SSL/TLS encryption, access controls, backups, and regular security assessments. In the event of a breach posing a high risk to your rights, we will notify you and the HDPA within 72 hours (Arts. 33–34 GDPR).
8. Minors
Our website is not directed at individuals under 16. We do not knowingly collect data from minors without parental consent.
9. Changes
We may amend this Policy. Material changes will be announced on our website or by email.
COOKIES POLICY
Yasu Hellas S.A. — Last updated: 04-02-2026
1. What cookies are
Cookies are small files stored on your device that allow the website to recognise you and remember your preferences. We also use similar technologies (pixels, local storage).
2. Legal basis
Under Greek Law 3471/2006, HDPA Guidelines 1/2020 and the GDPR, we obtain your prior consent (opt-in) for all non-essential cookies through the cookie banner.
3. Categories
Necessary: core functionality (login, cart, security). No consent required.
Functionality: remember your choices (language, preferences).
Statistics: anonymous usage analysis (e.g. Google Analytics).
Marketing: personalised ads and performance measurement.
4. Cookie table
Indicative list — the full list is available via Cookie Settings:
| Name | Purpose | Duration | Category |
|---|---|---|---|
| yasu_session | User session | Session | Necessary |
| yasu_cart | Shopping cart | 30 days | Necessary |
| cookie_consent | Cookie preferences | 12 months | Necessary |
| yasu_lang | Language | 12 months | Functionality |
| _ga / _ga_* | Google Analytics | 24 months | Statistics |
| _fbp | Meta Pixel | 3 months | Marketing |
| IDE / NID | Google Ads | 13 months | Marketing |
5. Managing cookies
You can change your preferences at any time via Cookie Settings (footer), your browser settings, or opt-out tools (youronlinechoices.eu). Disabling certain cookies may affect website functionality.
6. Contact
privacy@yasu.gr
