Privacy policy

Privacy Policy

tatifurs.com  |  Last updated: 13 March 2026

This Privacy Policy describes how tatifurs (the "Site", "we", "us", or "our") collects, uses, and discloses your Personal Information when you visit or make a purchase from tatifurs.com. We are committed to protecting your privacy and handling your data transparently and in compliance with applicable law, including the EU General Data Protection Regulation ("GDPR") and the laws of Greece.

1. Data Controller

The data controller responsible for your Personal Information is:

Georgios Chaitas

Kritis 18, Siatista Kozanis, 503 00 Siatista, Greece

Email: info@tatifurs.com

2. Personal Information We Collect

We collect Personal Information — any information that can uniquely identify an individual — in the following categories:

2.1 Device & Usage Information

Examples: web browser version, IP address, time zone, cookie data, pages and products viewed, search terms, and how you interact with the Site.

Purpose: To load the Site correctly for you and to perform analytics that help us optimise the Site.

Source: Collected automatically when you access the Site via cookies, log files, web beacons, tags, or pixels.

Disclosure: Shared with Shopify (our e-commerce processor), Google Analytics, and Google/Meta advertising platforms as described below.

2.2 Order Information

Examples: name, billing address, shipping address, payment information (credit/debit card details, PayPal account, cryptocurrency wallet address), email address, and phone number.

Purpose: To fulfil your order, process payment, arrange shipping, send invoices and order confirmations, communicate with you, screen orders for fraud risk, and — where you have indicated your preferences — provide information about our products or services.

Source: Collected directly from you at the time of purchase.

Disclosure: Shared with Shopify. Payment details are processed securely by Shopify Payments, PayPal, and the relevant cryptocurrency payment processor. We do not store full payment card numbers on our own systems.

2.3 Customer Support Information

Examples: Any information you provide when you contact us for support, including your name, email address, order details, and the content of your messages.

Purpose: To provide customer support and resolve any issues you raise.

Source: Collected directly from you.

Disclosure: Handled internally. We do not share support communications with third-party vendors.

3. How We Share Your Personal Information

We share your Personal Information with third parties only where necessary to provide our services and fulfil our obligations to you, or where required by law. We do not sell your Personal Information to any third party.

3.1 Shopify

We use Shopify to power our online store. Shopify processes your data as described in their Privacy Policy: https://www.shopify.com/legal/privacy.

3.2 Google Analytics & Google Ads

We use Google Analytics to understand how customers use the Site, and Google Ads to run advertising campaigns. Google may process your data in accordance with its Privacy Policy: https://policies.google.com/privacy. You can opt out of Google Analytics data collection here: https://tools.google.com/dlpage/gaoptout.

3.3 Meta (Facebook & Instagram) Ads

We use Meta's advertising platform to run campaigns on Facebook and Instagram. Meta may process your data in accordance with its Data Policy: https://www.facebook.com/policy.php.

3.4 Legal Disclosures

We may disclose your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant, or other lawful request for information, or to protect our legal rights.

4. Behavioural Advertising

We use your Personal Information to provide you with targeted advertisements or marketing communications that may be of interest to you. We share information about your use of the Site, your purchases, and your interaction with our ads with Google and Meta (Facebook/Instagram) as our advertising partners.

You can opt out of targeted advertising through the following links:

       Facebook/Instagram: https://www.facebook.com/settings/?tab=ads

       Google: https://www.google.com/settings/ads/anonymous

You may also opt out of certain targeted advertising by visiting the Digital Advertising Alliance opt-out portal: http://optout.aboutads.info/.

For more information on how targeted advertising works, visit the Network Advertising Initiative's educational page: http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

5. Lawful Basis for Processing (GDPR)

As we are based in Greece and serve customers worldwide including within the European Economic Area ("EEA"), the GDPR applies to our processing of personal data. We process your Personal Information under the following lawful bases:

       Contractual necessity: processing required to fulfil your order and our contract with you (e.g. payment, shipping, order communications).

       Legitimate interests: processing for fraud prevention, Site analytics, and advertising optimisation, where these interests do not override your fundamental rights and freedoms.

       Legal obligation: processing required to comply with applicable laws and regulations.

       Consent: where we rely on your consent (e.g. marketing communications), you may withdraw your consent at any time by contacting us at info@tatifurs.com.

6. Data Retention

When you place an order through the Site, we retain your Personal Information for as long as necessary to fulfil the purposes described in this Policy, comply with our legal obligations (including tax and accounting requirements), resolve disputes, and enforce our agreements. In practice, order data is typically retained for a minimum of 5 years in accordance with Greek and EU commercial law requirements. If you would like your data erased sooner, please see Section 8 (Your Rights) below.

7. Automated Decision-Making

We do not engage in fully automated decision-making that has a legal or otherwise significant effect on you.

Our processor Shopify uses limited automated decision-making to prevent fraud, which does not have a legal or otherwise significant effect on you. This includes:

       Temporary denylisting of IP addresses associated with repeated failed transactions (persists for a few hours).

       Temporary denylisting of credit cards associated with denylisted IP addresses (persists for a few days).

8. Your Rights

8.1 GDPR Rights (EEA Residents)

If you are a resident of the EEA, you have the following rights regarding your Personal Information:

       Right of access: to obtain a copy of the Personal Information we hold about you.

       Right to rectification: to request correction of inaccurate or incomplete data.

       Right to erasure ("right to be forgotten"): to request deletion of your data, subject to legal retention obligations.

       Right to portability: to receive your data in a structured, machine-readable format.

       Right to object: to object to processing based on legitimate interests or for direct marketing purposes.

       Right to restrict processing: to request that we limit how we use your data in certain circumstances.

       Right to withdraw consent: where processing is based on consent, to withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at info@tatifurs.com. We will respond within 30 days. Your Personal Information is initially processed in Ireland (via Shopify) and may be transferred outside Europe for storage and further processing, including to Canada and the United States, in compliance with GDPR data transfer requirements. See Shopify's GDPR Whitepaper for details: https://help.shopify.com/en/manual/your-account/privacy/GDPR.

8.2 Rights for California Residents (CCPA)

If you are a California resident, you have the right to know what Personal Information we collect and how it is used (Right to Know), to request deletion, to correct inaccurate data, and to non-discrimination for exercising your rights. To exercise these rights, contact us at info@tatifurs.com. You may also designate an authorised agent to submit requests on your behalf.

We do not sell your Personal Information as defined under the California Consumer Privacy Act of 2018 ("CCPA").

9. Cookies

A cookie is a small file downloaded to your device when you visit the Site. We use functional, performance, advertising, and analytics cookies to improve your browsing experience, remember your preferences, and understand how people use the Site.

9.1 Cookies Necessary for Site Functioning

 

Cookie Name

Function

_ab

Used in connection with access to admin.

_secure_session_id

Used in connection with navigation through a storefront.

cart

Used in connection with shopping cart.

cart_sig

Used in connection with checkout.

cart_ts

Used in connection with checkout.

checkout_token

Used in connection with checkout.

secret

Used in connection with checkout.

secure_customer_sig

Used in connection with customer login.

storefront_digest

Used in connection with customer login.

_shopify_u

Used to facilitate updating customer account information.

 

9.2 Reporting and Analytics Cookies

 

Cookie Name

Function

_tracking_consent

Tracks your tracking preferences.

_landing_page

Tracks landing pages.

_orig_referrer

Tracks the referring page/source.

_s

Shopify analytics.

_shopify_s

Shopify analytics.

_shopify_sa_p

Shopify analytics relating to marketing and referrals.

_shopify_sa_t

Shopify analytics relating to marketing and referrals.

_shopify_y

Shopify analytics.

_y

Shopify analytics.

_ga

Google Analytics — distinguishes unique users.

_gid

Google Analytics — distinguishes unique users (expires after 24 hours).

_gat

Google Analytics — throttles request rate.

_fbp

Meta (Facebook) — used to deliver and track advertising.

 

9.3 Managing Cookies

Most session cookies expire when you close your browser. Persistent cookies expire between 30 minutes and two years from download. You can control cookies via your browser settings (usually found under "Tools" or "Preferences"). For more information, visit www.allaboutcookies.org. Note that blocking cookies may affect Site functionality and does not fully prevent data sharing with our advertising partners — please use the opt-out links in Section 4 for that purpose.

10. Do Not Track

There is no consistent industry standard for responding to "Do Not Track" browser signals. At this time, we do not alter our data collection or usage practices in response to such signals.

11. Minors

This Site is open to all ages. We do not knowingly collect Personal Information from children under the age of 16 without verifiable parental or guardian consent. If you believe your child has provided us with Personal Information without your consent, please contact us at info@tatifurs.com and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this Policy periodically.

13. Contact Us & Right to Complain

For any questions about this Privacy Policy, to exercise your rights, or to make a complaint, please contact us:

Georgios Chaitas

Kritis 18, Siatista Kozanis, 503 00 Siatista, Greece

Email: info@tatifurs.com

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority. In Greece, this is:

Hellenic Data Protection Authority (HDPA)

Website: https://www.dpa.gr

Kifissias 1-3, 115 23 Athens, Greece

Tel: +30 210 6475600