Privacy Policy

Privacy Policy
At FF Group, we take your privacy and trust very seriously. This privacy and cookies policy ("Privacy Policy") is intended to outline how any personal data collected from you via (the "Website") or in one of our stores, will be protected, used, stored and processed by us to communicate with you and to deliver you excellent service whilst being compliant with the applicable data protection law (Regulation (EU) 2016/679 – hereinafter referred to as “GDPR”).

This Privacy Policy does not apply to websites that you may be able to access via links on the Website and/or activities offered by third parties. Please ensure you review any relevant policies on any third party websites before proceeding. FF Group is not responsible for the collection or use of your personal information from these third party websites.

About FF Group
FOLLI FOLLIE Commercial Manufacturing And Technical Société Anonyme 23km ATHENS LAMIA NR 14565, AGIOS STEFANOS, GREECE VAT NR.: EL094079334 

What personal information do we collect from you and why?
We collect and process the following types of information about you:

1. Information we collect about you:
• when you sign up to our newsletter
• when you enter competitions and prize draws;
• when you register with the Website, by phone or by email, or provide personal information which you complete, or which we complete at your request in-store via a store card;
• when you place an order on our Website;
• if you ask us to receive personalised online content such as targeted advertising;
• if you contact or correspond with us (for example, by phone, email or otherwise) to find out more about a product or our after sale care and support services, to report a problem with the Website or a product or for any other reason.

With your consent, we process the following personal data which you provide when you interact with the Website and use the related services and functions. The data may include your first and surname, title, gender, birthdate (day, month & year), email address, phone number, address, financial information (such as credit or debit card details), as well as shipping address, billing address, and any other information that you consider necessary to provide us with.

The information collected from you via our Website will be matched with personal information you may have given us in our stores. This is to help us ensure that the data we hold about you is kept accurate and up to date.
In any event, even without your prior consent, we may process your data to comply with legal obligations stemming from laws, regulations and EU Law, to exercise rights in legal proceedings, to pursue our own legitimate interests and in all cases provided by Articles 6 and 9 of the GDPR, where applicable. Processing shall take place both using computers and on paper, and shall always entail the implementation of the security measures provided by current law.

2. Information that other FF Group members collect about you:
This is information we receive about you when you make a purchase in one of our stores or concession stores if you have completed a store personal information card. These stores will also provide us with a record of your transaction.

3. Information we receive from other sources about you:
We work closely with third parties, for example, business partners, sub-contractors for technical, payment and delivery services, advertising networks, analytics providers and search information providers. If we receive information about you from them, we will always seek assurances that they are providing information to us in accordance with data protection laws and that they are transparent with you that they may share your data with us. We may use this information to update our records about you to keep them accurate.

Why do we use your data?
We may use and share non-personal data we receive or collect from you without restrictions.
FF Group may use the above personal data held about you for the following purposes (purposes for which we need your consent are marked *):
• to carry out obligations arising from any contracts entered between you and us and to provide you with information, products and services that you request from us, i.e. to process and complete your orders and to process your payments;
• to remind you of products you have placed in your basket on the Website, but have not purchased*;
• to tailor our Website content to your needs and preferences*;
• to prevent, detect, and investigate fraud, security breaches, violations of law, and other misuse of the Website, and to enforce our General Terms and Conditions, which you can find here; • to address any enquiries, correspondence, concerns or complaints you have raised;
• for our internal operations, including data analysis, testing, research, statistical purposes and troubleshooting;
• to provide you with information about other products and services we offer that are similar to those that you have already purchased or enquired about. We will only contact you by email with such information if you have consented to this. More information about this is set out below under the heading “legal basis for processing”*;
• to deliver relevant advertising to you, for example, newsletters*; and
• to make suggestions and recommendations to you about other products or services that may be of interest to you*. • to carry out automated decision-making and profiling for the purpose of identifying wha information or advertising you might like to see from use, for example, by creating individual or group profiles.*

Your data may in any case be processed, even without your consent, for the purpose of complying with laws, regulations, EU Law (art 6.1.(c) of the GDPR, to perform statistics on the Website’s usage and ensure its proper functioning (art. 6.1.(f) of the Regulation), to enforce the Code of Conduct of the FF Group and to establish or defend the legal claims in the interest of the Company.

What is the legal basis for processing your data?
For some of the uses of your personal data (as described above) there is a legal basis under applicable data protection laws for us to use such personal data without your consent (these uses are not marked with *).
This includes, for example, where it is necessary for us to use the information in order to perform a contract with you or take steps at your request prior to entering into a contract with you, such as to process your order, provide aftercare and support services to you or manage the online account facility that we provide to you. It also includes circumstances (such as we have described below) where we have a legitimate interest to use your data, provided that proper care is taken in relation to your rights and interests:
• to ensure that we organise our database efficiently and understand how our clients may make purchases in different parts of the world;
• to send you marketing communications. You can opt out of our marketing communications at any time through the unsubscribe button at the bottom of every email or by contacting us on
•To present you with personalised offers on our website, through social media channels such as Facebook and Instagram and by placing banner advertisements on third party websites
• to carry out research and analysis of your data (including purchase information) as this helps us understand our clients better, who they are and how they interact with FF Group;
• to improve and ensure the security of the Website (for example, for statistical, testing and analytical purposes, troubleshooting); and
• to ensure that you know about any changes to the Website or the terms of this Privacy Policy.
Where we have a legal basis to use your information without consent (as we’ve described above), this Privacy Policy fulfils our duty to process personal data fairly and lawfully and in a manner that you would expect given the nature of our relationship with you, by giving you appropriate notice and explanation of the way in which your personal data will be used.
Where consent is required for our use of your personal information, by ticking the appropriate consent box or otherwise communicating your consent (for example, by email, providing non mandatory information, verbally in-store or on a store card), you consent to our use of that personal information for the purposes covered by the specific consent that you have given. For example, we will only process your personal information for marketing purposes if we have your consent to do so.

Marketing newsletter and keeping in touch with you
We will, if you have given us your consent, provide you with information about products, services, events, sales and marketing from FF Group (including personalised online content and advertising, social media platforms or our online partners).

1. Our Mailing List We will ask whether you would like us to send you marketing messages when you tick the relevant boxes when you check out, sign up for newsletters or updates, or if you register with us via the Website, by phone, by email or the store personal information card. With your consent, we will use your email address as a convenient way to contact you about your order or any reminder service you have. From time to time, we may update you on relevant FF Group site or new gift news, but only with your permission.
2. Can I be removed from your mailing list? We will send you special offers and promotions by email. If you do not want to receive offers and promotions by email, simply click on the unsubscribe link in any email. You can unsubscribe at any time.
3. Will you pass my data on to third parties? We will never pass on your email address to a third party for marketing purposes (except if they are contacting you on behalf of FF Group). We respect your privacy and are committed to protecting it.

Marketing newsletter and keeping in touch with you
Your privacy as an individual and as a customer is important to us, so we don't use the information you provide on this site to learn any more about you other than what is required to fulfil your orders or offer you services such as new alerts or reminder services. Any personal data gathered by us in your use of this site will be recorded electronically and only used in accordance with the UK Data Protection Act 1998.

Regarding any transfer of Data outside the EU, including in countries whose laws do not guarantee the same level of protection to personal data privacy as that afforded by EU Law, the Controller informs that the transfer shall in any event take place in accordance with the methods permitted by the GDPR

• How do we protect the information we hold about you on your internal systems?We protect your privacy in several ways: The personal data is entered into the our computer system in full compliance with data protection law, including security and confidentiality profiles and based on principles of correct practice, lawfulness and transparency in processing. Access to customer account information is limited to those who need access for the performance of their job. We use full login and password controls on our system. All calls are recorded and monitored for training and security purposes. Confidentiality and database access controls are reviewed periodically and updated as required to further protect our personal data. • Persons who have access to the Data Data is accessible by FF Group staff authorised to process personal data. In particular, staff belonging to the following categories: IT and administrative staff, customer services, marketing as well as other individuals who need to process the data to perform their job duties.

Who will we share your personal data with?
Your data may be stored in a database that we, as well as other members of the FF Group, can access. We do this to help us organise our databases efficiently and understand how our clients may make purchases in different parts of the world.
We may also share your data with the following categories of selected third parties in accordance with this Privacy Policy:

• service providers (for example, IT services), business partners, suppliers and sub-contractors for the performance of any contract we enter into with you (such as, but not limited to, Website operations, payment services, shipments, delivery couriers, fraud investigations, bill collection, and affiliate and rewards programs);
• analytics and search engine providers that assist us in the improvement and optimisation of the Website;
• law enforcement or regulatory agencies, or authorised third parties, in response to a verified request relating to a criminal investigation or alleged illegal activity or any other activity through the Website that may expose us and/or the user or any third party to legal risks or liability; and
• other business entities, should we plan to merge with or be acquired by that business entity. Should such a combination occur, we will require that the new combined entity follow this Privacy Policy with respect to your data.
These third parties who may receive your data will process that data for the purposes specified above and in accordance with applicable law. FF Group will retain a list of the third parties with whom data is shared, which will be available upon request.

Why do we retain your data and how can you access it?
We will store your data for as long as strictly necessary for us to provide the relevant services to you, for as long as you wish to keep in touch with us or as long as is necessary to provide support-related reporting & analysis. Even if you request to erase your data, we may keep it in a form that doesn’t identify you. If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also keep hold of some of your information as required, even after you have closed your account or it is no longer needed to provide the services to you. If you have not agreed that we may use your data for marketing purposes, we will keep your data for 6 years after you have made a purchase from us.

What are your rights?
You have the following rights with regard to your personal information:

• Access. You have the right to access data we hold about you as well as an updated list of the individuals who can access your data. We will need you to prove your identity before we release any personal data to you.
• Rectification or erasure. You have the right to request that we rectify or delete any personal data that we hold about you (unless we have the legal right or obligation to retain it).
• Restriction. You have the right to restrict your use of personal information if the data is inaccurate, our use of the information is unlawful or if we no longer need to use the data for the purposes for which we hold it.
• Change of preferences. You can change your data processing preferences at any time. For example, if you have given your consent to direct marketing, but have changed your mind, you can opt out of receiving marketing communications by contacting us using the details provided below or clicking the “unsubscribe” link in any communication you receive.
• Automated decision making. If you have any questions in respect of our automated decision-making processes or the accuracy of them, please let us know, or to change your preferences, please see above.
• Data portability. You have the right to obtain personal data we hold about you, in a structured, electronic format, and to transmit such data to another data controller, where this is (a) personal data which you have provided to us and (b) if we are processing that data on the basis of your consent (such as your marketing preference information) or to perform a contract with you (such as to manage your online account).
• Complaints. If for any reason you are not happy with the way that we have handled your personal data, please contact us. If you are still not happy, you have the right to make a complaint to the Information Commissioner’s Office.

To exercise any of the rights mentioned above, please write to us at FF Group, 23klm Athinwn-Lamias National Highway, Agios Stefanos, 14565 Greece or send an email to

If you ask us to stop processing your personal information in a certain way or erase your personal information, and this type of processing or information is needed to facilitate your use of the Website or is required to enable us to provide you with a service (such as to manage your online account), you may not be able to use the Website or the service as you did before.

This does not include your right to object to direct marketing which can be exercised at any time without restriction. Please allow at least 3 working days for your request to be actioned.

The rights mentioned above do not extend to non-personal data

What are cookies and why do we use them?
There are two types of cookie that may be used during your visit on our website:

- Technical cookies: these are necessary for the website to function correctly and to permit browsing by the user; without these, a user may not be able to view the pages correctly or to use certain features.
- Profiling cookies: these are used for creating user profiles to send advertising messages in line with preferences shown by the user during browsing.

Cookies, whether “technical” or “profiling”, can also be classified as:

• Site Functionality Cookies: These cookies are used to identify users between page loads and are essential in enabling you to browse the website, such as remembering certain user settings. Without them, certain services provided (such as use of the shopping bag) on the website could not be provided.
• Analytics Cookies: These cookies are used to measure and analysis how the visitors use the website (for example site traffic, total sales through the Website, the pages visitors go to most often and pages from which the visitors get error messages) in order to continuously improve the Website and the customer shopping experience. All information collected by these cookies is anonymous and are not used to identify you.
• Customer Preference Cookies: Functionality cookies remember your preferences and behaviour and help us to personalise your shopping. So, if the last time you visited, you decided that you wanted to shop the UK site in English and see prices in £s, that's what we'll show you.
• Targeting & Advertising Cookies: These cookies may be used in order for us to deliver personalised advertisements that are more relevant to you. They also limit the number of times that you see one of our advertisements online and help us measure the effectiveness of our marketing campaigns.
• Third Party Cookies: FF Group partners with third party companies for marketing and advertising purposes. These cookies allow us to make more informed decisions about what our customers want from us. Third party companies may employ a mixture of both session and persistent cookies. Any information that they collect is anonymous.
• Deleting or Controlling Cookies: If you prefer, set up your internet browser to not accept cookies. You should still be able to use our site without having cookies enabled. However, it must be noted that disabling cookies could impair your ability to use the Website and/or prevent you from benefitting in full from the available functions and services. Further information about controlling or deleting cookies visit

We use the reCAPTCHA service provided by Google Inc. (Google) to protect your submissions via internet submission forms on this site. This plugin checks if you are a person in order to prevent certain website functions from being (ab)used by spam bots (particularly comments). This plugin query includes the sending of the IP address and possibly other data required by Google for the Google reCAPTCHA service. For this purpose your input will be communicated to and used by Google. However, your IP address is previously truncated by Google within member states of the European Union or in other states which are party to the agreement on the European Economic Area and is, as such, anonymized. Only in exceptional cases is a full IP address transmitted to a Google server in the United States and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of this service. The IP address provided by reCaptcha from your browser shall not be merged with any other data from Google. This data collection is subject to the data protection regulations of Google (Google Inc.). For more information about Google's privacy policy, please visit: By using the reCAPTCHA service, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

How can we make changes to this policy
We will notify you of changes to this Privacy Policy by posting the amended terms on the Website.
If you do not agree to the new terms of this Privacy Policy, you should stop using the Website, and if you are a registered user, you may cancel your account with us within the thirty (30) day period by contacting us at Your account will be closed and you will not be bound by the new terms. You may also ask us to delete your information (as mentioned above).
Otherwise, continued use of the Website after the effective date of changes constitutes acceptance of the new terms of this Privacy Policy.

Contact Us
We are always happy to hear from our customers. If you have any questions regarding our privacy policy, would like us to stop using your information, would like to exercise your rights as stated above or have a complaint, then please get in touch.

You can contact our privacy team by email at or, you can write to us at:


The Company FOLLI FOLLIE Commercial Manufacturing and Technical Société Anonyme (”Company”, or “we”) wishes to provide updated information about the processing of personal data –including sensitive personal data- that are currently in the Company’s possession or that will be supplied to the Company by you, and concerning you or your family members (“Data”). The Company is committed to ensuring that your Data is protected at all times. Processing operations are carried out in line with the applicable Privacy Laws (European Regulation 2016/679/EU).

1 – What Data we collect and how we process them.

The categories of processed Data may include: personal information (name, surname, date of birth, image, gender, marital status, social security number, company ID number, username, etc.); professional and private contact information, data included in the Company devices assigned to you, professional and work data pertaining to your CV; financial, fiscal and tax data; sensitive data and judicial data (i.e. pertaining to criminal convictions and offences and related security measures).

We process Data electronically and manually, and we ensure our processing procedures and policies are consistent with the purposes listed under section 2 of this document (below) and with the applicable law (including the aspects pertaining to security and confidentiality), as well as with the principles of fair and legitimate processing. Data will only be stored for as long as necessary to fulfil the purposes for which they were collected; in any case, the criterion used to determine the storage period is based on, and takes into due account, the need to comply with any relevant legal requirement, the principle of data minimisation and the need to rationally manage the Company’s records. We may keep some Data even after the termination of your employment relationship, for as long as necessary to fulfil contractual and legal obligations as well as to pursue the said purposes described under section 2 of this document (below). 

2. What we can do with your Data

2.1. Mandatory processing for which you do not need to provide consent

In general, we process your Data to carry out all the activities necessarily connected with and/or functional to, your employment relationship with us or your job duties. Such activities include: fulfilling legal obligations and administrative duties; managing human resources (even in emergency situations); pursuing training and organisational needs; protecting the security of the Company’s assets; ensuring the safety of the workplace; managing the Company equipment entrusted to employees (PCs and other electronic devices, mobile phones, motor vehicles, etc.) in line with the Company’s policies ; ensuring the exact performance of contracts and collective agreements and compliance with any applicable legal provision in the field of employment, health and safety, taxation and social security.

Data may also be processed for the purpose of protecting the Company’s assets and defend the Company’s legal prerogatives and rights, to prevent the commission of crimes.

All the processing operations mentioned above are essential to perform the employment relationship or to pursue the Company’s legitimate interests (administrative and accounting necessities, staff management, protect legal prerogatives and/or defend legal claims, business development): an objection on your part would make it impossible to commence or continue your employment relationship with the Company -for this reason, you are not required to confer your consent. In particular, we inform you that, in case criminal defense investigations are performed, your Data will be processed without the need to collect your consent, pursuant to arts. 6.1.b, 6.1.c., 6.1.f, 9.2.b and 9.2.f of Regulation 2016/679/EU. 

2.2. Optional Processing, for which your consent is required

If you wish to provide your consent, we may process Data for additional purposes connected to the Company’s activities though not strictly necessary for the commencement/continuation of your employment relationship. These may include, for example: your voluntary participation in optional activities/initiatives which may imply the processing of your personal data such as video-shootings, interviews, articles on Company in house-press; participation into celebrative non-work related events and other communication initiatives published also on the Company website; granting you the use of certain company assets for private or mixed (private and professional) purposes; providing you with legal assistance etc. Consent to the processing of Data for these purposes is optional and may be withdrawn at any time: denying your consent will not affect your current or future employment relationship with the Company, but simply your ability to take part in, or take advantage of, the optional activities/initiatives as described above.


3. How we can share your Data.

Data are accessible to the following categories of Company’s authorized persons: line managers and hierarchical superiors, HR staff, staff in charge of accounting, tax, administrative social security, IT, internal audit tasks as well as any other authorized person who needs to process your data by reason of his/her job tasks.

In addition, pursuant to art. 6, Recital 47 and Recital 48 of Regulation 2016/679/EU, Data may be communicated also to other companies of the FF Group located also in non-EU Countries (“Third Countries”) for purposes allowed by the law and/or on the basis of a legitimate interest (administrative and accounting necessities, staff management, protect legal prerogatives and/or defend legal claims, business development). Certain biographical and professional information, your CV and your image may be processed also in the Company’s internal network/applications (including e-learning platforms, project management software and e-mail services) and thus shared with the staff of the FF Group for administrative, organisational, training or continuing education purposes and in any event only for the required purposes listed above.

For the above mentioned purposes, Data may further be communicated, also in Third Countries, to: Authorities and public bodies, social security and insurance entities; trade unions; financial and credit institutions; third-party partners which provide specific technical or logistic services to the Company (e.g. Cloud Computing Providers, external consultants and collaborators, payroll service providers and tax/social security consultants, security service providers, training providers, travel agencies); agents, distributors; commercial partners; universities; Company suppliers; third parties and their consultants in case of extraordinary operations (mergers and acquisitions, transfers of undertaking/business units, etc.); legitimate recipients of communications prescribed by laws or regulations such as your family members and relatives, appointed doctor. As the case may be, these individuals/entities will act as Data Controllers, Data Processors or persons authorised to process personal data, for the same purposes indicated above and in line with the applicable law.

As far as the transfer of Data towards Third Countries is concerned, the Company informs that the processing of Data will in any event take place in accordance with one of the methodologies allowed by the law, such as, for example your consent, the adoption of Model Contract Clauses approved by the European Commission, the selection of transferees which subscribed to programs pertaining to the free movement of data (e.g. the EU-USA “Privacy Shield”) or which operate in countries considered as safe by the European Commission.

4 – Your Rights to Access and Control your Data

You may at any time contact the Company to exercise the rights afforded by arts. 15 and following of Regulation 2016/679/EU, including: the right to obtain the updated list of those who may access your Data; receive confirmation that any of Data referring to you is being processed by the Controller; verify the Data’s content, origin, exactness, location (including, where applicable, the Third Countries where the data might be), obtain a copy thereof, ask that the Data are supplemented, updated, amended and, in the circumstances set forth by the law, ask that they are deleted, anonymised, frozen (if processed against the law), or oppose to their processing for legitimate reasons. At any time, you may notify the DPO your concerns about particular personal situations regarding Data processing which you consider as inappropriate or unjustified in light of your relationship with the Company or lodge a complaint with your Data Protection Authority namely the Hellenic Data Protection Authority (

5 – Data Controller and Data Protection Officer – Contact Information


The Company’s Data Protection Officer ("DPO") may be reached at