Note on data protection

Thank you for your interest on the evaluation of our shops by our customers.

The protection of your personal information is very important to us.

To this end, our goal is to ensure your right to informational self-determination. In what follows below, we would like to explain to you what kind of personal information we collect, process and use, when we do so and for what purpose.

 1. Controller, in the sense of Article 4, par. 7 of the General Data Protection Regulation (GDPR)

Provided it not explicitly stated otherwise in the individual sections (separated based on  their headings) of these Basic Data Protection Principles, company

LIDL Cyprus,

Industrial Area, Emporiou Street 19,

CY- 7100, Aradippou - Larnaca

is the controller, in the sense of Article 4, par. 7 of GDPR.

2. Use of the evaluation tool

Every time you access this website, we store, via this process, the access information in the form of log files.

Each log file comprises of the following:

Time and date of access
Duration of browsing

3. Customer research on shopping experience

In the context of market research on our customers’ shopping experience, we collect your data only after you yourself have placed them at our disposal, and in particular when answering the question “Is there something else you’d like to talk to us about?”.

We ask for your receipt number in order to ensure that each receipt participates in the customer survey only once. Your identity cannot be determined based only on the receipt number, nor can it be determined in the case of payment by charge or credit card.

4. Communication from our Customer Service

Aim of data processing / Legal basis:

As long as you have provided your name, e-mail address or your telephone number for our Customer Service to contact you, such information, as well as the evaluation you have submitted as a customer, are disclosed to our Customer Service, exclusively and only for the purpose of contacting you. Article 6, par. 1, case (a) of the GDPR constitutes the Legal Basis for the processing of said data.

Recipients / Recipient categories:

Your data is exclusively and only disclosed to our Customer Service. In addition Company MaritzCX GmbH, Borselstraße 18, 22765 Hamburg also acts as a service provider for the operation of this home page.

Duration of storage / Criteria determining the duration of storage:

Following the completion of communication, your personal information is deleted.

5. Competition

Purpose of data processing / Legal Basis:

To the extend where in the context of a competition, the participants’ personal information are being stored (full name, e-mail address, postal address: street, number, postal code and place of residence), such data shall be used only in order to carry out the competition. Article 6, par. 1, case (b) of GDPR forms the legal basis for data processing.

Recipients / Recipient categories:

In addition, Company MaritzCX GmbH, Borselstraße 18, 22765 Hamburg also acts as a service provider for the operation of this home page.

Duration of storage / Criteria determining the duration of storage:

Data are maintained only for the time that this is necessary in the context of this agreement, observing the rules in the applicable Law. Following the fulfillment of the purpose of the competition, this information will be deleted.

6. Users’ Rights

Pursuant to Article 15, par. 1 of GDPR, you reserve the right to receive, free of charge, information pertaining to the personal data we have stored regarding your person.

Additionally and provided the legal conditions concur, you reserve the right to rectify (Article 16, GDPR), erase (Article 17, GDPR) and restrict the processing (Article 18, GDPR) of your personal information.

Provided data processing is based on Article 6, par. 1, case (e) or (f) of the GDPR, you have the right to object, pursuant to Article 21 of the GDPR. In case where you object to the processing of your data, this ceases to be carried out in the future, save if the controller can demonstrate the existence of critical and worthy of protection grounds to continue said processing, grounds that supersede the lawful interest compelling the data subject to object.

In case where you yourselves have provided the processed data, you reserve the right to data portability, pursuant on Article 20 of the GDPR.

Provided data processing rests on consent based on Article 6, par. 1 case (a) or Article 9, par. 2, case (a) of the GDPR, you may recall consent at any time effective for the future, without thus affecting the legality of processing up to that point.

For the cases cited above, as well as in case you have other questions or complaints, please address the Data Protection Officer in writing or by e-mail.

Furthermore, you have the right to file a complaint with the regulatory authority for data protection at any time. You can contact the regulatory authority for data protection, especially in the member-state in which you reside or at your place of work or in the place where the supposed violation has taken place or the authority of the state in which the party responsible for processing is based.

7. Nonexistence of the obligation to provide personal information

Provided nothing different is cited in the sections above, the provision of personal information is not prescribed by Law or based on contract, neither is it mandatory in order to enter into contract. The non-provision of your personal information results, on a case by case basis, to our failure to respond to your wish for us to contact you, or your failure to participate in the competition.

8. Further questions

Should you have further questions on the collection, processing and use of your personal information, please address the officers of our company responsible for data protection at the following address:

LIDL Cyprus,

Data Protection Officer

Industrial Area, Emporiou Street 19, CY- 7100, Aradippou - Larnaca