Privacy policy

1. Data Controller
   AMAZ I.K.E. Terma Lesvos, Metamorfosi – Longos, 14452, ATTICA, Tel: 2160008400

2. Personal Data Processed
   a) Personal data processed for the purposes of Website operation Information systems and software procedures used to operate the Website acquire, during the normal course of operation, some personal data whose transmission is implicit in the communication protocols of the Internet. It concerns information that is not collected to be associated with specific individuals, but by their own very nature could, through the processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the Website and the App, URI addresses (Uniform Resource Identifier) of requested resources, the time of the request, the method utilized to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters related to the operating system and the users. Information collected in this way could be used for ascertaining responsibility in case of any computer-related offences that damage the Website and the App.

   b) Data provided by users directly
   The optional, explicit and voluntary mailing of data as requested by the various sections of this Website and of the App are used for the purpose of processing the user’s requests (including but not limited to: cases in which information or clarification is requested by writing to the e-mail addresses found on the Website and on the App). Specific summary information dedicated to particular services on request will be provided or displayed on the Website pages and on the App.

   c) Cookie
   The Website makes use of cookies and similar technologies to ensure the proper functioning of procedures and to improve the experience of online applications.
   For the use of cookies, please read the complete information by clicking here.

3. Data Processing Purpose
   Website functioning
   Data collected during browsing are used in order to obtain anonymous statistical information on the use of the Website and to monitor its correct functioning.

   a) Legal basis for data processing
   Execution of the contract involving the data subject (Website use).

   b) Data retention period
   Throughout the session on the Website.

   Contact purposes
   The data provided directly by the user shall be applied to the latter’s requests (e.g. registration on the website or contact request).

   a) Legal basis for data processing
   Execution of the contract involving the data subject (Website use).

   b) Data retention period
   As per the information provided upon data collection
   After the above retention terms have expired, the Data will be destroyed, erased or anonymized, consistent with the technical procedures of erasure and backup.

4. Data Provision Compulsoriness
   Excluding the browsing data, required to implement IT protocols, the provision of personal data by users is free and optional. However, failing to provide such data will make it impossible to carry out the requests made or intended to by the user

5. Data Recipients
   Personal data may be communicated to parties acting as data controllers (such as supervisory bodies and authorities and public organizations authorized to request data) or processed on behalf of the Company by parties appointed as data processors, who are provided with suitable operating instructions. These parties include the following categories:

   a) companies, working as data processors or for administrative and accounting purposes (e.g. purposes connected with internal, administrative, financial and accounting activities);
   b) natural and/or legal persons providing different services to the Company (e.g. suppliers of services for the management of the Website, such as system outsourcers, companies that provide connectivity services to the Internet, etc.). Such parties may also work as Data Processors;
   c) parties and/or public and private entities the data will be communicated to for the purposes of fulfilling or enforcing the fulfillment of specific obligations provided for by laws, regulations and EU legislation. These subjects will operate as autonomous Data Controllers or Data Processors.

6. Parties authorized to process data
   The data will be processed by employees, collaborators of the Company or external parties, in their capacity as processors and officers, performing on behalf of the Company technical and organizational tasks on the Website.

7. Personal Data Transfers outside EU
   The data may be transferred to non-EU Countries, in particular to:

   a) Extra UE Countries whose data protection level is deemed adequate by the European Commission in accordance with article 45 of the GDPR;
   b) Extra UE Countries other than those referred to in the preceding paragraph a), after signing Standard Contractual Clauses adopted/approved by the European Commission in accordance with article 46, 2, letters c) and d) of the GDPR.

8. Data Subjects’ Rights – Complaint to Supervisory Authority
   By contacting the Company via e-mail sent to customercare@wyoustores.com , data subjects can require the Controller to access personal data, as well as the correction or deletion of personal data, and are also entitled to restrict processing of such data in the cases set out in article 18 GDPR, and object the processing in case of legitimate interests of the Controller. Furthermore, in the case where processing is based on consent or a contract and carried out with automated tools, data subjects have the right to receive the personal data in a structured, commonly used and machine-readable format, and to transmit the data to another data Controller without obstruction. Data subjects have the right to lodge a complaint to the competent Supervisory Authority in the member state where they are resident or where they work, or the member state where the alleged breach took place.

INFORMATION NOTICE REGARDING THE PROCESSING OF USERS’ PERSONAL DATA ACCORDING TO EU REGULATION 2016/679 (“GDPR”) – “CONTACT US”

1. Data Controller
   AMAZ I.K.E. Terma Lesvos, Metamorfosi – Longos, 14452, ATTICA, Tel: 2160008400

2. Data Processing Purpose
   The data provided by completing the form will be processed by the Company to deal with request for information on the same Company and/or its products/services

   a) Legal basis for data processing
   Performance of the contract involving the data subject

   b) Data retention period
   Such data will be retained until the revocation of consent or termination of the relationship with the customer.
   After the above retention terms have expired, the Data will be destroyed, erased or anonymized, consistent with the technical procedures of erasure and backup.

3. Data Provision Compulsoriness
   The provision of the data requested in the data collection form is required to provide the information requested, therefore failing to provide such data will not allow the Company to fulfill the request.

4. Data Recipients
   Personal data may be communicated to parties acting as data controllers (such as supervisory bodies and authorities and public organizations authorized to request data) or processed on behalf of the Company by parties appointed as data processors, who are provided with suitable operating instructions. These parties include the following categories:

   a) companies providing management and/or maintenance services for the Company’s website;
   b) companies offering mailing services.

5. Parties Authorized to Process Data
   Data may be processed by employees in company departments who are responsible for carrying out the activities outlined above and have been authorized to process the data and have received suitable operating instructions

6. Personal Data transfers outside EU
   The data may be transferred to non-EU Countries, in particular to:

   a) Extra UE Countries whose data protection level is deemed adequate by the European Commission in accordance with article 45 of the GDPR;
   b) Extra UE Countries other than those referred to in the preceding paragraph a), after signing Standard Contractual Clauses adopted/approved by the European Commission in accordance with article 46, 2, letters c) and d) of the GDPR.
   A copy of the above-mentioned safeguards can be obtained sending a specific request to the Controller, according to the modalities specified in the following paragraph “Data Subject’s rights – Complaint to the Supervisory Authority”.

7. Data Subjects’ Rights – Complaint to the Supervisory Authority
   By contacting the Company via e-mail sent customercare@wyoustores.com , data subjects can require the Controller to access personal data, as well as the correction or deletion of personal data, and are also entitled to restrict processing of such data in the cases set out in article 18 GDPR, and object the processing in case of legitimate interests of the Controller. Furthermore, in the case where processing is based on consent or a contract and carried out with automated tools, data subjects have the right to receive the personal data in a structured, commonly used and machine-readable format, and to transmit the data to another data Controller without obstruction. Data subjects have the right to lodge a complaint to the competent Supervisory Authority in the member state where they are resident or where they work, or the member state where the alleged breach took place.

INFORMATION NOTICE REGARDING PERSONAL DATA PROCESSING IN ACCORDANCE WITH EU REGULATION 2016/679 (“GDPR”) – “RESERVED AREA”

1. Data Controller
   AMAZ I.K.E. Terma Lesvos, Metamorfosi – Longos, 14452, ATTICA, Tel: 2160008400

2. Data Processing Purposes

   i. Enable registration to the Reserved Areas of the website to give access to the news, information and content made available by the Company through a personal account, issued by the Company to the users. Legal basis for processing data is the performance of the contract involving the data subject.
   ii. Generic marketing: by way of example, sending – by automated (such as text messages and e-mail) and traditional (such as telephone calls) methods – commercial information relating to services/products offered by the Company or reporting of company events, and carrying out market research and statistical analysis. Consent (which is optional and can be withdrawn at any time).
   iii. Profiled marketing: analysis of data subject’s preferences, habits, behaviors, interests in order to provide personalized commercial information/targeted actions/offers and services tailored to data subject’s needs/preferences. Consent (which is optional and can be withdrawn at any time).
   iv. Fulfilment of obligations provided for by regulations and by applicable national and international legislation. Legal basis for processing data is the need to fulfil legal obligations.
   v. If necessary, in order to determine, exercise or defend the Controller’s rights in legal proceedings. Legal basis for processing data is the legitimate interest.

3. Data Retention Period
   Contractual term and, after expiration, for the prescription term of XXX years. In the event of litigation, for the whole period of the litigation, as long as the time-limits for appealing have not expired. After the expiration of the above-mentioned retention terms, the Data will be destroyed, erased or anonymized, consistently with the technical procedures of erasure and backup.

4. Data Provision Compulsoriness
   The provision of data marked with an asterisk (*) in the registration form is mandatory for the completion and pursuit of the contract; any denial to provide the above data does not therefore authorize registration in the Reserved Areas.

5. Data Recipients
   Data may be processed by external parties in the capacity of data controllers such as, by way of example, authorities and supervisory and control authorities and, in general, public or private parties entitled to request the data. The data may also be processed, on behalf of the Company, by external parties appointed as data processors, entrusted with adequate operating instructions. These subjects are essentially included in the following categories:

• IT support companies and hosting companies;
• companies offering website management and maintenance services.
• subsidiaries of the Company, if consent is given

6. Parties Authorized to Process Data
   Data may be processed by employees in company departments who are responsible for carrying out the activities outlined above and have been authorized to process the data and have received suitable operating instructions.

7. Personal Data transfers outside EU
   The data may be transferred to non-EU Countries, in particular to:

   a) Extra UE Countries whose data protection level is deemed adequate by the European Commission in accordance with article 45 of the GDPR;
   b) Extra UE Countries other than those referred to in the preceding paragraph a), after signing Standard Contractual Clauses adopted/approved by the European Commission in accordance with article 46, 2, letters c) and d) of the GDPR.
   A copy of the above-mentioned safeguards can be obtained sending a specific request to the Controller, according to the modalities specified in the following paragraph “Data Subject’s rights – Complaint to the Supervisory Authority”.

8. Data Subjects’ Rights– Complaint to the Supervisory Authority
   The data subjects can require the data controller to access their personal data, erase them, correct inaccurate data, integrate incomplete data, limit the processing in the cases provided for by art. 18 GDPR, as well as object to the processing in cases of legitimate interest of the data controller, by contacting the company by e-mail to customercare@wyoustores.com . Furthermore, data subjects shall be entitled, if the processing is based on consent or contract and is carried out by automated tools, to receive the data in a structured, commonly used and machine-readable format and, where technically feasible, to transfer them to another controller without hindrance. Data subjects are entitled to withdraw their consent at any time for marketing and/or profiling purposes and to object to the processing of their data for marketing purposes, including profiling related to direct marketing. However, if a data subject prefers to be contacted for this purpose exclusively by traditional means, it shall be possible for him/her to express his/her opposition only to the receipt of communications by automated methods. Data subjects shall be entitled to submit a complaint to the relevant supervisory authority in the Member State where they have their habitual abode or their place of work or in the Member State where the alleged infringement has occurred.

INFORMATION NOTICE REGARDING PERSONAL DATA PROCESSING IN ACCORDANCE WITH EU REGULATION 2016/679 (“GDPR”) – “NEWSLETTER”

1. Data Controller
   AMAZ I.K.E. Terma Lesvos, Metamorfosi – Longos, 14452, ATTICA, Tel: 2160008400

2. Data Processing Purposes
   i. Send, by e-mail, informational communications (“Newsletter”) to those who make explicit request, by entering their e-mail address in the appropriate data collection form. Legal basis for processing data is the performance of the contract involving the data subject.
   ii. Generic marketing: by way of example, sending – by automated (such as text messages and e-mail) and traditional (such as telephone calls) methods – commercial information relating to services/products offered by the Company or reporting of company events, and carrying out market research and statistical analysis. Consent (which is optional and can be withdrawn at any time).
   iii. Profiled marketing: analysis of data subject’s preferences, habits, behaviors, interests in order to provide personalized commercial information/targeted actions/offers and services tailored to data subject’s needs/preferences. Consent (which is optional and can be withdrawn at any time).

3. Data Retention Period
   Collected data will be retained until revocation of consent (“unsubscription” from newsletter service).
   After the expiration of the above-mentioned retention terms, the Data will be destroyed, erased or anonymized, consistently with the technical procedures of erasure and backup.

4. Data Provision Compulsoriness
   The provision of data marked with an asterisk (*) in the registration form is mandatory for the completion and pursuit of the contract; any denial to provide the above data does not therefore authorize the subscription to newsletter service.

5. Unsubscription
   The user is able to opt out of this service by clicking on the “unsubscribe” link present in every e-mail.

6. Data Recipients
   Data may be processed by external parties in the capacity of data controllers such as, by way of example, authorities and supervisory and control authorities and, in general, public or private parties entitled to request the data. The data may also be processed, on behalf of the Company, by external parties appointed as data processors, entrusted with adequate operating instructions. These subjects are essentially included in the following categories:

• IT support companies and hosting companies;
• companies offering website management and maintenance services.
• subsidiaries of the Company, if consent is given

7. Parties Authorized to Process Data
   Data may be processed by employees in company departments who are responsible for carrying out the activities outlined above and have been authorized to process the data and have received suitable operating instructions.

8. Personal Data Transfers outside the EU
   The data may be transferred to non-EU Countries, in particular to:

   a) Extra UE Countries whose data protection level is deemed adequate by the European Commission in accordance with article 45 of the GDPR;
   b) Extra UE Countries other than those referred to in the preceding paragraph a), after signing Standard Contractual Clauses adopted/approved by the European Commission in accordance with article 46, 2, letters c) and d) of the GDPR.
   A copy of the above-mentioned safeguards can be obtained sending a specific request to the Controller, according to the modalities specified in the following paragraph “Data Subject’s rights – Complaint to the Supervisory Authority”.

9. Data Subjects’ Rights – Complaint to the Supervisory Authority
   The data subjects can require the data controller to access their personal data, erase them, correct inaccurate data, integrate incomplete data, limit the processing in the cases provided for by art. 18 GDPR, as well as object to the processing in cases of legitimate interest of the data controller, by contacting the company by e-mail to customercare@wyoustores.com . Furthermore, data subjects shall be entitled, if the processing is based on consent or contract and is carried out by automated tools, to receive the data in a structured, commonly used and machine-readable format and, where technically feasible, to transfer them to another controller without hindrance. Data subjects are entitled to withdraw their consent at any time for marketing and/or profiling purposes and to object to the processing of their data for marketing purposes, including profiling related to direct marketing. However, if a data subject prefers to be contacted for this purpose exclusively by traditional means, it shall be possible for him/her to express his/her opposition only to the receipt of communications by automated methods. Data subjects shall be entitled to submit a complaint to the relevant supervisory authority in the Member State where they have their habitual abode or their place of work or in the Member State where the alleged infringement has occurred.