Last Updated: 18.7.2019

At Amarla, we value your privacy and strive to protect your personal data in compliance with the governing laws of the countries we operate in within European Environment.

This privacy includes special provisions regarding Swedish environment in which Amarla operates as well.

Our Privacy Policy has been drafted out to help you understand how Amarla collects, records, manages, uses, stores, transfers and discloses your personal data. As an organization, we strive to maintain the highest standards of data security and privacy, always adhering to the laws of each country we operate in.

We may update this Privacy Policy from time to time to reflect changes to our privacy practices or for other legal, operational or regulatory reasons. If we amend this Privacy Policy, we will revise the “last updated” date located at the top of this Privacy Policy.

Please read the following to understand our practices regarding your personal data and how we will treat it.

SECTION 1: ABOUT AMARLA ACTING AS CONTROLLER

SECTION 2: SOURCES OF DATA

SECTION 3: HOW DO WE USE YOUR DATA

SECTION 4: DISCLOSURE AND TRANSFER OF PERSONAL DATA

SECTION 5: SECURITY OF YOUR DATA

SECTION 6: COOKIES

SECTION 7: ACCESS, CORRECTION AND WITHDRAWAL OF CONSENT

SECTION 8: YOUR RIGHTS

SECTION 1 – ABOUT AMARLA

This Privacy Policy applies to the collection, processing and storage of your personal information by Amarla Retail SA (“Amarla”) and other organizations related to Amarla (including its subsidiaries). “Amarla”, “we”, “us” or “our”, within this Privacy Policy refers to the relevant entity within Amarla that processes your personal information.

It is clearly stated that the Controller of your personal data will be Amarla Retail S.A., a company duly established in Greece, on 107th Vouliagmenis Avenue, Glyfada, Attica.

SECTION 2: SOURCES OF DATA

We (or our service providers) collect your information: (a) through our stores or otherwise offline, (b) on or through www.Amarla.com, any of our other websites or applications, (c) when you create an account with us, or otherwise sign up for a service loyalty programme or feature, (d) when you communicate with us via third-party social media sites, (e) when you make purchases from us, (f) when you participate in a contest or other promotion or (g) when you otherwise communicate with us or provide information to us.

Information collected includes your name, contact details, demographic information, date of birth, addresses for billing and other payment information, IP address, details on items purchased, personal preferences, location information (if your device and app settings allow us to collect it), and other information you choose to provide to us.

By accessing or using our services, you signify your consent to the above collection and processing of your personal information.

SECTION 3: HOW DO WE USE YOUR DATA

Recipients of your personal data will be Amarla Retail SA as the Controller of your personal data and the subsidiary of it which is established in Sweden i.e. Amarla Retail AB or any other subsidiary of Amarla Retail S.A. Service Providers which may cooperate with the above companies may be included in the list of recipients as well.

3.1. Purposes: The purposes of the collection of your personal data will be:

a. To fulfil your requests for products and services and to keep you updated about your orders

b. Keeping you informed (either via post, telephone, email or SMS service) about our new stores, products, services, upcoming events, or promotions;

c. To facilitate your participation in any contests or events

d. Where appropriate for market research

e. Affiliate marketing initiatives with partners or third-party service provides related to Amarla

f. Analytics, search engine, marketing campaign & CRM (Customer Relationship Management) service providers purely based on Amarla initiatives for marketing & communication purposes.

3.2. Storage of your personal data: The retention period of your personal data for direct marketing needs will not exceed the period of two (2) years. In any case, if this retention period extends, we will ensure relevant consent of each individual in due time.

3.2. Profiling: Currently, no profiling is made by the Controller by using your personal data. In case that a profiling process initiates, this policy will be amended accordingly.

SECTION 4 – DISCLOSURE AND TRANSFER OF PERSONAL DATA

In order to provide the above services to you, we may share your personal information with our subsidiaries and affiliated companies within European environment, and selected third parties including our business partners, franchisors, brand principals and third-party service providers within European environment or within a third country which will exclusively be United States of America.

Amarla  headquarters is in Athens, Greece, however the personal data we collect from you, may be transferred to, processed and stored in different countries depending on the circumstances, including any countries where Amarla operates (Sweden, Norway, Finland, Denmark, German, Netherlands, Belgium, Switzerland,). Please note your personal data may be transferred to, processed and stored in countries which may or may not provide the same level of protection as the country in which you initially provided the information. In such cases we ensure that adequate protection for your personal data is provided as required by applicable law

We may disclose your personal information to law enforcement agencies and government bodies if we are required to do so by law; or when we believe in good faith that such disclosure is reasonably necessary to comply with legal process.

By providing personal information to us, you consent to your personal data being transferred to, processed and stored in these countries in accordance with local laws.

SECTION 5 – SECURITY OF YOUR DATA

We have put in place reasonable measures to safeguard your personal information against loss, theft and unauthorized access, use or modification.

Such measures include limiting access to personal information to only Amarla’s employees and authorized third party service providers who need to know such information for the purposes described in this Privacy Policy, as well as other technical and physical safeguards.

All direct payment gateways we use adhere to the standards set by PCI-DSS (Payment Card Industry Data Security Standards) as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with an AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

The website of Amarla may contain links to other third-party websites and microsites, whose privacy practices may differ from Amarla . Such websites are governed by their respective privacy policies, which are beyond our control. Once you leave our servers (you can know where you are by checking the URL in the location bar on your browser), use of any information you provide is governed by the privacy policy of the operator of the website you are visiting. That policy may differ from ours. If you can’t find the privacy policy of any of these websites via a link from the website’s homepage, you should contact the website directly for more information.

SECTION 6 – COOKIES

A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. We use cookies on all websites related to Amarla. We do link the information we store in cookies to any personally identifiable information you submit while on our website.

We use both session ID cookies and persistent cookies. We use session cookies to make it easier and secure for you to navigate our website. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your Internet browsers “help” file. Reference for cookies can be found at http://www.cookiecentral.com/

We use session cookies to store the secure session and browsing preferences of the user. We set a persistent cookie to store your username and interests, so you don’t have to enter it more than once. Persistent cookies also enable us to track and target the interests of our users to enhance the experience on our websites.
If you reject cookies, you may still use our website, but your ability to use some areas of our website, will be limited. Cookies are used in the shopping bag to enable enhanced security and to ensure there is no URL based spamming.

Unless you voluntarily identify yourself (through registration, for example), we will have no way of knowing who you are, even if we assign a cookie to your computer. The only personal information a cookie can contain is information you supply (an example of this is when transact as a guest or add items to shopping bag). A cookie cannot read data off your hard drive.

Some of our business partners (e.g., advertisers) set cookies while delivering banners on our website. We have no access to or control over these cookies.

This privacy statement covers the use of cookies by Amarla’s  websites only and does not cover the use of cookies by any advertisers.

We do use cookies on point of collection pages of email address, but we do not use them in emails.
Our web servers automatically collect limited information about your computer’s connection to the Internet, including your IP address, when you visit our website. (Your IP address is a number that lets computers attached to the Internet know where to send you data — such as the web pages you view.) Your IP address does not identify you personally. We use this information to deliver our web pages to you upon request, to tailor our website to the interests of our customers, to measure traffic within our website and let advertisers know the geographic locations from where our visitors come.

When you visit any of Amarla’s websites, our company servers will automatically record information that your browser sends whenever you visit a website. This data may include but not limited to:

  • Your computer’s IP address (as explained in Cookie Section above)
  • Browser type
  • Webpage you were visiting before you came to our site
  • The pages within our network you visit
  • The time spent on those pages, items and information searched for on our site, access times and dates, and other statistics.

SECTION 7: ACCESS, CORRECTION AND WITHDRAWAL OF CONSENT

If you have any queries, comments, complaints or updates about our Privacy Policy or our collection and processing of your personal data, please contact us at:

Data Protection Officer of Amarla Group of Companies:

Full name: Efstathios Papageorgiou

Address: 107th Vouliagmenis Avenue, Glyfada, Attica, Greece

E-mail: [email protected]

If you wish to access, update or withdraw consent for the use of the Personal Information collected by us, please email the above contact. Alternatively, you may also log into the Amarla  microsite located in our website (www.Amarla.com) and access your account to amend or change your data if you find it incorrect.

We will not correct your personal data upon request from any third party, unless such third party is able to produce documentary evidence of your authorization to do so.

SECTION 8: YOUR RIGHTS

In accordance with applicable data protection legislation, you are entitled at any time to request access to the personal data that is processed about you. You are also entitled to have incorrect personal data about you amended, to request deletion of your personal data or restriction of our processing of your personal data, exercise your right to data portability and object to processing of your personal data. If processing is based on consent, you are entitled at any time to withdraw your consent to processing. If you wish to exercise any of your rights, please contact us via the contact details below. You are also entitled at any time to submit complaints to applicable supervisory authority (Datainspektionen,www.datainspektionen.se) if you consider that your personal data is not being processed in accordance with applicable data protection legislation.