Privacy & Data Handling Policy
Last Updated: 20/1/2025

Oppali Creative MONOPROSOPI IKE is committed to protecting the personal data and information it collects, processes, and stores, in compliance with the General Data Protection Regulation (GDPR), applicable EU and local legislation, and international security standards.
This policy applies to all personal data, including data collected from Amazon Marketplace orders and related customer information.

1. Data Collection

We collect data from:

  • Our website and e-commerce channels.

  • Partner platforms (e.g., Amazon, WooCommerce, PayPal, banks).

  • Customer and supplier communications (email, phone, contact forms).

  • Analytics and marketing systems.

2. Categories of Data

Depending on the case, we may collect:

  • Identification details (full name, company name, VAT/Tax ID).

  • Contact information (address, phone, email).

  • Order and invoicing details.

  • Payment details (via secure payment providers).

  • Technical browsing data (IP address, cookies, browser information).

3. Use of Data

We use data for:

  • Order fulfillment and management.

  • Invoicing and accounting processes.

  • Customer service and support.

  • Improving services and performing statistical analysis.

  • Compliance with legal obligations.

4. Data Sharing

We may share data only with:

  • Service providers required for order execution (e.g., couriers, payment processors).

  • Partner sales platforms (e.g., Amazon).

  • Accounting, legal, or other professional service providers for compliance purposes.

  • Authorities, when required by law.

All third parties are contractually bound to protect the data and use it only for the specific purpose for which it was shared. Amazon customer data is handled solely for the purpose of fulfilling orders and complying with Amazon’s policies.

5. Data Retention

We retain personal data:

  • For as long as required by applicable law.

  • For customer service purposes and dispute resolution.

  • For order data, for less than 180 days after delivery, unless otherwise required by law.

6. Data Security

We implement technical and organizational measures, including:

  • Encryption of data in transit and at rest.

  • Access controls based on employee role and job function.

  • Firewalls and database access restrictions.

  • Activity logging and access audits.

  • Regular vulnerability scans and security tests.

  • Policy prohibiting use of personal devices for accessing sensitive data.

7. User Rights

Users have the right to:

  • Access, correct, and delete their data.

  • Restrict or object to processing.

  • Request data portability.

  • File a complaint with the Data Protection Authority.

8. Contact

For questions about this policy or our data processing practices, please contact:
support@oppali.com
+30 210 3006868