Introduction
Amizhthu.com is committed to protecting the privacy and security of your data. This GDPR Policy
outlines our practices concerning the collection, use, and protection of your data under the General Data Protection Regulation. Data Protection Regulation (GDPR) (EU) 2016/679. This policy applies to all users of Amizhthu.com, regardless of their location.
Data Controller
Amizhthu.com acts as the data controller for the personal data we process. Our contact details are
provided at the end of this policy.
Principles Relating to Processing of Personal Data
We adhere to the principles relating to the processing of personal data as required by the GDPR:
Lawfulness, fairness, and transparency: Data is processed lawfully, fairly, and in a transparent manner.
Purpose limitation: Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
Data minimisation: Data collected is adequate, relevant, and limited to what is necessary in
relation to the purposes for which they are processed.
Accuracy: Data is accurate and, where necessary, kept up to date.
Storage limitation: Data is kept in a form that permits the identification of data subjects for no
longer than is necessary for the purposes for which the personal data are processed.
Integrity and confidentiality: Data is processed in a manner that ensures appropriate security
of the personal data, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organisational measures.
Accountability: The controller is responsible for, and can demonstrate compliance with the
principles.
Types of Data Collected
We may collect the following types of personal data:
Personal Information: Name, email address, postal address, phone number.
Account Information: Username, password, purchase history, preferences.
Technical Information: IP address, browser type, operating system, device information.
Usage Data: Information about how you use our website, including pages visited, products
viewed, and time spent on the site.
Payment Information: Credit card details, billing address (processed securely by our payment
processors).
Legal Basis for Processing
We process your data on the following legal bases:
Consent: When you provide us with your explicit consent to process your data for a specific
purpose (e.g., marketing communications).
Contractual Necessity: When processing is necessary for the performance of a contract with you (e.g., processing payment information to fulfill an order).
Legal Obligation: When processing is necessary for compliance with a legal obligation (e.g.
responding to a court order.
Legitimate Interests: When processing is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not overridden by your rights and freedoms (e.g., improving our website functionality).
Data Subject Rights
Under the GDPR, you have the following rights regarding your data:
Right to Access: You have the right to request access to your data that we hold.
Right to Rectification: You have the right to request that we correct any inaccurate or
incomplete personal data.
Right to Erasure (Right to be Forgotten): You have the right to request that we delete your
data under certain circumstances.
Right to Restriction of Processing: You have the right to request that we restrict the
processing of your data under certain circumstances.
Right to Data Portability: You have the right to receive your data in a structured, commonly
used, and machine-readable format and have the right to transmit that data to another controller.
Right to Object: You have the right to object to the processing of your data under certain
circumstances, including for direct marketing purposes.
Right to Withdraw Consent: If we are processing your data based on your consent, you have
The right to withdraw your consent at any time.
Right to Lodge a Complaint: You have the right to complain to a supervisory authority if you
believe that we have infringed your rights under the GDPR.
Data Security
We implement appropriate technical and organizational measures to ensure the security of your data,
including:
Encryption: Using encryption to protect sensitive data during transmission and storage.
Access Controls: Limiting access to personal data to authorized personnel only.
Regular Security Assessments: Conducting regular security assessments and vulnerability
scans.
Data Breach Response Plan: Having a plan in place to respond to data breaches promptly and
effectively.
Employee Training: Training our employees on data protection best practices.
Data Retention
We retain your data for as long as necessary to fulfill the purposes for which it was collected,
including satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and
sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your
data, the purposes for which we process your data, and whether we can achieve those purposes
through other means, and the applicable legal requirements.
International Data Transfers
If we transfer your data outside the European Economic Area (EEA), we will ensure that appropriate
safeguards are in place to protect your data, such as:
Standard Contractual Clauses: Using standard contractual clauses approved by the European
Commission.
Adequacy Decisions: Transferring data to countries that have been deemed to provide an
adequate level of protection by the European Commission.
Binding Corporate Rules: Implementing binding corporate rules for transfers within our group of
companies.
Use of Cookies and Similar Technologies
We use cookies and similar technologies to collect information about your browsing behavior on our
website. You can manage your cookie preferences through your browser settings. For more
information, please see our Cookie Policy.
Changes to this GDPR Policy
We may update this GDPR Policy from time to time to reflect changes in our data processing
practices or legal requirements. We will post any changes on our website and, where appropriate,
notify you by email.
Contact Information
If you have any questions or concerns about this GDPR Policy or our data processing practices,
Please contact us at: Email: info@Amizhthu.com
Please include sufficient detail about the nature of your inquiry so that we can respond appropriately.
Next Steps
If you have any questions about our GDPR compliance, please don’t hesitate to contact us. We are
committed to ensuring your data is protected and that you are informed about your rights