Privacy Policy

Last updated: 16 July 2026

1. Who we are

This website ({DOMAIN}) is operated by {ENTITY}, a registered sole proprietorship (fizychna osoba–pidpryiemets, FOP) in Ukraine, trading as {BRAND} ("we", "us"). We provide Amazon advertising optimization and account management services to business clients. For the purposes of the EU General Data Protection Regulation (GDPR) and the UK GDPR, {ENTITY} is the data controller for personal data described in this policy, except where we process data on a client's documented instructions, in which case we act as a processor.

Contact: {EMAIL}

2. Personal data we collect

3. Purposes and legal bases

4. Amazon Information

Data obtained through Amazon's services ("Amazon Information") is processed strictly in accordance with Amazon's Acceptable Use Policy and Data Protection Policy. We use it only to provide the services the client has engaged us for; we do not sell it, share it with third parties, or use it to build independent datasets. Amazon Information is retained no longer than needed to deliver the service and is securely deleted afterwards or upon the client's request.

5. Sharing and processors

We do not sell personal data. We share data only with service providers necessary to operate — such as website hosting, email and accounting providers — under contracts that restrict their use of the data, or where disclosure is required by law.

6. International transfers

Where personal data is transferred outside the EEA or the UK, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or an adequacy decision.

7. Retention

Contact enquiries are kept for up to 24 months. Contract and billing records are kept for the period required by applicable tax and accounting law. Client account data is retained only for the duration of the engagement plus a short wind-down period, unless the client instructs otherwise.

8. Your rights

Subject to applicable law, you have the right to access, rectify or erase your personal data, to restrict or object to its processing, and to data portability. You may also lodge a complaint with a supervisory authority in your EU member state or with the UK Information Commissioner's Office. To exercise any right, email {EMAIL}.

9. Security

We apply technical and organizational measures appropriate to the risk, including access through Amazon's official authorization mechanisms only, two-factor authentication on our systems, and a documented Incident Response Plan. Personal data breaches are notified to affected clients and, where required, to supervisory authorities within the timeframes set by the GDPR.

10. Changes

We may update this policy from time to time. The date above reflects the latest revision; material changes will be announced on this page.