Privacy Policy

Last updated: 20 August 2025

This Privacy Policy explains how Eazy Walking (“we”, “us”) processes personal data when you visit our website, shop, or engage with our rental/contact forms.

Controller & Contact

Controller: Eazy Walking GP, Savva Pavlidi 1A, 85100 Rhodes, Greece
Email: privacy@eazywalking.com
Data Protection Officer (DPO): Ilias Arvanitis

What Data We Collect

Identity & contact: name, email, phone, billing/shipping address, company/VAT (for B2B).
Order & payment: items ordered, transaction totals, payment method (via secure processors), invoices. (We don’t store full card details.)
Support & rentals: messages, forms, service/RMA information, incident logs, training records (B2B).
Device & usage: IP address, browser, pages viewed, referral URLs, cookies/analytics events.
Marketing preferences: newsletter opt‑ins/opt‑outs.

Purposes & Legal Bases

We process your data for:

Order processing & delivery (contract Art. 6(1)(b)): to take payment, ship, and provide customer service.
Account, support & warranty (contract/legitimate interests): to assist you, manage returns, and warranty repairs.
Rentals & B2B leads (contract/legitimate interests): to prepare proposals, training, and operations.
Analytics & site security (legitimate interests Art. 6(1)(f)): to improve our site and prevent fraud/abuse.
Marketing communications (consent Art. 6(1)(a) or legitimate interests where permitted): newsletters and product updates. You can opt out anytime.
Legal compliance (legal obligation Art. 6(1)(c)): tax, accounting, consumer rights.

Sharing & Recipients

We share data with:

Payment processors (Nexi), e‑commerce platform (WooCommerce), fraud prevention tools.
Logistics & carriers for shipping and returns.
Manufacturer & service partner (Kenqing, China) for warranty/service coordination.
Professional advisors (accountants, lawyers), and authorities where required by law.

International Transfers

When coordinating warranty/service or drop‑shipping, we may transfer limited personal data to China. We use EU Standard Contractual Clauses (SCCs) and implement supplementary safeguards (need‑to‑know access, encryption in transit, minimisation). Copies of SCCs are available upon request (commercially sensitive parts redacted).

Retention

Orders, invoices, and tax records: 10 years (or as required by law).
Warranty/service files: up to 5 years after closure.
Support tickets/rentals/B2B leads: 3 years after last interaction.
Marketing data: until you withdraw consent or object.
Cookies/analytics: per the cookie table in our Cookie Notice.

Your Rights (EU/EEA)

You have the right to access, rectify, erase, restrict, object, and data portability, and to withdraw consent at any time (without affecting prior processing). You can also lodge a complaint with your local authority or the Hellenic Data Protection Authority (HDPA). Contact us at privacy@eazywalking.com to exercise your rights.

Cookies & Tracking

We use:

Strictly necessary cookies (site functions, cart, checkout).
Analytics cookies (to improve performance).
Marketing cookies (only with your consent).

You can manage preferences via our Cookie Banner and browser settings. See our Cookie Notice for details (cookie names, providers, lifetimes).

Security

We apply technical and organisational measures: TLS encryption, access controls, pseudonymisation where appropriate, backups, staff training, vendor due diligence, and incident response procedures.

Children

Our Services are not directed to minors under 18. Where local law sets a different age of consent for online services, we comply with that standard. We do not knowingly collect data from children; if you believe a minor has provided data, contact us to delete it.

Automated Decision‑Making

We do not conduct automated decision‑making that produces legal or similarly significant effects. Basic fraud checks and risk scoring may occur to protect you and us from abuse.