01 Overview
AMZ Global Experts (“we,” “us,” or “our”) is committed to protecting your privacy and handling your personal data with transparency and respect. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and what rights you have regarding your data.
This Policy applies to all personal data collected through our website at https://www.amzglobalexperts.com, through our consulting engagements, via email, through contact forms, booking tools, and any other interaction with AMZ Global Experts.
Quick summary: We collect minimal personal data. We do not sell your data to third parties. We use your data only to deliver services, communicate with you, and improve our website. You have the right to access, correct, or delete your data at any time.
02 Who We Are
AMZ Global Experts is the data controller responsible for your personal data. We are an ecommerce growth consulting firm providing Amazon strategy, AI-powered growth systems, and omnichannel commerce services to businesses globally.
Data Controller: AMZ Global Experts
Email: [email protected]
Website: https://www.amzglobalexperts.com
03 Data We Collect
We collect the following categories of personal and business data:
A. Identity & Contact Data
- First and last name
- Email address
- Business name and role/title
- Phone number (when provided voluntarily)
B. Business & Engagement Data
- Amazon storefront or seller account details (URL, ASIN information)
- Shopify or DTC store information
- Advertising account data and performance metrics (shared during engagements)
- Revenue figures, budget information, and business goals (shared voluntarily)
- Communications and correspondence via email or messaging platforms
C. Technical & Usage Data
- IP address and approximate geographic location
- Browser type and version, operating system
- Pages visited, time spent on pages, referral sources
- Device type and screen resolution
- Clickstream and interaction data
D. Marketing & Communication Data
- Email newsletter subscription status and preferences
- Communication preferences
- Records of consents given
E. Financial Data
- Invoice and payment records (processed via our payment processor; we do not store full payment card details)
- Billing address and company tax information (where required)
04 How We Collect Data
We collect personal data through the following methods:
| Source | Examples |
|---|---|
| Direct submission | Contact forms, audit request forms, booking forms, email correspondence, consultation calls |
| Automated collection | Cookies, web analytics tools, server logs when you visit our website |
| Third-party tools | Calendly or equivalent booking systems; email marketing platforms; payment processors |
| Client onboarding | Account access credentials (Seller Central, Shopify, ad accounts) shared during service delivery |
| Publicly available sources | Publicly visible Amazon listings, Shopify storefronts, LinkedIn profiles, business directories |
05 How We Use Your Data
We use your personal data for the following purposes:
- Service delivery: To provide consulting, strategy, and managed services as agreed in our engagement
- Client communications: To respond to inquiries, send proposals, deliver reports, and manage the client relationship
- Invoicing and payments: To issue invoices, process payments, and maintain financial records
- Newsletter and marketing communications: To send educational content, research reports, and growth insights (only where you have opted in)
- Website analytics: To understand how visitors use our website and improve its content and performance
- Legal compliance: To comply with applicable legal obligations, respond to legal requests, and enforce our Terms
- Security: To protect the integrity of our website and detect and prevent fraud or abuse
We will never use your personal data for automated decision-making that produces legal or similarly significant effects without your explicit consent.
06 Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, we process your personal data under the following legal bases as defined by the General Data Protection Regulation (GDPR):
| Purpose | Legal Basis |
|---|---|
| Delivering contracted services | Contract performance (Art. 6(1)(b)) |
| Sending invoices and processing payments | Contract performance (Art. 6(1)(b)) and Legal obligation (Art. 6(1)(c)) |
| Responding to inquiries and audit requests | Legitimate interests (Art. 6(1)(f)) |
| Sending marketing newsletters and research content | Consent (Art. 6(1)(a)) |
| Website analytics and performance optimization | Legitimate interests (Art. 6(1)(f)) |
| Compliance with legal obligations | Legal obligation (Art. 6(1)(c)) |
Where we rely on legitimate interests, we have assessed that our interests are not overridden by your privacy rights and freedoms. You may request details of this assessment by contacting us.
09 Third-Party Services & Processors
We use the following categories of third-party services that may process your personal data on our behalf as data processors. Each is governed by its own privacy policy and data processing agreements where required under applicable law.
| Category | Examples | Data Processed |
|---|---|---|
| Web analytics | Google Analytics | IP address, usage data, device data |
| Email marketing | Klaviyo, Mailchimp (or equivalent) | Name, email address, subscription preferences |
| Appointment booking | Calendly (or equivalent) | Name, email, scheduling data |
| Form collection | Formsubmit.co | Form submission data (name, email, message) |
| Hosting & CDN | Cloudflare Pages | IP address, request logs |
| Payment processing | Stripe, PayPal (or equivalent) | Payment card data, billing address (processed by provider, not stored by us) |
| Advertising platforms | Meta, Google Ads, TikTok (where retargeting is enabled) | Cookie/pixel data, device identifiers |
We select third-party processors that provide adequate data protection guarantees and, where required by GDPR, enter into data processing agreements with them.
10 International Data Transfers
AMZ Global Experts operates in Canada and serves clients globally. Your personal data may be transferred to and processed in countries outside your country of residence, including the United States, Canada, and countries in the European Economic Area.
Where we transfer personal data from the EEA or UK to countries not deemed to provide an adequate level of protection, we implement appropriate safeguards, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- UK International Data Transfer Agreements (IDTAs) where applicable
- Adequacy decisions where the receiving country is recognized as providing adequate protection
You may request a copy of the safeguards we have in place by contacting us at [email protected].
11 Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, unless a longer retention period is required or permitted by law.
| Data Type | Retention Period | Basis |
|---|---|---|
| Active client data (contacts, correspondence) | Duration of engagement + 3 years | Contract performance, legitimate interests |
| Financial records (invoices, payment history) | 7 years | Legal obligation (tax and accounting) |
| Marketing email subscribers | Until unsubscribe + 12 months | Consent |
| Audit request / contact form submissions | 24 months | Legitimate interests (follow-up) |
| Website analytics data | 26 months (or per tool settings) | Legitimate interests |
| Job applications or partnership inquiries | 12 months | Legitimate interests |
When retention periods expire, data is securely deleted or anonymized. Anonymized data (which cannot identify you) may be retained indefinitely for analytical purposes.
12 Your Rights
Depending on your location and applicable law, you have the following rights regarding your personal data:
Request a copy of all personal data we hold about you.
Request correction of inaccurate or incomplete data.
Request deletion of your data (“right to be forgotten”) where no legal basis remains for retention.
Request that we limit how we process your data in certain circumstances.
Request your data in a structured, machine-readable format for transfer to another controller.
Object to processing based on legitimate interests or for direct marketing purposes.
Withdraw consent at any time where processing is consent-based (e.g., marketing emails).
Lodge a complaint with your applicable data protection authority.
How to Exercise Your Rights
Submit your request by email to [email protected] with the subject line “Privacy Rights Request.” We will verify your identity before processing the request and respond within thirty (30) days (or within the timeframe required by applicable law). We will not charge a fee for routine requests; however, we may charge a reasonable fee or decline requests that are manifestly unfounded or excessive.
Supervisory Authorities
If you are located in the EEA or UK and believe we have not addressed your concerns, you have the right to lodge a complaint with your local supervisory authority. In Canada, privacy complaints may be directed to the Office of the Privacy Commissioner of Canada (OPC) at www.priv.gc.ca.
13 California Residents — CCPA / CPRA
If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA):
- Right to Know: The categories and specific pieces of personal information we have collected about you, the sources, the purposes, and the categories of third parties with whom we share it
- Right to Delete: Request deletion of your personal information, subject to certain exceptions
- Right to Correct: Request correction of inaccurate personal information
- Right to Opt Out of Sale or Sharing: We do not sell personal information. We do not share personal information for cross-context behavioral advertising
- Right to Limit Use of Sensitive Personal Information: We collect minimal sensitive personal information and use it only to provide services
- Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
California shine the light: California Civil Code Section 1798.83 permits California residents to request information about our disclosure of personal information to third parties for their direct marketing purposes. We do not disclose personal information for third-party direct marketing purposes.
To exercise your California rights, contact us at [email protected] with the subject line “CCPA Rights Request.”
14 Children's Privacy
Our Services are directed exclusively to businesses and business professionals. We do not knowingly collect personal information from individuals under the age of 18. Our Site is not intended for children, and we do not target children with our marketing.
If you believe that we have inadvertently collected information from a person under 18, please contact us immediately at [email protected] and we will take appropriate steps to delete such information.
15 Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
- TLS/SSL encryption for all data transmitted to and from our website
- Access controls and authentication requirements for systems containing personal data
- Regular security assessments of our website and infrastructure
- Data minimization — we only collect what is necessary
- Confidentiality agreements with contractors and service providers who access personal data
No absolute guarantee: While we take reasonable steps to protect your information, no method of internet transmission or electronic storage is 100% secure. We cannot guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the applicable supervisory authority as required by applicable law.
16 Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the “Last updated” date at the top of this page.
For significant changes, we will provide more prominent notice — for example, by sending an email to subscribers or displaying a notice on our website. Your continued use of the Site or Services after the effective date of a revised Policy constitutes your acknowledgment of the changes.
We encourage you to review this Policy periodically to stay informed about how we protect your information.
17 Contact & Data Protection Inquiries
For any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
AMZ Global Experts
Privacy inquiries: [email protected]
Subject line: “Privacy Inquiry” or “Privacy Rights Request”
Response time: Within 30 days of receipt
We take all privacy inquiries seriously. If you are not satisfied with our response, you have the right to escalate your concern to the applicable data protection authority in your jurisdiction.