Last Updated: December 2025

This Privacy Policy explains how personal data is collected, used, stored, and protected when you interact with
www.fourdayclearance.com (the “Website”), operated by Mallouppas Group Ltd.

We are committed to safeguarding your privacy and processing personal data in a lawful, transparent, and secure manner,
in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Cyprus legislation.

1. Data Controller

Mallouppas Group Ltd.
Gianni Kranidioti 187, 2035 Latsia
Nicosia, Cyprus
Email: gdpr@mp-group.com

For the purposes of data protection legislation, Mallouppas Group Ltd. acts as the Data Controller.

2. Scope of This Policy

This Privacy Policy applies to personal data collected through:

• the Four Day Clearance website
• online purchases and customer accounts
• communications with Customer Support
• newsletter subscriptions and marketing interactions
• participation in promotions or competitions

3. Personal Data We Collect

Depending on your interaction with us, we may collect the following categories of personal data:

• First and last name
• Email address
• Mobile or telephone number
• Billing and delivery address (delivery only where applicable)
• Order and transaction details
• Customer service communications
• Marketing preferences
• Technical data (IP address, device type, browser, cookies – subject to consent)

We do not knowingly collect data from children under the age of 16.

4. Purposes & Legal Basis of Processing

We process personal data only where permitted by law and for specific purposes, including:

• Performance of a contract – processing orders, payments, deliveries, and customer support
• Legal obligation – accounting, invoicing, tax and regulatory compliance
• Legitimate interests – service improvement, fraud prevention, customer relationship management
• Consent – marketing communications, newsletters, and optional promotions

Where processing is based on consent, you may withdraw your consent at any time.

5. Marketing Communications

If you opt in to receive marketing communications, we may contact you by email, SMS, or other electronic means to inform you
about products, offers, or events.

You may opt out at any time:

• by clicking the unsubscribe link in marketing emails
• by following opt-out instructions in SMS messages
• by contacting us directly

Opting out of marketing does not affect transactional or service-related communications.

6. Payments

Online payments are processed securely via JCC Secure Payments.

We do not store or have access to full credit or debit card details.
Payment information is handled directly by the payment provider in accordance with their own security and privacy standards.

7. Data Sharing & Third Parties

We may share personal data with trusted third parties only where necessary, including:

• payment service providers
• logistics and delivery partners
• IT, hosting, and security service providers
• marketing and analytics platforms (subject to consent)

All third parties process data under contractual obligations and in compliance with GDPR.

We do not sell personal data to third parties.

8. International Data Transfers

Personal data is primarily processed within the European Union.

Where data is transferred outside the EU/EEA, appropriate safeguards are applied in accordance with GDPR,
including contractual protections and adequacy mechanisms.

9. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including:

• order and invoice data – as required by tax and accounting law
• customer accounts – while active
• marketing data – until consent is withdrawn

In general, customer data may be retained for up to 6 years after the end of the business relationship,
unless a longer retention period is required by law.

10. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

• secure servers and encrypted connections
• restricted access to authorised personnel
• regular system monitoring and updates

While no online system can be guaranteed to be 100% secure, we continuously improve our safeguards in line with industry standards.

11. Your Rights

Under GDPR, you have the right to:

• access your personal data
• request correction of inaccurate data
• request erasure of data (where applicable)
• restrict or object to processing
• withdraw consent at any time
• request data portability

To exercise any of these rights, please contact us using the details below.

12. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with:

Office of the Commissioner for Personal Data Protection (Cyprus)
www.dataprotection.gov.cy

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes.

Any updates will be published on this page with a revised “Last Updated” date.

14. Contact

For any questions regarding this Privacy Policy or the processing of your personal data, please contact:

Email: gdpr@mp-group.com