Privacy & Cookie Policy

Last updated: 30 March 2026

Art. 1. Identity and contact details of the Controller

For the purposes of Article 4 point 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, hereinafter referred to as the General Data Protection Regulation, the controller of your personal data is:

Name: AMI BY AMALIA S.R.L.

Registered office: municipality of Petrosani, Aviatorilor Street, block 13, entrance 3, 2nd floor, apartment 64, Hunedoara County

Trade Register No.: J2017000164207

VAT No.: RO37073958

Email: info@amiamalia.com

Telephone: +40 770 235 099

Website: https://amiamalia.com

This policy applies to personal data processing carried out both through the amiamalia.com website and within the activity conducted at the AMI BY AMALIA S.R.L. working point located at: 2 Thomas Masaryk Street, Bucharest, Romania, hereinafter referred to as the “physical store”. The collection of data in the physical store is carried out for the same purposes and on the basis of the same legal grounds described in this policy, as applicable depending on the nature of the interaction.

AMI BY AMALIA S.R.L. does not fall within any of the situations provided under Article 37(1)(a), (b) or (c) of the General Data Protection Regulation that require the mandatory appointment of a data protection officer. Any request concerning personal data protection may be sent to info@amiamalia.com, with “GDPR” mentioned in the subject line.

Art. 2. Definitions

For the purposes of this policy, the following terms have the meaning provided in Article 4 of the General Data Protection Regulation:

“personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to that person’s physical, physiological, genetic, mental, economic, cultural or social identity; [Article 4 point 1]

“processing” means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; [Article 4 point 2]

“controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; [Article 4 point 7]

“processor” means the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller; [Article 4 point 8]

“recipient” means the natural or legal person, public authority, agency or another body to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall comply with the applicable data protection rules according to the purposes of the processing; [Article 4 point 9]

“consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which the data subject, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her; [Article 4 point 11]

“supervisory authority” means an independent public authority established by a Member State pursuant to Article 51. [Article 4 point 21] In Romania, the supervisory authority is the National Supervisory Authority for Personal Data Processing (ANSPDCP), headquartered at 28-30 General Gheorghe Magheru Boulevard, Sector 1, Bucharest, email: anspdcp@dataprotection.ro, tel. 031 805 9211.

Art. 3. Principles relating to the processing of personal data

According to Article 5(1) of the General Data Protection Regulation, personal data shall be:

a) processed lawfully, fairly and in a transparent manner in relation to the data subject (“lawfulness, fairness and transparency”);

b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes shall not be considered incompatible with the initial purposes, in accordance with Article 89(1) (“purpose limitation”);

c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimisation”);

d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (“accuracy”);

e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data are processed; personal data may be stored for longer periods insofar as the data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, in accordance with Article 89(1), subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (“storage limitation”);

f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, by using appropriate technical or organisational measures (“integrity and confidentiality”).

According to Article 5(2) of the General Data Protection Regulation, the controller is responsible for compliance with paragraph (1) and must be able to demonstrate such compliance (“accountability”).

Art. 4. Data collected, purposes of processing, legal bases and retention periods

AMI BY AMALIA S.R.L. processes personal data for the purposes, on the legal bases and for the periods described below, regardless of whether the interaction takes place online, through the amiamalia.com website, or directly in the physical store.

4.1 Order processing, invoicing, delivery, returns

Data collected: surname, first name, delivery/billing address, email, telephone number, transaction data (encrypted token). In the case of purchases made in the physical store: surname, first name, billing address, email, telephone number, and data necessary for issuing the fiscal document.

Legal basis: Article 6(1)(b) of the General Data Protection Regulation – processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

Retention period: 3 years from performance of the contract, pursuant to Article 2,517 of Law No. 287/2009 (Civil Code).

4.2 Accounting and tax legal obligations

Data collected: data from supporting and accounting documents (invoices, receipts, fiscal receipts).

Legal basis: Article 6(1)(c) of the General Data Protection Regulation – processing is necessary for compliance with a legal obligation to which the controller is subject.

Retention period: 5 years calculated from 1 July of the year following the end of the financial year, pursuant to Article 25 of Law No. 82/1991. Financial statements are kept for 10 years, pursuant to Article 35(3) of Law No. 82/1991.

4.3 Newsletter and marketing communications

Data collected: name, email address.

Legal basis: Article 6(1)(a) of the General Data Protection Regulation – the data subject has given consent to the processing of his or her personal data for one or more specific purposes. Consent is obtained through the double opt-in procedure.

Retention period: for the duration of the consent. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal, according to Article 7(3) of the General Data Protection Regulation.

Notes: newsletters may contain tracking pixels. Unsubscribing includes withdrawal of consent for tracking. Operational communications (order confirmation, delivery status) are sent under Article 6(1)(b), not on the basis of consent.

The Controller may use browsing and purchase data of registered users or newsletter subscribers to create preference profiles, for the purpose of personalising commercial communications and displaying relevant advertisements on third-party platforms (retargeting). This processing is based on consent expressed through acceptance of marketing cookies [Article 6(1)(a) GDPR]. The data subject may object at any time by withdrawing consent for marketing cookies.

4.4 Security, fraud prevention, technical logs

Data collected: IP address, session data, technical logs, user agent.

Legal basis: Article 6(1)(f) of the General Data Protection Regulation – processing is necessary for the purposes of the legitimate interests pursued by the controller, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

Retention period: maximum 12 months.

Notes: the data subject may object to processing based on legitimate interest under Article 21 of the General Data Protection Regulation.

4.5 Custom orders (BESPOKE)

Data collected: measurements and customisation preferences provided by the client, regardless of whether they are transmitted online or collected directly in the physical store.

Legal basis: Article 6(1)(b) of the General Data Protection Regulation – processing is necessary for the performance of a contract to which the data subject is party.

Retention period: 3 years from performance of the contract, pursuant to Article 2,517 of Law No. 287/2009 (Civil Code).

Notes: see the amiamalia.com Terms and Conditions of Use and Sale, the “Return Policy” section, regarding the regime applicable to customised products.

4.6 Refunds

Data collected: bank account details (IBAN) – exclusively for refunding amounts.

Legal basis: Article 6(1)(b) of the General Data Protection Regulation – processing is necessary for the performance of a contract to which the data subject is party.

Retention period: the data are deleted immediately after confirmation of the refund.

Notes: collected exclusively upon a return request, under the conditions provided in the amiamalia.com Terms and Conditions of Use and Sale, the “Right of Withdrawal” section.

The Controller does not process special categories of data within the meaning of Article 9(1) of the General Data Protection Regulation and does not carry out solely automated decision-making processes that produce legal effects, within the meaning of Article 22 of the General Data Protection Regulation.

AMI BY AMALIA S.R.L. does not intentionally process personal data of persons under the age of 16. If the Controller becomes aware that it has collected data from a minor without the consent of the parent or legal representative, it will proceed to delete such data immediately.

4.7 Exercising the right of withdrawal and rights concerning product conformity

Data collected: name, address, email, order number, returned product, date of receipt, photographs and description of the defect, where applicable.

Legal basis: Article 6(1)(c) of the General Data Protection Regulation – processing is necessary for compliance with a legal obligation to which the controller is subject, namely the obligations established by Government Emergency Ordinance No. 34/2014 on consumer rights in contracts concluded with professionals and by Government Emergency Ordinance No. 140/2021 on certain aspects concerning contracts for the sale of goods.

Retention period: 3 years from performance of the contract, pursuant to Article 2,517 of Law No. 287/2009 (Civil Code).

4.8 Online credit

Data collected: name, email address, credit value, related transaction history.

Legal basis: Article 6(1)(b) of the General Data Protection Regulation – processing is necessary for the performance of a contract to which the data subject is party.

Retention period: for the validity period of the credit and 3 years after its expiry or use, pursuant to Article 2,517 of Law No. 287/2009 (Civil Code).

4.9 Customer relations and after-sales support

Data collected: name, email address, telephone number, content of communications sent by email or messaging applications (WhatsApp).

Legal basis: Article 6(1)(b) of the General Data Protection Regulation – processing is necessary for the performance of the contract or in order to take steps at the request of the data subject; and Article 6(1)(f) – the legitimate interest of the controller in managing customer relations and resolving complaints.

Retention period: for the period necessary to resolve the request and for 3 years thereafter, pursuant to Article 2,517 of Law No. 287/2009 (Civil Code).

Art. 5. Recipients and processors

According to Article 13(1)(e) of the General Data Protection Regulation, the controller provides the data subject with information regarding the recipients or categories of recipients of the personal data. AMI BY AMALIA S.R.L. transmits personal data exclusively to the categories of recipients listed below, under data processing agreements or legal obligations. The Controller does not sell or transfer personal data for commercial purposes.

Courier and delivery services: courier providers used by the Controller (communicated upon shipment). Purpose of transmission: delivery of parcels to the address indicated by the client, in performance of the contract concluded by placing the order on amiamalia.com, pursuant to Article 6(1)(b) of the General Data Protection Regulation. Data transmitted: recipient name, delivery address, telephone number.

Online payment processors: Stripe, PlatiOnline, PayPal, Revolut and/or other methods displayed at checkout, as provided in the amiamalia.com Terms and Conditions of Use and Sale, the “Prices and payments” section. Purpose of transmission: processing and authorisation of payment transactions. Card data are managed exclusively by the payment processor and are not stored by the Controller. Legal basis: Article 6(1)(b) of the General Data Protection Regulation.

Email marketing / newsletter platform: the email marketing platform used by the Controller. Purpose of transmission: sending newsletters to subscribers, based on consent obtained through the double opt-in procedure, pursuant to Article 6(1)(a) of the General Data Protection Regulation.

Hosting / IT infrastructure provider: the WordPress/WooCommerce hosting provider used by the Controller. Purpose of transmission: hosting the Controller’s website and databases, pursuant to Article 6(1)(b) and (f) of the General Data Protection Regulation.

Public authorities (ANAF, courts of law, criminal investigation bodies): competent Romanian and European Union authorities. Purpose of transmission: transmission is carried out exclusively pursuant to Article 6(1)(c) of the General Data Protection Regulation – processing is necessary for compliance with a legal obligation to which the Controller is subject – or pursuant to a court order.

According to Article 13(1)(f) of the General Data Protection Regulation, the data subject has the right to be informed of the appropriate safeguards under which the transfer is made and of the means to obtain a copy thereof where recipients are established outside the European Union or the European Economic Area. Transfers to such destinations are carried out in compliance with Articles 44-49 of the General Data Protection Regulation. A copy of the applicable safeguards may be requested at info@amiamalia.com.

Among the recipients mentioned above, Stripe, Inc. (USA) and PayPal Holdings, Inc. (USA) are established outside the European Union and the European Economic Area. The transfer of personal data to these recipients is carried out pursuant to Article 46(2)(c) of the General Data Protection Regulation, on the basis of the standard contractual clauses adopted by the European Commission. A copy of the applicable safeguards may be requested at info@amiamalia.com.

Where the client provides personal data of a third party (for example, the delivery address of a recipient), the client confirms that he or she has informed the third party about the purposes and methods of processing of that third party’s data, in accordance with Article 14 of the General Data Protection Regulation.

Users’ interactions with AMI BY AMALIA S.R.L.’s social media accounts (including Instagram) are subject to the privacy policies of the respective platforms. The Controller processes the data contained in direct messages and comments addressed to these accounts exclusively for the purpose of responding to the request, pursuant to Article 6(1)(f) of the General Data Protection Regulation.

Art. 6. Rights of the data subject

In accordance with Chapter III of the General Data Protection Regulation, the data subject benefits from the following rights:

Right of access (Article 15): the data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed and, where that is the case, access to the personal data and to information regarding: the purposes of the processing; the categories of data; the recipients; the envisaged storage period; the existence of the right to rectification, erasure or restriction; and the right to lodge a complaint.

Right to rectification (Article 16): the data subject has the right to obtain from the controller, without undue delay, the rectification of inaccurate personal data concerning him or her. Taking into account the purposes for which the data were processed, the data subject has the right to have incomplete personal data completed.

Right to erasure – right to be forgotten (Article 17): the data subject has the right to obtain the erasure of personal data concerning him or her without undue delay where: the data are no longer necessary for the purpose; consent is withdrawn and there is no other legal basis; the data subject objects to processing and there are no overriding legitimate grounds; or the data have been unlawfully processed. This right does not apply to the extent that processing is necessary for compliance with a legal obligation or for the establishment, exercise or defence of legal claims.

Right to restriction of processing (Article 18): the data subject has the right to obtain restriction of processing where: the data subject contests the accuracy of the data, for a period enabling the controller to verify the accuracy of the data; the processing is unlawful and the data subject opposes erasure and requests restriction instead; the controller no longer needs the personal data for the purposes of processing, but the data subject requires them for the establishment, exercise or defence of legal claims; or the data subject has objected to processing.

Right to data portability (Article 20): the data subject has the right to receive the personal data concerning him or her that he or she has provided to the controller in a structured, commonly used and machine-readable format and has the right to transmit those data to another controller without hindrance from the controller to which the personal data were provided, where the processing is based on consent or on a contract and the processing is carried out by automated means.

Right to object (Article 21): the data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her carried out pursuant to Article 6(1)(e) or (f), including profiling based on those provisions. The Controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or where the purpose is the establishment, exercise or defence of legal claims. Where personal data are processed for direct marketing purposes, the data subject has the right to object at any time to such processing; following the objection, the personal data shall no longer be processed for this purpose.

Right to withdraw consent (Article 7(3)): the data subject has the right to withdraw his or her consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Before giving consent, the data subject is informed of this. It shall be as easy to withdraw consent as to give it.

Right to lodge a complaint with the supervisory authority (Article 77): without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement, if the data subject considers that the processing of personal data relating to him or her infringes this Regulation. In Romania, the supervisory authority is ANSPDCP, headquartered at 28-30 General Gheorghe Magheru Boulevard, Sector 1, Bucharest.

Procedure for exercising rights

According to Article 12(3) of the General Data Protection Regulation, the controller shall provide the data subject with information on action taken on a request under Articles 15-22 without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. The Controller shall inform the data subject of any such extension within one month of receipt of the request, together with the reasons for the delay.

According to Article 12(5) of the General Data Protection Regulation, information provided under Articles 13 and 14 and any communication and any actions taken under Articles 15-22 and 34 are provided free of charge. Where requests from a data subject are manifestly unfounded or excessive, in particular because of their repetitive character, the controller may either charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the requested action, or refuse to act on the request. In such cases, the controller bears the burden of demonstrating the manifestly unfounded or excessive character of the request.

Requests concerning the exercise of rights shall be sent to info@amiamalia.com, with “GDPR” mentioned in the subject line.

Art. 7. Newsletter and commercial communications

According to Article 12(1) of Law No. 506/2004 on the processing of personal data and the protection of privacy in the electronic communications sector, it is prohibited to make commercial communications by using automated calling and communication systems that do not require human operator intervention, by fax or by electronic mail or by any other method using publicly available electronic communications services, except where the subscriber or user concerned has given prior express consent to receive such communications.

Subscription to the AMI BY AMALIA S.R.L. newsletter is carried out on the basis of prior express consent, obtained through the double opt-in procedure. Consent is the legal basis for processing within the meaning of Article 6(1)(a) of the General Data Protection Regulation.

According to Article 7(3) of the General Data Protection Regulation, the data subject has the right to withdraw his or her consent at any time. Withdrawal may be made through the unsubscribe link included in each electronic message or by email at info@amiamalia.com. Withdrawal of the subscription is equivalent to withdrawal of consent for all processing based on that consent, including tracking contained in newsletter messages.

According to Article 12(2) of Law No. 506/2004, where a natural or legal person directly obtains a client’s electronic mail address in connection with the sale of a product or service to that client, in accordance with applicable legal provisions, that person may use the address for commercial communications concerning similar products or services, provided that clients are clearly and expressly given the opportunity to object, by a simple and free means, to such use, both when the electronic mail address is obtained and on the occasion of each message, if the client did not initially object.

Operational communications regarding order confirmation, delivery status, invoicing and account security are sent pursuant to Article 6(1)(b) of the General Data Protection Regulation, not on the basis of consent, and are sent regardless of the newsletter option, as provided in the amiamalia.com Terms and Conditions of Use and Sale, the “Intellectual property” section.

Art. 8. Security of personal data

According to Article 5(1)(f) of the General Data Protection Regulation, personal data are processed in a manner that ensures appropriate security of the data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, by using appropriate technical or organisational measures.

Online payments are processed exclusively through authorised payment processors, using secure encryption protocols. Full bank card details are not stored by the Controller, as provided in the amiamalia.com Terms and Conditions of Use and Sale, the “Prices and payments” section. Data transmission on the website is carried out through the HTTPS protocol.

Data transmissions over the internet may, in principle, present security vulnerabilities; therefore, absolute protection cannot be guaranteed outside the Controller’s own systems.

Art. 9. Cookie Policy

9.1 Legal basis

According to Article 4(5) of Law No. 506/2004 on the processing of personal data and the protection of privacy in the electronic communications sector, the storage of information or the obtaining of access to information stored in the terminal equipment of a subscriber or user is permitted only where the following conditions are cumulatively met:

a) the subscriber or user concerned has given consent;

b) the subscriber or user concerned has been provided, prior to giving consent, with clear and complete information which:

(i) is presented in easily understandable language and is easily accessible to the subscriber or user;

(ii) includes references to the purpose of processing the information stored by the subscriber or user or the information to which access is obtained.

According to Article 4(6) of Law No. 506/2004, the provisions of paragraph (5) do not affect the possibility to carry out the technical storage of, or access to, stored information in the following cases:

a) where these operations are carried out solely for the purpose of transmitting a communication over an electronic communications network;

b) where these operations are strictly necessary in order to provide an information society service expressly requested by the subscriber or user.

9.2 What cookies are

For the purposes of Article 4(5) of Law No. 506/2004, which transposes Article 5(3) of Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector, “information stored in terminal equipment” means any data, including identifiers, stored on the user’s device or accessed through it, referred to in this policy as “cookies”.

Session cookies: temporary cookies, automatically deleted when the browser is closed.

Persistent cookies: remain on the terminal equipment for a determined period or until manually deleted by the user.

First-party cookies: placed directly by amiamalia.com.

Third-party cookies: placed by external services (Google, Meta, etc.), subject to the respective privacy policies of those providers.

9.3 Consent for cookies

In accordance with Article 4(5) of Law No. 506/2004, on the first visit to amiamalia.com, the user is informed through a consent management mechanism (Consent Management Platform) about the categories of cookies used and is asked to express consent. Cookies that do not fall within the exceptions provided under Article 4(6) of Law No. 506/2004 are activated exclusively after consent has been given.

The user may accept all cookies, reject all cookies (except strictly necessary cookies, which fall within the exceptions provided under Article 4(6) of Law No. 506/2004), or manage preferences by category. Consent may be withdrawn or changed at any time through the cookie preference management tool accessible from the website page.

9.4 Categories of cookies

Strictly necessary: indispensable for the operation of the website: authentication, shopping cart, session, language and currency preferences. Legal basis: Article 4(6)(b) of Law No. 506/2004 – the operations are strictly necessary in order to provide an information society service expressly requested by the subscriber or user. They do not require the user’s prior consent.

Analytics: collect statistical data on how the website is used (pages visited, time spent, traffic source), in anonymised or pseudonymised form. Legal basis: Article 4(5) of Law No. 506/2004 in conjunction with Article 6(1)(a) of the General Data Protection Regulation (consent). Activated exclusively with the user’s prior consent.

Marketing / Advertising: allow the display of personalised advertisements on other platforms (retargeting) and the measurement of advertising campaign effectiveness. Legal basis: Article 4(5) of Law No. 506/2004 in conjunction with Article 6(1)(a) of the General Data Protection Regulation (consent). Activated exclusively with the user’s prior consent.

Optional functional cookies: improve the user experience by retaining certain optional preferences that are not strictly necessary for the operation of the website. Legal basis: Article 4(5) of Law No. 506/2004 in conjunction with Article 6(1)(a) of the General Data Protection Regulation (consent). Activated exclusively with the user’s prior consent.

9.5 Disabling cookies

The user may manage cookie preferences through the consent management tool available on the website. The browser may also be configured to reject or delete cookies. Disabling strictly necessary cookies may affect the operation of the website, in particular functionalities such as the shopping cart and authentication.

Art. 10. Amendment of this policy

AMI BY AMALIA S.R.L. may update this policy in order to reflect legislative or operational changes. The date of the last update is indicated in the header of the document and on the amiamalia.com website page. Significant changes will be communicated to users by email or through a visible notice on the website.

In the event of changes with a significant impact on the rights of data subjects, they will be informed in due time so that they may assess the changes and, where applicable, withdraw their consent or request erasure of the data.

Art. 11. Final provisions

This policy is supplemented by and governed by:

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), published in the Official Journal of the European Union, L series, No. 119 of 4 May 2016;

Law No. 190/2018 on measures for implementing Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);

Law No. 506/2004 on the processing of personal data and the protection of privacy in the electronic communications sector, version in force from 8 October 2024;

Accounting Law No. 82/1991, republished, version in force from 4 February 2025;

Law No. 287/2009 on the Civil Code, republished;

AMI BY AMALIA S.R.L. Terms and Conditions of Use and Sale, version in force on the date the order is placed;

Government Emergency Ordinance No. 34/2014 on consumer rights in contracts concluded with professionals, and amending and supplementing certain legislative acts;

Government Emergency Ordinance No. 140/2021 on certain aspects concerning contracts for the sale of goods.

This policy enters into force on the date indicated in the header and replaces any previous version published on amiamalia.com.

AMI BY AMALIA S.R.L.

Registered office: municipality of Petrosani, Aviatorilor Street, block 13, entrance 3, 2nd floor, apartment 64, Hunedoara County

Trade Register No.: J2017000164207

VAT No.: RO37073958

Email: info@amiamalia.com

Telephone: +40 770 235 099

info@amiamalia.com | +40 770 235 099 | amiamalia.com

Last updated: 30 March 2026