W-profit Ltd understands that your privacy is important to you and that you care about how your
personal data is used. We respect and value the privacy of everyone and will only collect and
use
personal data in ways that are described in this Policy, and in a way that is consistent with
our
obligations and your rights under the law.
Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of
this
Privacy Policy is deemed to occur upon your first use of our Site. If you do not accept and
agree
with this Privacy Policy, you must stop using our Site immediately.
1. Definitions and Interpretation
In this Policy the following terms shall have the following meanings:
-
“Cookie” means a small text file placed on your computer or device by our
Site
when you visit certain parts of our Site and/or when you use certain features of our Site.
Details of the Cookies used by our Site are set out in Part 13, below; and
- “Cookie means the relevant parts of the Privacy and Electronic
Communications
(EC Directive) Regulations 2003;
2. What Does This Policy Cover?
This Privacy Policy applies only to your use of our Site. Our Site may contain links to other
websites. Please note that we have no control over how your data is collected, stored, or used
by
other websites and we advise you to check the privacy policies of any such websites before
providing
any data to them.
3. What is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the
“GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly
identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified.
Personal data covers obvious information such as your name and contact details, but it also
covers
less obvious information such as identification numbers, electronic location data, and other
online
identifiers.
Anonymous information, which we are not in a position to relate to you, does not qualify as
personal
data.
4. What Are Your Rights?
Under the GDPR, you have the following rights, which we will always work to uphold:
- The right to be informed about our collection and use of your personal data. This Privacy
Policy
should tell you everything you need to know, but you can always contact us to find out more
or
to ask any questions using the details in Part 14.
- The right to access the personal data we hold about you. Part 12 will tell you how to do
this.
- The right to have your personal data rectified if any of your personal data held by us is
inaccurate or incomplete. Please contact us using the details in Part 14 to find out more.
- The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of
your personal data that we have. Please contact us using the details in Part 14 to find out
more.
- The right to restrict (i.e. prevent) the processing of your personal data.
- The right to object to us using your personal data for a particular purpose or purposes.
- The right to data portability. This means that, if you have provided personal data to us
directly, we are using it with your consent or for the performance of a contract, and that
data
is processed using automated means, you can ask us for a copy of that personal data to
re-use
with another service or business in many cases.
- Rights relating to automated decision-making and profiling. We do not use your personal data
in
this way.
For more information about our use of your personal data or exercising your rights as outlined
above,
please contact us using the details provided in Part 14.
Further information about your rights can also be obtained from the Data Protection Commissioner
(http://www.dataprotection.gov.cy/dataprotection/dataprotection.nsf/home_en/home_en?opendocument).
If you have any cause for complaint about our use of your personal data, you have the right to
lodge
a complaint with the Data Protection Commissioner at the Site provided above.
5. What Data Do We Collect?
Depending upon your use of our Site, we may collect some or all of the following personal and
non-personal data (please also see Part 13 on our use of Cookies and similar technologies):
- IP address;
- Web browser type and version;
- Operating system; and
- A list of URLs starting with a referring site, your activity on our Site, and the site you
exit
to.
6. How Do We Use Your Personal Data?
Under the GDPR, we must always have a lawful basis for using personal data. This may be because
the
data is necessary for our performance of a contract with you, because you have consented to our
use
of your personal data, or because it is in our legitimate business interests to use it. Your
personal data will be used for one of the following purposes:
- Providing and managing your access to our Site;
- Personalising and tailoring your experience on our Site;
- Supplying our products and services to you.
- Personalising and tailoring our products and services for you.
- Supplying you with information by email and/or post that you have opted-in to
With your permission and/or where permitted by law, we may also use your personal data for
marketing
purposes, which may include contacting you by email and/or post with information, news, and
offers
on our products and/or services. You will not be sent any unlawful marketing or spam. We will
always
work to fully protect your rights and comply with our obligations under the GDPR and the Privacy
and
Electronic Communications (EC Directive) Regulations 2003, and you will always have the
opportunity
to opt-out.
7. How Long Will We Keep Your Personal Data?
We will not keep your personal data for any longer than is necessary in light of the reason(s)
for
which it was first collected. Your personal data will therefore be kept for the as long as the
company has a legitimate or lawful basis for keeping such records.
8. How and Where Do We Store or Transfer Your Personal Data?
We may store some or all of your personal data in countries that are not part of the European
Economic Area (the “EEA” consists of all EU member states, plus Norway, Iceland, and
Liechtenstein).
These are known as “third countries” and may not have data protection laws that are as strong as
those in Cyprus and/or the EEA. This means that we will take additional steps in order to ensure
that your personal data is treated just as safely and securely as it would be within Cyprus and
under the GDPR as follows.
We store your data with external third parties, as detailed below in Part 9 that are based
outside of
the EEA. The following safeguards are applied:
We use specific contracts with external third parties that are concluded in accordance with
regulations adopted by the European Commission for the transfer of personal data to third
countries.
Contracts like this ensure the same levels of personal data protection that would apply under
the
GDPR. More information is available from the European Commission site (https://ec.europa.eu/info/law/law-topic/data-protection_en).
Please contact us using the details below in Part 14 for further information about the particular
data protection mechanism used by us when transferring your personal data to a third country.
9. Do We Share Your Personal Data?
We will not share any of your personal data with any third parties for any purposes, except the
cases
directly indicated in this Policy.
We may sometimes contract with third parties for data processing purposes.
If any of your personal data is transferred to a third party, as described above, we will take
steps
to ensure that your personal data is handled safely, securely, and in accordance with your
rights,
our obligations, and the third party’s obligations under the law, as described above in Part 8.
If any personal data is transferred outside of the EEA, we will take suitable steps in order to
ensure that your personal data is treated just as safely and securely as it would be within
Cyprus
and under the GDPR, as explained above in Part 8.
In some limited circumstances, we may be legally required to share certain personal data, which
might
include yours, if we are involved in legal proceedings or complying with legal obligations, a
court
order, or the instructions of a government authority.
10. How Can You Control Your Personal Data?
In addition to your rights under the GDPR, set out in Part 4, when you submit personal data via
our
Site, you may be given options to restrict our use of your personal data. In particular, we aim
to
give strong controls on our use of personal data of our website users for direct marketing
purposes
(including the ability to opt-out of receiving emails from us which users may do by
unsubscribing
using the links provided in our emails and/or at the point of providing user details and by
managing
user Account).
11. Can You Withhold Information?
Users of our website may access certain areas of our Site without providing any personal data at
all.
However, to use all features and functions available on our Site users may be required to submit
or
allow for the collection of certain data.
sers may restrict our use of Cookies. For more information, see Part 13.
12. How Can You Access Your Personal Data?
In addition to your opt-out right, you may exercise the following rights at any time:
- You may ask us to provide you with copies of the personal information that we hold about
you, or
with information about the processing of such information.
- You may ask us to update and correct any out-of-date or incorrect personal information that
we
hold about you.
f you want to know what personal data we have about you, you can ask us for details of that
personal
data and for a copy of it (where any such personal data is held). This is known as a “subject
access
request”.
All subject access requests should be made in writing and sent to the email shown in Part 14. To
make
this as easy as possible for you, a Subject Access Request Form is available for you to use. You
do
not have to use this form, but it is the easiest way to tell us everything we need to know to
respond to your request as quickly as possible.
There is not normally any charge for a subject access request. If your request is ‘manifestly
unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to
cover
our administrative costs in responding.
We will respond to your subject access request within one month of receiving it. Normally, we aim
to
provide a complete response, including a copy of your personal data within that time. In some
cases,
however, particularly if your request is more complex, more time may be required up to a maximum
of
three months from the date we receive your request. You will be kept fully informed of our
progress.
If you wish to exercise any of these rights, then please, contact us as described in part 14.
13. How Do We Use Cookies?
Our Site uses cookies and similar technologies that collect Tracking Data to distinguish you from
other users. This helps us to provide you with a good experience when you access the Sites and
use
the Services.
The cookies that are used on our website fall into the categories described below. These
descriptions
can help you determine if and how you would like to interact with our Sites and other online
services:
Strictly necessary cookies: These cookies are essential in order to enable you
to
navigate the Sites and use certain features. Without these strictly necessary cookies, the
online
services provided by the webites cannot be provided. It is therefore not possible for users to
opt
out of use of these cookies. In addition, the coding language the Sites are written in uses
session
cookies and their use cannot be avoided. These are deleted each time users close their browser.
These cookies do not store any information about the visitor once the browser is closed.
Performance cookies: Our performance cookies collect anonymous information about
how
users use the Sites and their features. For instance, our performance cookies collect
information
about which pages on the Sites are visited most often, which advertisements users view or
interact
with on our website or other websites on which our advertisements appear and if users receive
any
error messages.
Analytics cookies: The Sites may use other similar analytics cookies. These
cookies
are used to collect information about how visitors use the website. The information is collected
anonymously, and used to report on the number of visitors to the Sites, where the visitors have
come
from, and the pages they have visited. Furthermore users can prevent Google’s collection and use
of
data (cookies and IP address) by downloading and installing the browser plug-in available under
https://tools.google.com/dlpage/gaoptout.
Further information can be found under
http://www.google.com/analytics/terms/gb.html
(Google Analytics Terms of Service & Privacy). Please note that on the Sites, Google Analytics
code
is supplemented by "gat._anonymizeIp();" to ensure an anonymized collection of IP addresses (so
called IP-masking). Also, users can prevent Google Analytics to collect such data on behalf of
Wlompos by clicking on the following link:
https://tools.google.com/dlpage/gaoptout.
Functionality cookies: Functionality cookies are used to remember choices users
make
(such as language preference, country location, or other online settings) and collect anonymous
information.
Our website may place and access certain first-party Cookies on users’ computer or device.
First-party Cookies are those placed directly by us and are used only by us. We use Cookies to
facilitate and improve users’ experience of our Site and to provide and improve our products
and/or
services. We have carefully chosen these Cookies and have taken steps to ensure that users’
privacy
and personal data is protected and respected at all times.
All Cookies used by and on our website are used in accordance with current Cookie Law.
Before Cookies are placed on your computer or device, you will be shown a pop-up requesting your
consent to set those Cookies. By giving your consent to the placing of Cookies you are enabling
us
to provide the best possible experience and service to you. You may, if you wish, deny consent
to
the placing of Cookies; however certain features of our Site may not function fully or as
intended.
Certain features of our Site depend on Cookies to function. Cookie Law deems these Cookies to be
“strictly necessary”. Your consent will not be sought to place these Cookies, but it is still
important that you are aware of them. You may still block these Cookies by changing your
internet
browser’s settings as detailed below, but please be aware that our Site may not work properly if
you
do so. We have taken great care to ensure that your privacy is not at risk by allowing them.
In addition to the controls that we provide, you can choose to enable or disable Cookies in your
internet browser. Most internet browsers also enable you to choose whether you wish to disable
all
Cookies or only third-party Cookies. By default, most internet browsers accept Cookies, but this
can
be changed. For further details, please consult the help menu in your internet browser or the
documentation that came with your device.
You can choose to delete Cookies on your computer or device at any time, however you may lose any
information that enables you to access our Site more quickly and efficiently including, but not
limited to, login and personalisation settings.
It is recommended that you keep your internet browser and operating system up-to-date and that
you
consult the help and guidance provided by the developer of your internet browser and
manufacturer of
your computer or device if you are unsure about adjusting your privacy settings.
14. How Do You Contact Us?
o contact us about anything to do with your personal data and data protection, including to make
a
subject access request, please contact our privacy team at:
hello@w-profit.com.
15. Changes to this Privacy Policy
We may change this Privacy Notice from time to time for various reasons such as changes to
reflect in
law and regulation, changes in industry practices, technological developments or if we change
our
business in a way that affects personal data protection.
Any changes will be immediately posted on our Site and you will be deemed to have accepted the
terms
of the Privacy Policy on your first use of our Site following the alterations. We recommend that
you
check this page regularly to keep up-to-date.
16. Children
We recognize that we have a special obligation to protect personal information obtained from
children. We will not knowingly collect personal information from any child, or process such
information, without parental consent. For the purpose of this Policy, a child means any
individual
who is under the age of 18 (or the minimum legal age to consent to the collection and processing
of
personal information where this is different under applicable law).
17. Security
W-profit Ltd has implemented all reasonable technical, administrative and physical security
measures
to protect the security of your personal information.
All received information that the client provides is stored on secure servers and only authorized
staff have access to this information. We take reasonable precautions to prevent the loss,
misuse or
alteration of your personal information. Our employees, contractors and agents may be given
access
to your personal information which we collect, but their use shall be limited to the performance
of
their duties in relation to facilitating your use of the Services. Our employees, contractors
and
agents who have access to your personal information are required to keep that information
confidential and are not permitted to use it for any purposes other than those listed above or
to
deal with requests which you submit to us.
18. Enquiries
If you have any enquiries about this Policy, or any questions about the use of your personal
information, please e-mail our privacy team at: hello@w-profit.com.
