1.1.DECREDIA LTD is a limited company, incorporated and registered under the laws of the Republic of Cyprus, with its registration number ΗΕ 399085. The Company registered address: Spyrou Kyprianou, 79, PROTOPAPAS BLDG, 2nd floor, Flat/Office 201, 3076 Limassol, Cyprus.
1.2.The Company is a controller within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the “GDPR”). It means that we determine the purposes and means of the processing of personal data.
1.3.You may contact us by writing at firstname.lastname@example.org or our legal address. If we have to contact You, we will do so by writing to You at the email address You provided to us.
2.1.Since the Company has its establishment in the European Union, we are subject to the requirements of GDPR. Besides, the legislation of the Republic of Cyprus applies to this Policy and relationships with You.
3.1.Personal data You provide us
When You contact us with the interface of the Website or via an available email address, we collect the following data:
a.Your name (including first and last name);
b.Your email address;
c.Other information You additionally (voluntarily) provide us with.
We ask You to provide only those personal data that are necessary for the purposes stated above. At the same time, if You decide to provide us with any additional personal data, we will be able to process them with the appropriate level of protection.
3.2. Personal data which are collected from Your browser
3.2.1.Automatically collected data
Every time You access our Website Your browser transmits some information to us. From this information we may automatically collect some data necessary for the purposes stated below in this Policy, namely:
a.IP address, the data concerning Your location, the data concerning Your mobile carrier operator or internet provider;
b.The data concerning Your device: its operating system, the type, and version of the browser, screen resolution, installed time-zone, language setting, the type of the device: its model and manufacturer (if applicable);
c. The data concerning Your browsing session and any interaction(s) with the interface of the Website (for example, the number of pages You have visited, the number of pages You have clicked on);
d.The data concerning the source from which You have visited the Website.
4.1.Administration and protection of the Website
We process Automatically collected data and Cookies data to protect our Website against any illegal actions that can damage the Website (e.g. cyberattacks, spam, different kinds of abuse), and also detect any incorrectness.
Legal basis: According to Article 6(1)(f) of the GDPR the legal basis for this type of processing is legitimate interests of the Company to protect the Website and prevent any problems.
4.2.Provision and maintenance of the Website functionality
We process Automatically collected data and Cookies data to fully provide You with our Website and maintain its proper functionality.
Legal basis: According to Article 6(1)(f) of the GDPR the legal basis for this type of processing is a legitimate interest of the Company to provide You with our Website functionality.
4.3.Improvement of the Website functionality
We process Automatically collected data and Cookies data to test our Website functionality, do researches and analysis, and implement necessary improvements.
Legal basis: According to Article 6(1)(f) of the GDPR the legal basis for this type of processing is a legitimate interest of the Company to improve and enhance the Website.
4.4.Communication with You
We process Contact data to communicate with You in different situations, namely:
a.When You send us general questions about the Company and our services.
Legal basis: In this case Article 6(1)(f) of the GDPR is applied and the legal basis for this type of processing is a legitimate interest of the Company to communicate with the public.
b.When You contact us in order to exercise Your rights as a data subject.
Legal basis: In this case Article 6(1)(c) of the GDPR is applied and the legal basis for this type of processing is a necessity of compliance with a legal obligation to which the Company is subject. We are subject to the GDPR and obliged to enforce data subject rights.
5.1.We assure You that we will store Your personal data for the period necessary to achieve the purposes of processing such data or compliance with legal requirements.
5.2.Contact data storage. We guarantee that we will erase Contact data when the purpose of our communication with You is reached. In case of a dispute with You, we will store Your Contact data for an additional period until the subject of the dispute is no longer relevant.
5.3.Automatically collected data storage. We store Automatically collected data for up to 14 (fourteen) months starting from the date of the last use of the Website. More details are available via the link: https://support.google.com/analytics/answer/7667196?hl=en.
5.4.Cookies data. We store Cookies data in accordance with the Cookies Policy.
6.1.You as a data subject have several rights which You exercise either by contacting us via email at email@example.com or by sending a request to our legal address.
6.2.The right of access. You have the right to obtain from us the confirmation as to whether or not the data concerning You are being processed, and, if we indeed process Your personal data, to receive a copy of the personal data undergoing processing.
6.3.The right to rectification. You have the right to obtain from us the rectification of inaccurate personal data concerning You.
6.4.The right to erasure (or the right “to be forgotten”). You have the right to obtain from us the erasure (removal) of Your personal data. Upon Your request, Your personal data shall be removed. This right shall be applied if:
a.Your personal data are no longer needed for the purposes for which these data were collected;
b.You have withdrawn Your consent (if You have provided this consent) and there are no other legal bases for further processing;
c.We do not need to keep Your personal data for the purposes of compliance with the applicable legislation;
d.The data are processed unlawfully;
e.There are any restrictions of this right by the applicable legislation;
f.In other cases when the erasure (removal) is required or permitted by the applicable law.
6.5.The right to object to processing. You have the right to object, on grounds relating to Your particular situation, to processing of Your personal data, if the grounds of this processing were necessary for the legitimate interests pursued by the Company or by the third party (Article 6(1)(f) of the GDPR) or this processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Company (Article 6(1)(e) of the GDPR). Additionally, You have the right to object to the processing of Your personal data for direct marketing purposes (if applicable).
6.6.The right to restriction of the processing. You have the right to obtain from us restriction of processing, in case if one of the following applies:
a.You contested the accuracy of the personal data, for a period enabling the Сompany to verify the accuracy of the personal data;
b.Processing is unlawful and You oppose the erasure of the personal data and request the restriction of their use instead;
c.We no longer need the personal data for the purposes of the processing, but they are required by You for the establishment, exercise, or defense of legal claims;
d.You have objected to processing based on Your right to object pending to verification whether Your legitimate grounds override those of the Company.
6.7.The right to data portability. You have the right to receive from us the data which were collected from You, in a structured, machine-readable format and have the right to transmit those data to another controller (in a plain language, to another company). Nevertheless, this rule applies only to processing which:
a.Was carried out by automated means;
b.Is based on Articles 6(1)(a) and 9(2)(a) of the GDPR (consent) or is based on Article 6(1)(b) of the GDPR- processing which was carried out under the contract between You and us.
6.8.The right to lodge a complaint. You can always contact us for any issue with regard to the processing of Your data, including complaints. Nevertheless, if You suppose that Your rights under applicable data protection legislation have been violated, You can lodge a complaint:
a.With the Commissioner for Personal Data Protection of the Republic of Cyprus (jurisdiction of our incorporation). The Website of the Commissioner http://www.dataprotection.gov.cy/; or
b.With the data protection authority of the country of Your habitual residence. You can find the list of all EU Data Protection Authorities on the Website of the European Data Protection Board https://edpb.europa.eu/about-edpb/board/members_en.
7.1. To securely store personal data, we have implemented technical and organizational means in compliance with Article 32 of the GDPR.
8.1.We are committed to protecting the privacy of children. In furtherance of this commitment, we do not knowingly collect or solicit personal data of children.
9.1.We may share Your personal data with third parties in order to enable You to use our Website and maintain and develop our Website. The list of recipients is as follows:
a.Our contractors, subcontractors, and affiliates. To maintain the functioning of the Website we engage a number of persons. Therefore we may disclose Your personal data to them. We assure You that these recipients are obliged to process Your personal data in strict compliance with this Policy and within the terms of confidentiality and professional secrecy regime.
b.The Website hosting provider. The Website is placed on the server which is operated by the hosting provider. Your personal data will be shared with this hosting provider in an encrypted form.
10.1.The Company aims to work globally and build a wide network of partners. Therefore, Your personal data may be transferred outside the EEA to the so-called “third countries”. Nevertheless, we guarantee that we may transfer Your personal data to recipients outside the EEA:
a.On the basis of an adequacy decision by the European Commission; or
b.Providing appropriate safeguards in case of the absence of an adequacy decision; or
c.If the transfer is occasional, according to Article 49(1)(b) of the GDPR (the transfer is necessary for the performance of a contract between You and the Company).
Please note that we transfer Your personal data to Google LLC and Cloudflare, Inc., which are incorporated in the USA. Since an adequacy decision by the European Commission is absent, we apply Standart Contractual Clauses (SCCs), adopted by the European Commission.
12.1.Cookies are small data files that are placed on your computer or mobile device when You visit a Website. Cookies data stored on Your electronic device do not identify You as an individual, but a specific device with the use of identification tags.
a.Protection of thе Website against any illegal actions (e.g. cyberattacks, any forms of abuse (“Security cookies”);
b.Provision the Website to You (“Essential cookies”);
c.Distinguishing You from other users of the Website, which helps us to provide You with a good experience when You browse the Website and allows us to improve the Website (“Analytics cookies” and other applicable).
12.3.We use the following Cookies:
Name of the Cookie
Purpose of use
These Google Analytics cookies are used to collect information about how visitors interact with the Website. We use this information in order to improve and enhance our Website.
This cookie is a security feature deployed by us in order to protect the Website.
This cookie enables websites to store serialized state data. It is used to establish a user session and to pass state data via a temporary cookie, which is commonly referred to as a session cookie (expires when you close your browser).
13.1.We may change, amend, modify, or correct this Policy from time to time in response to changing legal, technical, or business developments. In case of any changes, we will post the revised Policy on the Website, change the date of the last revision of the Policy.
13.2.Please monitor any updates of this Policy carefully. Your continued use of the Website after the revised Policy has entered into force shall be considered as a fact that You have read and understood the revised Policy.