Privacy policy
Privacy Policy
I. Personal Data Protection
1. Introduction
In connection with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, „GDPR”), we inform you of the principles for processing your personal data and the rights you have in this regard.
2. Who is the Controller of Your Personal Data?
The controller of personal data is CCPCYPRUS COLORS PRODUCTIONS LTD, registered in the relevant commercial register.
2. Where Do We Get Your Personal Data From?
Your personal data was received as a result of:
• filling in the form on the Hello Cyprus portal (available as a website) for the purpose of purchasing a Ticket,
• completing a Transaction for the purpose of purchasing a Ticket,
• creating an Account on the Hello Cyprus portal,
• subscribing to the Newsletter.
3. On What Principles Will Your Data Be Processed?
We process personal data lawfully, fairly, and in a transparent manner in relation to the data subject. We collect personal data for specified, explicit, and legitimate purposes and do not process it further in a manner incompatible with those purposes. We collect data that is adequate and limited to the purposes for which it will be processed. We update collected data when necessary. We store data in a form that permits identification of the data subject for no longer than is necessary for the purposes for which it is processed. We process your data in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and accidental loss or destruction. Your personal data will be used for profiling purposes.
4. For What Purpose and on What Legal Basis Will Your Data Be Processed?
We will process your data:
a) for the purpose of performing the Service Agreement (Article 6(1)(b) GDPR), in order to:
• create and maintain an Account on the Hello Cyprus portal,
• send a Newsletter tailored to your interests.
Profiling covers data regarding preferences as to the type and location of Tourist Attractions for which Tickets are selected on the Hello Cyprus portal.
b) on the basis of a data processing agreement concluded with a Partner, for the purpose of performing the agreement concluded between you and the Partner (Article 6(1)(b) GDPR),
c) on the basis of our legitimate interest (Article 6(1)(f) GDPR), among others for the purpose of:
• creating summaries, analyses, statistics, and reports,
• conducting marketing research and planning the development of the service offering,
• handling potential claims or complaints,
• improving the operation of the Hello Cyprus platform,
• adapting the appearance of the platform to your preferences by analysing data on preferences regarding the type and location of Tourist Attractions,
• contacting you in situations requiring it, e.g. a platform failure during your Ticket purchase.
5. Who May Be a Recipient of Your Data?
Your personal data may be disclosed by us, in accordance with applicable personal data protection law, to external entities, i.e.:
d) entities authorised to receive it under applicable law (e.g. courts, law enforcement authorities, supervisory authorities),
e) payment service providers, to the extent that data must be transferred in connection with the provision of payment services,
f) entities processing your data on our behalf (e.g. advertising/marketing agencies, entities servicing our IT systems or providing us with IT tools, entities providing advisory and consulting services),
g) entities providing us with legal services, including debt collection.
6. Will Your Data Be Transferred to a Third Country?
Personal data may be transferred to third countries – the United States of America – in connection with our use of services provided by Google Inc. The transfer takes place on the basis of a European Commission decision (the so-called Privacy Shield) stating that companies based in the United States of America that have joined the Privacy Shield programme provide an adequate level of personal data protection.
7. For How Long Will Your Data Be Stored?
When we process your personal data on the basis of the performance of the Service Agreement, we store it for the duration of the agreement and until the expiry of the limitation periods for making official claims under the concluded Service Agreement.
When we process your personal data on the basis of an agreement concluded between you and a Partner, we store it pursuant to the data processing agreement for the duration of the agreement and until the expiry of the limitation periods for making official claims under the concluded agreement.
Personal data that we are required to store under specific legal provisions, e.g. in the area of financial documentation, will be stored for at least the statutory retention period.
If we process your personal data on the basis of legitimate interest, we store it until you raise an objection to such processing.
8. What Rights Do You Have in Connection With Data Processing?
You have the right to access your data and the right to request its rectification, erasure, restriction of processing, and portability. If the legal basis for processing your personal data is legitimate interest, you may object to the processing of your personal data. To the extent that the legal basis for processing your personal data is consent, you have the right to withdraw that consent. Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.
If you believe that the processing of your personal data has violated data protection regulations, you have the right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office.
Providing personal data is voluntary. However, failure to provide your data will result in our inability and our Partners’ inability to provide services to you.
For all matters concerning the processing of personal data and the exercise of rights related to data processing, you may contact us by phone: +48 66 44 72 085 or by e-mail: biuro@coigdzie.pl.
II. Cookies
The website www.hello-cyprus.pl uses cookies. Cookies (so-called „cookies”) are computer data, in particular text files, sent by a website and stored on the end device of the Service User. Cookies make it possible, among other things, to identify the type of device used by the Service User and adapt the display of the website to individual preferences. They usually contain the name of the website, the storage time on the end device, and a unique identifier.
The Service uses only session cookies. Session cookies are temporary in nature and exist only until the website or browser session is closed. They are used to ensure the correct functioning of the website, i.e.: adapting the content of the Service’s website pages to the preferences of the Service User and optimising the use of the website; in particular, these files allow the Service User’s device to be recognised and the website to be displayed appropriately, tailored to the individual needs of the User; creating statistics that help to understand how Service Users use the website, which enables its structure and content to be improved.
Each Service User may independently determine the conditions for managing cookies. In most cases, web browsers by default allow cookies to be stored on the end device. If the Service User does not consent to this, they should use the option to disable the downloading and storage of cookie files in their web browser. Failure to make such changes to the browser settings is equivalent to consenting to the Service’s use of cookies.
Restricting or completely blocking cookies may result in difficulties or the failure of some Service functions to work.