Privacy Policy
Privacy Notice
Last updated October 2023
Introduction
This notice helps you understand how we handle your personal data and what your rights are in relation to data protection.
It applies if you interact with us through our website, over the phone, online, via email, or on social media.
We change this notice from time to time and we encourage you checking it regularly. The last updated date is shown at the beginning of this notice.
Summary of key information
If you don’t wish to read all this notice in detail, please find below key information you’d like to know:
This notice explains how we handle your personal data, and what your rights are in relation to data protection.
We might share your personal data with third parties.
We process your personal data within the European Economic Area (‘EEA’).
You have a number of rights over your personal data. You can find below more information about your rights and how you can exercise them.
Who we are
When we say “we”, “our” or “us” in this notice we are referring to the following company:
Bermas Ltd (reg. no. HE420881)
25 Martiou, 22, Agios Theodoros, 8047, Paphos, Cyprus
What personal data we collect about you, on what lawful basis we process it and for what purpose
Personal data
Lawful basis for processing
Purpose
Data provided by you to receive our services:
identity data, contact details, payment details
Performance of contract. We cannot perform our service contract without this data.
We use this data to provide our services; manage and administer our services; take payment from or give you a refund.
Data when you communicate with us through our website or via email, over the phone, through social media or via any other way:
contact details, details of your communications with us
Legitimate Interests. Our legitimate interests include delivering our services.
We use this data to answer any issues or concerns; improve our services.
Data collected through your use of our website:
operating system, pages you visit and search engine terms you use, location
Consent. We rely on your consent to placing Cookies on your computer or other devices.
We use this data to make improvements to the user experience; manage and administer our systems; monitor the way our website is used.
Cookies
Cookies are small data files which are placed on your computer or other devices (such as ‘smartphones’ or ‘tablets’) as you browse our website. They are used to remember when your computer or device accesses our website. Cookies are essential for the effective operation of our website. We use the following categories of cookies:
Necessary Cookies
Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser setting, but this may affect how the website functions.
Functional Cookies
These cookies are set by us or by third party service providers we use to implement additional functionalities or to enhance features and website performance.
Performance Cookies
These cookies are set to help us improve our website by collecting and reporting data on how you use it. The cookies collect information in a way that does not directly identify anyone. With the usage of these cookies we are able to count visits and traffic sources to improve the performance of our websites. If you do not allow these cookies, we will not know when you have visited our site.
How do I change my cookie settings?
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org.
Find out how to manage cookies on popular browsers:
To find information relating to other browsers, visit the browser developer's website.
Third parties we might share your personal data with
We may need to share your personal data with the following third parties:
Service providers, such as our agents, advisers or others involved in running accounts and services for you and your business or collecting what you or your business owe us; logistics and delivery providers; our professional advisors, such as lawyers and consultants;
Public or regulatory authorities, where required by law;
Third parties in order to prevent and detect criminality impacting our business;
If you use the services provided by another company to interact with us, such as a social media platform, you personal data will be also subject to the privacy notices of these companies.
International Transfers of your personal data
Your personal data we collect will be stored and processed in Cyprus or any other EEA country in which we or associated third parties maintain facilities. In case we need to transfer your personal data from the EEA to any third county not recognized as providing an adequate level of data protection as the EEA, we will put in place appropriate safeguards, unless otherwise provided by the data protection laws. Appropriate safeguards can include putting in place standard contractual clauses and other organizational or technical measures.
How long we keep your personal data
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
When we decide how long we keep your personal data, we take into account its amount, nature and sensitivity, potential risk of harm from unauthorized use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.
If we have a B2C relationship, we will keep your personal data for as long as you are a customer. We stop considering you a customer if you haven't received our services or engaged with us for 2 years or more. In this case, we will keep your data for up to 7 years after the last time you interacted with us.
If we have a B2B relationship, we will keep your personal data for 7 years after the termination of our B2B relationship.
We may keep your data for longer than 7 years if we cannot delete it for legal, regulatory or technical reasons. In this case, we will ensure that it is secure and it is used only for those purposes.
In some circumstances we may anonymize your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your rights
Your data protection rights:
Right to be informed: You have the right to be informed about the collection and use of your personal data.
Right of access: You have the right to access and receive a copy of your personal data.
Right to rectification: If you think your personal data is inaccurate or incomplete, you have the right to request that we correct or compete it.
Right to erasure: You have the right to request that we delete your personal data.
Right to restrict processing: You have the right to request we restrict or suppress your personal data. In this case, we will store your personal data but we will not process it.
Right to data portability: You have the right to request that we transfer your personal data to you or to another organization. Your personal data will be provided in a structured, commonly used, machine-readable format.
Right to object: You have the right to object to the processing of your personal data in some circumstances, for example when we are relying on legitimate interests for the processing of your personal data.
Right to lodge a complaint: You have the right to lodge a complaint with the Cyprus Commissioner for Personal Data Protection http://www.dataprotection.gov.cy.
Rights with regards to automated decision making, including profiling: You have the right not to be subject to a decision based solely on automated means, if the decision produces legal effects concerning you or significantly affects you in a similar way.
Right to withdraw on consent: Where we are relying on your consent for processing you can withdraw or change your consent at any time (e.g. Cookies).
The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal personal data about another person, if you request we delete data which we are required to have by law, or if we have compelling legitimate interests to keep it. We will let you know if this is the case and will then only use your personal data for these purposes. You may also be unable to continue using our services if you want us to stop processing your personal data.
Exercise your rights/ Contact us
If you want to exercise any of your rights, or you have any questions about this notice, please contact us at info@centregram.com.