- provides an overview of how AdEx collects and processes your personal data, and informs you about your rights under the EU General Data Protection Regulation (“GDPR”) and any national law supplementing or implementing the GDPR,
- when we refer to “personal data” we mean data which identifies or may identify you and which may include, for example, your name, address, identification number, telephone number, date of birth, occupation and family status,
- when we refer to “processing” we mean the handling of your personal data by us, including collecting, protecting and storing your personal data, and
- when we refer to our “Website” or our “Platform” we mean URL: https://www.adex.com.
Who we are
SAMOUKALE ENTERPRISES LIMITED, a company duly registered and existing under the laws of Republic of Cyprus under the number HE 339224, with its registered office at: 15 Karaiskaki Street, 3032, Limassol, Cyprus.
Our Data Protection Principles
We adhere to the principles relating to processing of personal data set out in the GDPR which require personal data to be:
- Processed lawfully, fairly and in a transparent manner (Lawfulness, Fairness and Transparency).
- Collected only for specified, explicit and legitimate purposes (Purpose Limitation).
- Adequate, relevant and limited to what is necessary in relation to the purposes for which it is Processed (Data Minimization).
- Accurate and where necessary kept up to date (Accuracy).
- Not kept in a form which permits identification of data subjects for longer than is necessary for the purposes for which the data is Processed (Storage Limitation).
- Processed in a manner that ensures its security using appropriate technical and organizational measures to protect against unauthorized or unlawful processing and against accidental loss, destruction or damage (Security, Integrity and Confidentiality).
- Not transferred to another country without appropriate safeguards being in place (Transfer Limitation).
- Made available to data subjects and data subjects allowed to exercise certain rights in relation to their Personal Data (Data Subject’s Rights and Requests).
- We are responsible for and must be able to demonstrate compliance with the data protection principles listed above (Accountability).
Date: January 01st, 2021
1. Data Controller
1.3. Our Website incorporates privacy controls you can use to specify whether you would like to receive marketing, limit the publication or any other use of your information. You can access such privacy controls via email@example.com.
2. How We Collect Your Personal Data
2.1. We obtain your personal data mainly through any information you provide directly to us or through information provided by third parties. Below is a list of ways in which we collect your personal data. Personal data collected directly from you, including:
• when you complete our user registration forms, which are available on our Website,
• when you enter and use our Website, and/or performing contractual obligations, and
• when you contact us for any enquiries, complaints or for any other reason.
Personal data collected from other sources, including:
• via third parties including our business partners, contractors and/or vendors in a manner that is permitted,
• through tags in websites you use and/or manage or control.
3. Personal Data We Use, Purposes and Legal Grounds
We may collect the following personal data from you depending on the service we provide to you. We will only process your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
|Type of information||Purpose||Legal basis of processing|
|Data about your use of our Website. IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, website navigation paths, timing, frequency, pattern of your service use.||To analyze the operation of our Website and services.||Legitimate interests in monitoring and improving our Website and services.|
|Profile data. Your name, address, telephone number, email address, gender, date of birth.||Operating our Website, providing our services, communicating with you. Fulfilment of KYC / AML procedures.||Legitimate interests in the proper administration of our Website. Performing the contract we have with you.|
|Publication data. Information that you post for publication on our Website or through our services.||The publication data may be processed for the purposes of enabling such publication and administering our Website and services.||Legitimate interests for the proper administration of our Website and business. Performing the contract we have with you.|
|Inquiry data.||The inquiry data may be processed for the purposes of fulfilment of our KYC and AML obligations. The proper performance of our payment obligations to you.||Performing the contract we have with you.|
|Transaction data. The transaction data your contact details, your card details and the transaction details.||The transaction data may be processed for the purpose of payments and keeping proper records of those transactions.||Performing the contract we have with you.|
|Notification data.||The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters.||Consent. Performing the contract we have with you.|
|Correspondence data. The communication content and metadata associated with the communication.||The proper performance of our contractual obligation before you.||Consent. Performing the contract we have with you.|
|Any of your personal data identified in this policy.||Exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure, the protection and assertion of our legal rights, your legal rights and the legal rights of others.||Our legitimate interests.|
|Any of your personal data identified in this policy||The obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice.||Our legitimate interests.|
4. Information We May Provide to Third Parties
The third parties we may provide your personal data to:
4.2. To our insurers and/or professional advisers insofar as reasonably necessary for the purposes of managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
4.3. Payment services providers we have chosen to support us with financial transactions relating to our Website. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
4.4. Governmental and regulatory bodies, including law enforcement authorities, in connection with enquiries, proceedings or investigations by such parties or in order to enable AdEx to comply with its legal and regulatory requirements.
Partners, contractors and/or vendors in order to perform contract we have with you.
5. Your Data Protection Rights
5.1. You have the following rights in terms of the personal data we hold about you:
|The right to access.||This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. You can obtain a copy of your data from us free of charge. If you are interested in other copies, we reserve the right to charge for the additional copies.|
|The right to correction (rectification).||You can request that we correct your data. We will initiate appropriate measures to keep the data of yours that we continuously process correct, complete, and up to date, based the latest information available to us.|
|The right to erasure (The right to be forgotten).||You can request that we delete your data provided the legal requirements have been met. In accordance with Article 17 of the GDPR, this can be the case if:|
• the data are no longer required for the purposes they were acquired or otherwise processed
• you revoke your consent, which is the basis of the data processing, and there is no other legal basis for the processing
• you object to the processing of your data and there are no legitimate reasons for the processing or you object to data processing for the purposes of direct advertising
• the data have been processed illegally.
Where the processing is not necessary:
• to ensure adherence to a legal obligation that requires us to process your data
• in particular, with regard to legal retention periods
• to assert, exercise or defend against legal claims.
We endeavor to address all of your requests promptly.
6. International Transfers of Your Personal Data
6.2. We do not envisage that any of your personal data will be transferred to any other countries outside the European Economic Area (EEA) as our offices, facilities, subcontractors and other third parties with which we work are all located within the EEA.
6.3. In the event that this changes in the future and one or more recipients of your personal data are located outside the EEA, where data protection laws may be of a lower standard than in the EEA, we will impose the same data protection safeguards that we deploy inside the EEA to ensure that your personal data are always protected.
7. Retaining and Deleting Personal Data
7.1. We will keep your personal data for as long as is necessary for the purpose for which we initially collected them. Once such period has ended, we will keep your personal data for the longest of the following periods: a) any retention period set out in our retention policy which is in line with regulatory requirements relating to retention; or (b) the end of the period in which legal action or investigations might arise in respect of the services provided.
7.2. Once the retention period of your personal data lapses, we will ensure that your personal data are either irreversibly anonymized or securely destroyed.
8. Confidentiality and Security
8.1. We deploy various security measures such as encryption and authentication tools in line with the current state of the art to protect and maintain the security, integrity and availability of your personal data.
8.2. 100% protection against unauthorized access in the case of data transfers across the internet or a website cannot be guaranteed, but we and our service providers and business partners do our utmost to protect your personal data in line with the prevailing data protection legislation by means of physical and electronic physical precautions. Among other things, we use the following measures:
- Strict criteria for authorization to access your personal data on a “need-to-know” basis only and exclusively for the specified purpose;
- Transfer of acquired data in secured form;
- Storage of confidential data in our secure servers;
- Firewall safeguarding of IT systems to provide protection against unauthorized access, and
- Continuous monitoring of access to IT systems to detect and prevent the misuse of personal data
8.3. If you have received a password from us in order to be able to access certain parts of our Website, you are responsible for keeping this password confidential and for compliance with all other security procedures which we make you aware from time to time. We ask you not to share your password with anyone.