GDPR Policy

The company called “ONEXCHANGE LTD” (hereinafter “ONEXCHANGE LTD”), based in Limassol, as the owner of this website (hereinafter the “Website”) and thus, the Data Processor would like to inform its visitors/users (hereinafter Users”) regarding the type and the set of information that may be collected and processed during their visit and browsing in this Website.

“ONEXCHANGE LTD” assures that any processing of their personal data is always guided by the interest of users, respecting the principles of legality, transparency, accuracy, availability and integrity in all its forms. Moreover, “ONEXCHANGE LTD” confirms that it is in full harmonization with the European Data Protection Regulation (hereinafter “GDPR”) and implements the Appropriate Technical and Organizational Measures to protect Users’ personal data and ensure their privacy, a fact of the utmost importance and priority for “ONEXCHANGE LTD”.

By reading below, you will be fully informed about the way we process your personal data (collection, management, use, storage, transmission to third parties, protection), for the period of their observance, as well as for the rights that “Users” can exercise at any time regarding their personal data.

COLLECTION OF PERSONAL DATA

What is Personal Data?

Personal Data is any information related to an identified or identifiable natural person (“data subject”). Identifiable natural person is someone whose identity can be identified, directly or indirectly, by reference to:

  • an identifier (e.g. full name)
  • an identification number
  • location data
  • an online identity card (e.g. IP address, email)
  • one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

What is Personal Data Processing?

Personal Data Processing is any operation or sequence of operations performed with or without the use of automated means, on personal data or on personal data sets, such as:

  • collection
  • registration
  • organization
  • structure
  • storage
  • adaptation or modification
  • retrieval
  • the search for information
  • its use
  • disclosure by transmission
  • dissemination or any other form of disposal
  • association or combination
  • restriction
  • deletion or destruction

Users who visit the Website may, under certain conditions, be asked to provide us with their personal data (e.g. in the contact form with “ONEXCHANGE LTD”, we ask for the users’ name, e-mail, address and phone number so that we can contact them).

*** In no case shall the personal data of minors be collected, except with the express consent of those exercising parental responsibility.

When you browse the “Website”, you acknowledge unreservedly and without restrictions that you have read, understand and accept the privacy policy as well as the use of cookies.

USE OF PERSONAL DATA – PURPOSES

The Personal Data of the Users of the Website, which are given through them, may be used for the purposes mentioned herein for:

  • personalizing the Website for Users in order to provide them an optimal user experience and enjoy the services provided
  • providing statistics to third parties, but in such a way that they can not identify the subject of personal data.

There is a case of transferring user data to third parties/partners of ours who act on our behalf (performing the processing) and it has been verified that they meet the requirements of personal data protection by applying a parallel protection policy with ours.

“ONEXCHANGE LTD” fully complies with the new regulation (EC) 2016/679 of the European Parliament and of the Council on the protection of natural people with regard to the processing of personal data (GDPR), which enters into force on 25 May 2018.

“ONEXCHANGE LTD” will in no case and for no reason disclose or acquaint the personal data of the Users of the Website unless it has the free and explicit consent of them to do so or if it is required due to the existence of a corresponding obligation to comply with the applicable rules of Law, and always to the specific principle which will be defined by the Law.

“ONEXCHANGE LTD”:

  • keeps the privacy of your personal data in the highest regard
  • takes the Appropriate Technical and Organizational Measures for Personal Data Processing which protect their logical and physical security, such as secure software, physical protection, encryption
  • certifies that its systems by design and by definition ensure that it is able to meet its obligations under the General Data Protection Regulation (GDPR)
  • will inform you immediately of any incident involving the breach of your personal data
  • complies with the legal framework for the protection of personal data and in particular with the General Regulation on Data Protection (GDPR) as the controller.

SAFETY OF PERSONAL DATA

“ONEXCHANGE LTD” continuously takes all those Appropriate Technical and Organizational Measures to protect your personal data and your privacy.

Access to personal data is strictly restricted to “ONEXCHANGE LTD” staff and strict rules of professional secrecy and confidentiality apply. Any process of processing your personal data is carried out by authorized people in a way that fully complies with the rules and procedures required by the GDPR, ensuring the safety of your personal data and protection against any unauthorized access and use, tampering, loss/theft or destruction.

This current Privacy Policy does not apply in the event that you link through this Website to another website. Any processing done by the other website, it is not our responsibility. For this reason, we urge you to refer to the Privacy Policy of each website you browse.

DURATION OF PERSONAL DATA

The personal data of the users are kept for as long as the legal purpose of the processing for which they were originally collected lasts, after the free consent of the Users.

USER RIGHTS

“ONEXCHANGE LTD”, as the processor of your personal data, enables you – in full compliance with the provisions of the GDPR – to exercise your rights provided for:

  • the right to information: Users have the right to be informed by “ONEXCHANGE LTD” on how and if it process their Data. Users can ask to be informed about:
  • the purpose of processing
  • the type of Data held
  • to whom it is given
  • how long it is stored
  • whether automated decisions are made
  • their rights to correct/delete/restrict their data processing
  • how to submit a complaint to the Personal Data Protection Authority.
  • the right to access their personal data: Users have the right to correct or delete their personal data
  • the right of portability: Users can ask “ONEXCHANGE LTD” to receive in readable form the Data provided or ask to transfer the data to another controller

Users can exercise all the rights granted to them under the GDPR and the wider legal framework by contacting “ONEXCHANGE LTD”, either through a letter sent to its registered office or through email to the email address dpo@onexchange.com.cy.

Within a reasonable period of one (1) month from the receipt of your request, “ONEXCHANGE LTD” will answer you reasonably for accepting or rejecting your request.

In the event that you believe that your personal data is being misused or that your rights are being violated in any way, in defiance of our legal obligation to the contrary, or if you are not satisfied with the reasoning of the response you will receive about acceptance or rejection of the your request, you can file a complaint to the Personal Data Protection Authority.