DATA PRIVACY POLICY OF FLEXOOW.COM

INNOVACORP LTD, the owner of the website platform located at www.flexoow.com, and with wp-signup.phped address at 11 K.Kavafi Street, 7562, Larnaca, Cyprus (Registration Number HE 446917), is legally recognized. You can reach us by phone at +357 96662345 or by email at support@flexoow.com.

In accordance with prevailing national and EU legal regulations concerning personal data protection, we have developed this Privacy Policy to provide detailed information about how we handle your personal data, as well as to explain your rights as the data subject.

All visitors or users of this site should carefully read and understand the privacy policy before accessing the site. If you disagree with any part of this policy, please do not use the site. By accessing and using the site, you signify your agreement and unconditional acceptance of the terms described in our personal data protection policy.

Individual Managing Personal Data (“The Administrator”)

The Administrator of the personal data is “FLEXOOW”, contactable at +357 96662345 or by email at support@flexoow.com. The Administrator oversees the processing, gathering, storing, and all aspects of personal data management of this website’s users. The personal data is collected and stored through this website, at the office, and associated with website pages through social networking sites (hereafter referred to as “the Company,” “we,” or “us”).

Handling Personal Data (“Data Manager”)

The Company, as the Data Manager, has the responsibility of overseeing, gathering, documenting, and broadly dealing with the personal data from the users of this website. This data is compiled and stored not only via the website but also through our physical office and associated social media pages.

Objective of Data Processing

The Company only handles essential personal data of the website’s visitors/users and/or social media page users. This data is used solely and exclusively for the following aims, all intended to ensure the optimal provision of services:

– Supplying information about the services provided by the Company, specifically delivering tailored and up-to-date information matching the Company clients’ needs.

– Drafting, implementing, and managing agreements at pre-contractual (e.g., phone calls or emails), contractual (e.g., contracts, invoices, payments), and post-contractual stages.

– Providing high-quality services to users/visitors and the Company’s clients and enhancing these services through such information.

– Ensuring the website operates correctly and offering new or improved services on the site.

– Responding to any queries or requests submitted by the visitor/user through the relevant communication form on the site or to the electronic address www.flexoow.com.

– Sending notifications, activated by the user, related to saved requests that are of interest to them. We store data about the saved search items, which are the filters the user has selected. Alterations to frequency, discontinuation, or deletion of any relevant notifications are possible at any time.

– Dispatching newsletters about our products and services available through the site, any newly offered services, or special offers. This dispatch can be discontinued at any time.

– Confirming and identifying the client whenever necessary.

– Conducting customer satisfaction surveys for internal marketing and demographic studies, along with the processing of non-personal data for consumer profile analysis and tracking to continuously improve our products and services and understand what may interest our clients.

– Ensuring the Company complies with its legal obligations.

– Adhering to the obligations set by current laws, for instance, tax legislation.

Data Handling Legal Framework

The Company gathers personal information either directly from the individual (“the data subject”) via its office or the website www.flexoow.com, or FLEXOOW’s social media pages, or indirectly through the Company’s operations, notably the use of cookies.

Specifically, the activities encompassing data collection, recording, organization, storage, elimination, or any other form of processing are principally grounded on the following legal bases:

1. Execution of the Contract: The establishment, operation, termination of the contract between the Company and the customer, as well as pre-contractual measures.
2. Lawful Interests of the Company: This includes pursuing commercial objectives in pre-contractual stages, responding to necessary communications for the expansion of business opportunities, and also in post-contractual stages.
3. Compliance with Legal Obligations: The Company’s adherence to obligations arising from legal, regulatory, and supervisory frameworks (for instance, tax regulations), as well as decisions from any authorities (public, supervisory, independent, prosecutorial, etc.), or courts (ordinary or arbitration).
4. Public Interest Responsibilities: Fulfilling Company’s responsibilities in the public interest.
5. Explicit Consent: The prior explicit consent of the visitor/user when processing isn’t based on any of the aforementioned legal grounds.

In certain circumstances, such as communication, marketing, or research, the user’s information might be disclosed to third parties, such as service providing companies featured on the internet through pop-up windows, who then become responsible for handling the user’s personal data.

The aforementioned entities may gain access to the user’s information to respond to their inquiries regarding the Company’s services and products. In this situation, it will be explicitly required for the user to grant their specific and unambiguous consent for this data processing and sharing by selecting a dedicated box marked “I accept”.

Types and Source of Information

The Company carefully selects and processes only the absolutely essential personal information as follows:

– Transaction Information: This includes full name, age, address, tax identification number, identity card number, driver’s license number, passport number, date of birth, financial and tax information, and insurance information, related to transactions in the pre-contractual, contractual, and post-contractual stages.

– Payment Details: Bank account and credit card numbers.

– Contact Information: Full name, contact phone number, and e-mail address, provided when submitting a question or expressing interest in contacting the Company.

– Subscription Information: E-mail address for receiving notifications or newsletters, wp-signup.phped on the respective area of the website.

– Social Media Information: Information provided by the user via FLEXOOW’s social media pages or information already posted on the social media platforms maintained by the Company, provided there has been prior permission or consent for the processing of personal data.

– Interest and Preference Information: Information concerning interests and preferences that assist us in suggesting specific properties or services that may interest the customer or visitor/user.

– Customer Satisfaction Research: Information for customer satisfaction research.

– Cookies: Information gathered via the use of cookies in the user’s browser. You can learn more about cookies at www.dpa.gr.

– Interaction Data: Data from the interactions of the visitor/user either through the physical location of the company or through online platforms, including details about the history of cooperation with the company.

The Company gathers personal information either directly from the individual (“the data subject”) via its office or the website www.flexoow.com, or FLEXOOW’s social media pages, or indirectly through the Company’s operations, notably the use of cookies.

Data Recipients

The Company will not share your personal data with unauthorized third parties. Your information will only be handled by authorized company personnel who require access to the relevant data for the specific processing task at hand, or by members of the Company’s administration or its subsidiaries, maintaining absolute confidentiality at all times.

However, your personal data may be shared with the following entities under specific circumstances:

– Public Authorities: To allow the Company to meet its legal and tax obligations, and with courts as required to assert and protect the company’s rights.

– External Collaborators and Processors: To fulfill our objectives and provide our services, we may disclose your personal data to other companies working under our instruction (acting as processors). This could include external collaborators, technicians, companies maintaining our website, legal professionals, communication and marketing firms, accountancy and advisory services, and others. These processors adhere strictly to our guidelines, implementing necessary technical and organizational strategies to ensure the utmost protection of our users’ personal data.

– Third Parties in Specific Situations: In certain circumstances, such as communication, marketing, or research, your information might be disclosed to third parties, such as service providing companies featured on the internet through pop-up windows. In this situation, it will be explicitly required for you to grant specific and unambiguous consent for this data processing and sharing by selecting a dedicated box marked “I accept”.

The aforementioned entities are committed to supporting the Company in facilitating users’ rights and abide by all existing laws relating to the protection of personal data. They do not distribute any data to third parties without the explicit approval of the Company, and they maintain absolute confidentiality at all times.

Transfer of Personal Data to Other Countries

All personal data gathered within the context of our website or from our office is stored within Greece. However, there may be instances where the Company needs to transmit personal data to third countries, including those outside of the European Union or to international organizations.

In situations where personal data is transferred to recipients in other countries, including the United States, we take the following measures to safeguard the personal data in line with the provisions set out in this Privacy Policy and in compliance with applicable laws:

– Adequate Protection: We ensure that the recipient country has been deemed to provide an adequate level of protection for personal data by the European Commission.

– Standard Contractual Clauses: Where we use certain service providers, we may use specific contracts approved by the European Commission, which give personal data the same protection it has in Europe.

– Explicit Consent: These transfers are only initiated after explicit instructions from the data subject, following comprehensive and transparent information that assures a satisfactory level of protection as prescribed by current legislation.

In the event of a merger or acquisition of the company, it’s possible that personal data collected via the website may be disclosed to the relevant third parties, after prior thorough information is given.

We are committed to ensuring that any such transfers are carried out in accordance with legal requirements and that your personal data remains secure and protected at all times. 

Duration of Data Retention

The personal data of the Data Subject are retained for a period necessary to serve the purposes outlined in this Privacy Policy. The specific retention periods are as follows:

– Contractual Obligations: If the data processing is based on the execution of a contract or pre-contractual measures, personal data are stored for the time needed to establish, execute, defend, or contest legal claims arising from the contract until such claims are legally nullified. These data may be retained for a longer period to fulfill the legal and contractual obligations of the Company, such as lawsuits and tax regulations.

– Customer Communication: Within the context of customer communication, personal data are stored until you withdraw your consent. This can occur at any time. The withdrawal of consent doesn’t affect the lawfulness of the processing based on consent before its withdrawal.

– Newsletter Subscription: In the event of consent for the sending of newsletters, data is maintained for as long as the newsletter is distributed by the Company and, in no case, more than six (6) months from the termination of its dispatch.

– Legal Requirements: Documents required for the operation of the contractual relationship, completing the customer’s file, are partially retained by the Company in digital form. At the end of the above-stated time periods, personal data are securely destroyed.

In any case, personal data is held for at least five years following the cessation of any contractual relationship, considering the following conditions:

– Legal Compliance: The retention period may be extended to comply with legal requirements, such as tax legislation.

– Secure Destruction: At the end of the retention period, personal data are securely destroyed or anonymized, ensuring that the information cannot be reconstructed or read.

The Company adheres to all legal requirements and best practices concerning data retention, ensuring that personal data is kept no longer than necessary for the purposes for which it was collected.

Our Procedure for Safeguarding Personal Data

The Company places paramount importance on the protection of personal data relating to the data subject. To ensure the highest level of security, we adopt the following measures:

– Technical Measures: We employ state-of-the-art technical measures to safeguard data against unauthorized access, alteration, disclosure, or destruction. This includes the use of firewalls, intrusion detection systems, and secure server layers.

– Encryption: The safety of our website, www.flexoow.com, is ensured through encryption mechanisms such as the use of SSL (Secure Sockets Layer). This safeguards personal information (such as names, email addresses) during transmission over the Internet. The presence of an SSL connection is indicated by a lock symbol displayed on your browser.

– Access Control: Access to personal data is restricted only to authorized company personnel who require access for specific processing tasks. Regular audits and reviews are conducted to ensure that access privileges are updated and that unauthorized access is promptly detected and addressed.

– Physical Security: Certain documents containing personal data may be kept in a physical format when necessary (e.g., tax records, contracts). These are stored in secure locations with appropriate security measures in place, such as locked cabinets in access-controlled rooms.

– Training: All staff members are regularly trained and updated on data protection principles, ensuring they understand the importance of protecting personal data and the best practices to do so.

– Third-Party Vendors: We ensure that any third-party vendors or service providers with access to personal data have adequate security measures in place and are compliant with data protection regulations.

– Regular Reviews: These protective measures are periodically reviewed and updated as needed to address new security challenges and ensure the most secure environment for personal data.

– Incident Response: In the event of a data breach or security incident, we have a response plan in place to promptly address and mitigate the risks, notify the affected individuals, and take corrective actions.

By adopting these measures, the Company ensures that personal data remains protected against potential risks, unauthorized access, and breaches. We are committed to continuously updating and improving our security practices in line with technological advancements and industry standards.

User/Data Subject Rights

As a user or data subject, you have the following rights regarding your personal data:

1. Right of Access and Information: You can request and be informed about your personal data that the Company processes, including the purposes, legal bases, categories of data, recipients, storage period, and your rights.
2. Right to Amend or Correct Data: If your personal data is incomplete or incorrect, you can request an amendment or correction.
3. Right to Data Portability: You can request to receive your personal data in a readable format or ask for it to be transferred to another data controller, provided the processing is based on consent and automated methods.
4. Right to Limit Processing: You can request a limitation on the processing of your personal data if the processing is unlawful or the purpose no longer exists.
5. Right to Object: You can object to the processing of your personal data unless there are compelling legal reasons that supersede your rights. You also have the right to object to the use of your data for advertising purposes.
6. Right to Withdraw Consent: You can withdraw consent for the processing of your personal data at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
7. Right to Deletion/Right to be Forgotten: You can request the deletion of your personal data if it is no longer necessary for the stated purposes, subject to legal obligations to keep the data.
8. If you believe that the processing of your personal data violates data protection laws, you have the right to lodge a complaint with the relevant data protection supervisory authority. In Cyprus, the competent authority is the Office of the Commissioner for Personal Data Protection (Address: 1 Iasonos Street, 1082 Nicosia, tel. +357 22818456, e-mail: commissioner@dataprotection.gov.cy, website: www.dataprotection.gov.cy).

These rights can be exercised through various means, including submitting a written request at the Company’s office, making a phone call, or submitting digital requests on our website or via email. We are committed to addressing your requests without delay, and in all cases, within thirty (30) days. Should we need more time to process your request, we will inform you about the necessary extension, which will not exceed an additional sixty (60) days.

Please be aware that if requests are clearly groundless or excessively repetitive, we reserve the right to charge a reasonable fee to cover the administrative costs of providing the information or performing the requested action, or we may refuse to respond.

Exercise of Rights

Exercising your rights regarding your personal data is a fundamental aspect of our commitment to privacy. Here’s how you can assert your rights:

– Written Request: You can submit a written request at the Company’s office located at 11 K.Kavafi Street, 7562, Larnaca, Cyprus.

– Phone Call: You can make a phone call to +357 96662345 to discuss or request any of your rights.

– Digital Requests: Digital requests can be submitted on our website www.flexoow.com or via our email support@flexoow.com.

– Response Time: We strive to address your requests without delay, and in all cases, within a maximum period of thirty (30) days. Should we need more time to process your request, we will inform you about the necessary extension of this period, which, in no circumstance, will exceed an additional sixty (60) days.

– Fees: Please note that if requests are clearly groundless or excessively repetitive, we reserve the right to charge a reasonable fee to cover the administrative costs of providing the information or performing the requested action, or we may refuse to respond to the request.

– Verification: Depending on the nature of the request, we may need to verify your identity to ensure that we are providing information to the correct individual. This may include asking for additional information or documents.

– Assistance: If you have any questions or need assistance with exercising your rights, our support team is available to guide you through the process.

Your rights are important to us, and we are committed to ensuring that you can exercise them easily and effectively. We encourage you to contact us if you have any concerns or need further information about your rights and how to exercise them.

Changes to This Privacy Policy

We recognize that privacy needs and regulations may evolve, and as such, we reserve the right to update or modify this Privacy Policy at any time. Here’s how we handle changes:

– Notification of Changes: Significant changes to the Privacy Policy or how we use your Personal Data will be prominently posted on our website prior to the changes taking effect. We may also notify you through other communication channels, such as email, if applicable.

– Review Periodically: We urge you to periodically review this Policy to stay informed about how we safeguard your Data. Your continued use of our services after the posting of any changes constitutes your acceptance of those changes.

– Date of Last Update: This current Privacy Policy was last updated on 03/06/2023. Any updates will include the date of the latest revision, so you can easily see when changes have been made.

– Contact Information: Should you have any questions or concerns related to changes in our Privacy Policy, or generally about our privacy practices, feel free to contact us at +357 96662345 or drop us an email at support@flexoow.com.

We are committed to transparency and open communication about our privacy practices. Any changes to this Privacy Policy will be made with careful consideration of your privacy rights and in compliance with all applicable laws and regulations.