Privacy Policy

Below is a website ready Privacy Policy for DGSOFT Cyprus.

This version is based on GDPR, Cyprus Law 125 I 2018, and the role of the Cyprus Commissioner for Personal Data Protection. Cyprus Law 125 I 2018 supplements GDPR locally, and the Commissioner is the competent supervisory authority in Cyprus. (Data Protection Agency)

PRIVACY POLICY

Company: DGSOFT Cyprus
Trade Name: DGSOFT
Registered Office: Chalkokondili 1, Nicosia, 1071, Cyprus
Telephone: +357 22 314686
Email: [email protected]
Website: https://dgsoft.com.cy
Activity: Software Houses and ERP Integrators

Last updated: Date

1. Purpose

This Privacy Policy, hereinafter the Policy, is issued by DGSOFT Cyprus, hereinafter the Company or DGSOFT, for the purpose of informing visitors, customers, partners, suppliers and users of the website https://dgsoft.com.cy about the collection, use, storage, disclosure and protection of personal data.

DGSOFT Cyprus respects the privacy and personal data of all individuals and is committed to processing personal data lawfully, fairly and transparently.

This Policy aims to ensure compliance with Regulation EU 2016 679, the General Data Protection Regulation, GDPR, Cyprus Law 125 I 2018 on the Protection of Natural Persons with regard to the Processing of Personal Data and for the Free Movement of such Data, and any other applicable data protection legislation.

2. Scope of Application

This Policy applies to:

Visitors of the website https://dgsoft.com.cy
Customers and potential customers of DGSOFT Cyprus
Business partners and suppliers
Individuals who contact DGSOFT Cyprus by phone, email, web form or other communication channels
Users of services, software solutions, support services or ERP integration services provided by DGSOFT Cyprus

This Policy applies only to personal data processed by DGSOFT Cyprus. It does not apply to third party websites, platforms or services that may be linked through the Company website.

3. Data Controller

For the purposes of GDPR, the Data Controller is:

DGSOFT Cyprus
Chalkokondili 1
Nicosia, 1071
Cyprus

Telephone: +357 22 314686
Email: [email protected]

DGSOFT Cyprus determines the purposes and means of processing personal data in relation to its website, commercial activities, customer support, software services and ERP integration services.

4. Categories of Personal Data We Process

Depending on the relationship with the user, DGSOFT Cyprus may process the following categories of personal data:

4.1 Identity and Contact Data

Full name
Company name
Job title
Business address
Email address
Telephone number
VAT number or tax identification details where required for invoicing
Billing information

4.2 Business and Contract Data

Customer records
Service agreements
Project information
ERP integration requirements
Support requests
Communication history
Commercial proposals
Invoices and payment records

4.3 Technical Data

IP address
Browser type and version
Device type
Operating system
Website usage data
Log files
Cookie identifiers
Security logs

4.4 Communication Data

Emails sent to DGSOFT Cyprus
Messages submitted through website forms
Support tickets
Telephone communication details
Meeting notes or project related communications

4.5 Support and Service Data

Software error reports
Technical support information
System configuration details
ERP integration data provided by customers
Access logs related to support or maintenance services
Information required to diagnose, maintain or support customer systems

DGSOFT Cyprus does not intentionally collect special categories of personal data, such as health data, biometric data, religious beliefs or political opinions, unless such processing is legally required or explicitly requested in a specific context.

5. Sources of Personal Data

DGSOFT Cyprus may collect personal data from:

The individual directly
Website forms
Email communication
Telephone communication
Business meetings
Contracts and commercial documents
Customer systems during support or integration projects
Publicly available business sources
Third party business partners where lawful and necessary

6. Purposes of Processing

DGSOFT Cyprus processes personal data for the following purposes:

To respond to inquiries and contact requests
To provide software development, ERP integration and technical support services
To prepare commercial proposals and service agreements
To manage customer relationships
To issue invoices and comply with accounting obligations
To deliver, maintain and improve services
To provide technical support and troubleshooting
To manage website functionality and security
To monitor and improve website performance
To comply with legal, tax and regulatory obligations
To protect the rights, property and legitimate interests of DGSOFT Cyprus
To communicate important service, technical or contractual updates
To manage business partnerships and supplier relationships

7. Legal Bases for Processing

DGSOFT Cyprus processes personal data only where there is a lawful basis under GDPR.

The legal bases may include:

7.1 Performance of a Contract

Processing is necessary for the performance of a contract with the customer or for taking steps before entering into a contract.

Examples include service delivery, technical support, ERP integration, project management and invoicing.

7.2 Legal Obligation

Processing is necessary for compliance with legal obligations, including tax, accounting, regulatory and corporate obligations.

7.3 Legitimate Interests

Processing is necessary for the legitimate business interests of DGSOFT Cyprus, provided that such interests are not overridden by the rights and freedoms of the individual.

Examples include website security, service improvement, business communication, fraud prevention, customer support and protection of legal claims.

7.4 Consent

Processing is based on consent where required, for example for non essential cookies, marketing communications or optional forms of communication.

The user may withdraw consent at any time.

7.5 Establishment, Exercise or Defence of Legal Claims

Processing may be necessary to protect the legal rights of DGSOFT Cyprus or to respond to legal proceedings, complaints or disputes.

8. Website Forms and Communications

When users submit information through the website, email or telephone, DGSOFT Cyprus uses the information to respond to the request, provide information, prepare proposals or deliver services.

Users must ensure that the information they provide is accurate, complete and up to date.

9. Cookies and Tracking Technologies

The website may use cookies and similar technologies to support website functionality, improve user experience, analyse website traffic and, where consent is provided, support marketing or analytics activities.

Non essential cookies are used only after the user has provided consent through the cookie consent mechanism.

More information is available in the DGSOFT Cyprus Cookie Policy.

10. Marketing Communications

DGSOFT Cyprus may send marketing or informational communications to users where:

The user has provided consent
There is an existing business relationship and the communication concerns similar services
The communication is otherwise permitted by applicable law

Users may opt out of marketing communications at any time by contacting DGSOFT Cyprus at [email protected] or by using the unsubscribe option where available.

DGSOFT Cyprus does not sell personal data to third parties for marketing purposes.

11. Disclosure of Personal Data

DGSOFT Cyprus may disclose personal data only where necessary and lawful.

Recipients may include:

IT service providers
Hosting providers
Email and communication providers
Accounting and tax advisors
Legal advisors
Payment service providers
ERP, CRM or software vendors involved in customer projects
Public authorities where required by law
Business partners or subcontractors involved in service delivery

All third party processors are required to process personal data only under appropriate contractual, confidentiality and security obligations.

12. International Data Transfers

DGSOFT Cyprus may use software, hosting, cloud, analytics or communication providers located outside Cyprus or outside the European Economic Area.

Where personal data is transferred outside the EEA, DGSOFT Cyprus ensures that appropriate safeguards are in place, such as:

An adequacy decision by the European Commission
Standard Contractual Clauses
Contractual and technical safeguards
Other lawful transfer mechanisms under GDPR

13. Data Retention

DGSOFT Cyprus retains personal data only for as long as necessary for the purposes for which it was collected, unless a longer retention period is required by law.

Retention periods may depend on:

The type of personal data
The purpose of processing
Contractual obligations
Legal and tax retention requirements
Potential disputes or legal claims
Technical and security requirements

Indicative retention periods:

Customer and contract records are retained for the duration of the business relationship and for the legally required period thereafter.
Accounting and tax records are retained in accordance with applicable Cyprus law.
Support and technical records are retained for as long as necessary to provide support, maintain service history and protect legal rights.
Website logs are retained for a limited period for security and diagnostic purposes.
Marketing data is retained until consent is withdrawn or the user opts out.

14. Data Security

DGSOFT Cyprus applies appropriate technical and organisational security measures to protect personal data.

These measures may include:

Access control
User authentication
Encryption where appropriate
Secure hosting environments
Firewalls and monitoring
Backup procedures
Confidentiality obligations
Internal access restrictions
Logging and audit controls
Regular review of security practices

Although DGSOFT Cyprus takes reasonable steps to protect personal data, no system or transmission over the internet can be guaranteed as completely secure.

15. Personal Data Breaches

In the event of a personal data breach, DGSOFT Cyprus will assess the incident and take appropriate measures to mitigate the risk.

Where required by GDPR, DGSOFT Cyprus will notify the Cyprus Commissioner for Personal Data Protection and, where applicable, the affected individuals.

16. Data Subject Rights

Under GDPR and Cyprus data protection law, individuals have the following rights:

Right of access to their personal data
Right to rectification of inaccurate or incomplete data
Right to erasure, also known as right to be forgotten
Right to restriction of processing
Right to object to processing
Right to data portability
Right to withdraw consent at any time, where processing is based on consent
Right not to be subject to automated decision making, including profiling, where applicable
Right to lodge a complaint with the Cyprus Commissioner for Personal Data Protection

The Cyprus Commissioner for Personal Data Protection is the national supervisory authority responsible for monitoring the implementation of GDPR in Cyprus. (Data Protection Agency)

17. Exercising Your Rights

To exercise any of the above rights, users may contact DGSOFT Cyprus at:

Email: [email protected]
Telephone: +357 22 314686
Address: Chalkokondili 1, Nicosia, 1071, Cyprus

DGSOFT Cyprus may request proof of identity before fulfilling a request, where necessary to protect personal data.

DGSOFT Cyprus will respond to requests within the timeframe required by GDPR.

18. Children Personal Data

The website and services of DGSOFT Cyprus are intended for business users and adults.

DGSOFT Cyprus does not knowingly collect personal data from children. If the Company becomes aware that it has collected personal data from a child without appropriate legal basis or parental consent where required, it will take steps to delete such data.

19. Automated Decision Making

DGSOFT Cyprus does not use personal data for automated decision making that produces legal effects or similarly significant effects on individuals.

If this changes in the future, DGSOFT Cyprus will update this Policy and provide the required information under GDPR.

20. Third Party Links

The website may contain links to third party websites, platforms or services.

DGSOFT Cyprus is not responsible for the privacy practices, content or security of third party websites. Users should review the privacy policies of those third parties before providing personal data.

21. Confidentiality

DGSOFT Cyprus treats personal data as confidential.

Employees, contractors and service providers who may access personal data are subject to confidentiality obligations and may process personal data only as required for their role or service.

22. Changes to This Privacy Policy

DGSOFT Cyprus may update this Privacy Policy from time to time to reflect changes in law, business operations, technology, website functionality or data processing practices.

The updated version will be published on the website https://dgsoft.com.cy and will indicate the latest revision date.

Users are encouraged to review this Policy periodically.

23. Contact Information

For any questions, requests or complaints regarding this Privacy Policy or the processing of personal data by DGSOFT Cyprus, users may contact:

DGSOFT Cyprus
Chalkokondili 1
Nicosia, 1071
Cyprus

Telephone: +357 22 314686
Email: [email protected]

Users also have the right to contact the Cyprus Commissioner for Personal Data Protection if they believe that their personal data rights have been violated.

This Privacy Policy forms part of the overall legal and compliance documentation of DGSOFT Cyprus and should be read together with the Cookie Policy and any applicable Terms of Use.