top of page

protected by policy,

quided by trust!

Privacy Policy

Demstar General Privacy Statement

At Demstar we are committed to protecting and respecting your Personal Data.

​​Demstar (“Demstar”) is a company incorporated in Cyprus under company number HE 156145 with its registered address 3 Vyzantiou Str., 2322, Lakatamia, Nicosia, Cyprus. We provide technology solutions and services to businesses throughout Cyprus. This Privacy Policy aims to provide important information to all data subjects (“you”) regarding how Demstar processes your Personal Data (“Personal Data”) and safeguards your data subject rights in accordance with Data Protection Law, including but not limited to the General Data Protection Regulation 2016/679 (“GDPR”) and the Cyprus Data Protection Law 125(I)2018.

What is the Scope of this policy?

​Our general privacy statement regarding Personal data Protection is presented below and informs you about how we use and protect the personal information you provide to us or we collect about you, when you use our site or our social media, when we exchange information or offer each other services while doing business or any other form of interaction. By using our site, and/ or our services provided, you agree to the application of this policy.

What it the role of Demstar and What data do we hold?

​Demstar is, under GDPR terminology, the data processor since our processing is entirely concerned with Personal Data whose controller is you, our customer (legal entity). Therefore, the legal basis of processing your Personal Data is decided by you as the data controller. Demstar is committed to protecting the privacy and security of your personal data. By personal data we mean information which, either alone or in combination with other information available to Demstar, can be used for your recognition.

Personal information may include, but not limited to, the following types of Personal Data which may be collected when you use our services.

  • Personal information collected from website users: technical information about the devices used. Information directly provided by our customers

  • We collect information about you during the course of providing our services, such as contact information, devise S/N etc

  • ​ Personal information collected from visitors: We keep a visitors’ log for the purpose of controlling the flow of visitors at our premises. A CCTV is also in operation for the security of our premises and processing of images of visitors is performed under the operation of this video surveillance system.

We use your personal information:

  • To create and manage financial accounts

  • To exchange information regarding products and services before entering into a contract

  • To exchange information (commercial, financial, technical) in the course of doing business as per the scope of our agreement

  • To provide customer service to you upon your request or if under the scope of our support agreement

  • To let you know about the organization of events related to our business and / or the Information Technology domain

  • To handle support calls or requests for proposals

  • To handle any requests or complaints you might have

  • To comply with our legal, regulatory and other obligations (eg tax laws, accounting obligations, etc.) that result from our above-mentioned activities

  • To ensure network and information security

Legal Basis of Processing

According to the GDPR protocol, processing must be based on a legitimate basis, i.e. a sound reason for collecting, storing, using and disclosing your personal information. Our legal basis for this will depend on the services we provide to you and the type of information we process about you.

The basis we process your information may be one or more of:

  • To fulfil a contract that we may have with you (providing to you products and / or services)

  • To comply with a legal or regulatory duty

  • When you consent or agree with it, such as when you choose to receive from us informative emails or newsletters.

 

How we process your data?

Being aligned with the provisions of the GDPR legislation, we process your personal data in accordance with the following data protection principles:

  • Lawfully, fairly and transparently

  • We collect them only for valid purposes that you know or purposes we explained to you and do not use them in a way that is incompatible with these purposes

  • We process them according to the above purposes only

  • We collect and process the least and absolutely necessary information for the fulfilment of the above purposes

  • We keep these data accurate and up-to-date as long as you keep us informed of any changes

  • We only keep them for as long as necessary, based on the purpose of our relationship

  • We keep them safe. We take all reasonable steps to protect your personal data from loss, unauthorized access or alteration.

Do we share your data with any other parties

Your personal data is shared internally within our company, between various departments, in order to produce the desired result in a way so that you receive the service you expect from us. This internal disclosure is done in the safest feasible way on a need to know basis and within the GDPR principles.

Demstar may share certain data with its subcontractors or partners for maintenance purpose and other third parties such as national authorities or bodies. Demstar is always assessing its partners and third parties before disclosing or otherwise transmitting Personal Data to them by putting in place contractual measures reinforcing specific obligations in accordance with Data Protection Law and in particular GDPR Article 28.

In addition, Demstar may give access to or share Personal Data to external advisors/consultants:

  • When instructed to do so by any authority/regulatory body under applicable law. • In order to establish, exercise or defend our legal rights.

  • With technical advisors who carry out regular assessments and checks on our systems, equipment and facilities.

  • For fraud detection and other control purposes.

How long do we keep your data?

We will retain your personal information only for as long as it is necessary to fulfil the purposes for which we have collected it, and for as long as it is required to satisfy any legal, accounting, etc. obligations.

Where feasible, we make your personal details anonymous so that they can not be associated with you. We can then use them without further notice. Once you no longer require services from us, we will maintain and safely destroy your personal information in accordance with the GDPR legislation.

What are your data subject rights?

 

Under the Regulation, you have the following rights:

  • To be informed about the processing of your personal information. This is the purpose of this statement.

  • To correct your personal information if it is inaccurate and have it in full if it is incomplete

  • To oppose to the processing of your personal data

  • To restrict the processing of your personal information

  • To have your personal information deleted (“the right to be forgotten”)

  • To move, copy or transfer your personal data (“data portability”)

  • To be informed about, question or oppose to any automated decisions taken for you, including profiling

  • Ask for access to your personal information and information about how we process them

  • Withdraw at any time any consent you have given to the processing of personal data

 

Please note that these rights are not absolute and subject to exceptions. These are limited where we have an overriding interest or legal obligation to continue to process the data or where data may be exempt from disclosure due to, for example, professional secrecy obligations or other exemptions provided under applicable law. The applicability of your rights depends on the legal basis on which we rely in each case.

 

If you wish to exercise any of these rights, please contact the company’s Data Protection person in charge  (email: dpo@demstargroup.com). Who is receiving this email?

We will take all appropriate steps to respond within the legal timeframe, that is 30 days from the day we receive your request or additional 2 months in the case of receiving an excessive request in which case we will keep in touch and inform about the progress and status of your request. If you wish to raise a complaint on how we have handled your Personal Data, you may contact us to have the matter investigated. If you are not satisfied with our response or believe we are not processing your Personal Data in accordance with the law, you may issue a complaint to: Office of The Commissioner for Personal Data Protection Office address: Iasonos 1, 1082 Nicosia, Cyprus, Tel: +357 22818456, Email: commissioner@dataprotection.gov.cy

 

What are your Choices?

You have the option to choose whether or not you want to receive information from us. If you want to receive direct marketing messages from us, you can select the corresponding boxes on the form in which we collect your information. We will not contact you for marketing purposes by email, telephone or text message unless you have given your prior consent. We will not contact you for postal marketing purposes if you have stated that you do not wish to be contacted. You can revoke your consent and change your preferences at any time by contacting us by e-mail: dpo@demstargroup.com. We take Data security very seriously At Demstar we take security very seriously. We adopt, and continuously work towards improving, all appropriate and necessary technical and physical security measures to ensure a level of security appropriate to the risk, in order to prevent any Personal Data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to the Personal Data transmitted, stored or otherwise processed. This covers both Personal Data we collect directly from you and data which we process on behalf of our customers. We are regularly revising and assessing the effectiveness and the security of our systems, equipment and facilities taking into account all the relevant security standards and legal requirements. We also work closely with our customers and advise them on how to maintain a security standard which safeguards your Personal Data when our clients act as the data controllers.

Questions and Complaints

Any questions regarding this Policy and our privacy practices should be sent by email to dpo@demstargroup.com or by writing to Demstar Business Solutions Ltd, 3 Vyzantiou Str., 2322, Lakatamia, Nicosia, Cyprus or you can call +357 22 742222.

Changes to our Privacy Policy We review this privacy statement regularly and we therefore have the ability to modify it at any time.

Last Updated: May 2022

bottom of page