Lextrus Ltd values your personal and confidential information. We are committed to protecting this
information with adequate protection and use it only for the purposes stipulated in this Privacy
Policy. This Privacy Policy will help you understand what personal data is collected and processed,
how its protected, how we use it and what rights are made available to you regarding your personal
data.
This Privacy Policy (‘Policy’) explains how (collectively, with its affiliates, ‘BOOKINGSINCYPRUS’, ‘we’,
‘us’, ‘our’) a Company incorporated under the laws of the Republic of Cyprus with registration
number ΗΕ 405614, being a Data Controller, collects and processes your personal information, i.e.
information collected online and offline, in accordance with the General Data Protection Regulation
(2016/679) and the applicable Data Protection Laws of the Republic of Cyprus (‘the Law’).
When we reference Lextrus Ltd, we also mean the websites managed by Lextrus Ltd, such as
www.bookingsincyprus.com and www.facebook.com/bookingsincyprus/.
Our Policy does not apply to any services or third-parties that have a separate privacy policy and are
not incorporated in this Policy and it does not apply to third-party products or services, all of which
are regulated by their own privacy policies, even if our services contain them, utilize them, or
contain links to them.
Definitions of terms used in Policy:
‘Data Controller’ means the person or organization which determines when, why and how to process
Personal Data and implements appropriate technical and organizational measures to comply with
the Law;
‘Data Protection Officer’ means the person who is formally appointed with the purpose of ensuring
that we are aware of and comply with our data protection responsibilities and obligations according
to the Law;
‘Data Subject’ means a living, identified or identifiable natural person about whom we hold Personal
Data;
‘European Economic Area’ (EEA): means the EU countries and also Iceland, Liechtenstein and
Norway;
‘Personal data’ means data about the Data Subject who can be identified:
from that data; or from that data and other information to which we have or are likely to have
access;
‘Processing’ means any operation or set of operations which is performed on Personal Data or on
sets of Personal Data, whether or not by automated means, such as collection, recording,
organization, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by
transmission, dissemination, or otherwise making available, alignment or combination, restriction,
erasure or destruction;
‘Special Categories of Personal Data’ means the information revealing racial or ethnic origin, political
opinions, religious or similar beliefs, trade union membership, physical or mental health conditions,
sexual life, sexual orientation, biometric or genetic data;
‘Third Party’ means the recipient of your Personal Data as defined below.
The kind of information we collect about you:
The purpose of the Processing of your Personal Data is largely based on each of our services that you
have requested, used or intend to use:
- Contact Information e.g. Name, Surname, Email Address, Physical Address, Telephone
Number - Demographic information e.g. Gender
- Information gathered from your use of our website or Services or through Google
- Analytics, by using cookies e.g. IP Address, Mobile Device Id, Referral Source, Page Views,
Date & Time of usage - Information gathered from bookings and implementing our services e.g. Bank Accounts,
Payment Card information, Copy of passport, Copy of Identification Card etc. - Any additional information that are necessary for the provision of particular services that
- We provide e.g. taxi services etc.
Special Categories of Personal Data
We do not collect or process Personal Data of children without prior consent from their parents or
legal guardian.
We do not collect data which is, by its nature, particularly sensitive (e.g. genetic data, biometric
data, data revealing racial or ethnic origin, political opinions, sex life, sexual orientation, religion or
other beliefs, data concerning health, criminal background or trade union membership) unless it is
volunteered by you.
We may use certain sensitive (or “special category”) personal data where you have given your
explicit consent to us doing so, to better serve and meet your needs. Such sensitive data is only
shared with other members of Lextrus Ltd or our third-party service providers acting as data
processors (e.g. excursion providers, restaurants, transport providers) for the purpose of providing
the services you request and will not be shared or used by us for any other purposes.
On what legal basis do we process your Personal Data:
As Data Controllers we may collect and process your Personal Data for any or all of the following
purposes:
Legal obligations: Obligations that apply for activities that require us to process Personal Data, e.g.
obligation to keep accounting records according to the Cypriot Tax Authorities;
Consent: You have given consent to the processing of your Personal Data for a specific purpose e.g.
request made on our website, filling in forms on our websites or in paper form, responding to your
queries made, send email notifications and commercial information requested. Consent may be
withdrawn at any time by contacting our Data Protection Officer at the contact details provided
below or informing us directly;
Legitimate Interests: Personal Data may be necessary for the purposes of our legitimate interests or
a third party’s to execute, promote, assess and advance our services (e.g. legal claims), except where
these interests are overridden by your interests or fundamental rights and freedoms, especially in
cases where the Data Subject is a child;
Contractual Obligations: For the commencement and continuation of services, between us and you
as a client or as a service provider, we require some personal data from you in order to deliver this
service e.g. Website creation, Social Media creation, Service Quote sent;
Who Receives your Personal Data:
Your Personal Data may sometimes be shared or made accessible to the following Third Parties in
order for us to perform our services to the highest standard possible:
- Employees or affiliates or partners that need access to fulfill the purposes set out above;
- Service providers, including but not limited to IT service providers that support our services;
- Payment Service Providers.
In case of an absence of your consent, your Personal Data will not be disclosed to any Third Party,
other than the above-mentioned, unless the disclosure is required and/or mandatory under the
provisions of any legislation, regulation or upon governmental, supervisory, competent authority
request.
When we enter into agreement with a Third Party that requires your Personal Data to be processed
by that Third Party, we enter into a processing agreement with that party in order to ensure that
they process the Personal Data strictly according to our instructions and to implement the
appropriate administrative, physical and technical measures to protect the Personal Data from
unauthorized or accidental use, collection, access, damage, loss or disclosure.
Transferring your Personal Data outside European Union (‘EU’) and European Economic Area
(‘EEA’):
We generally do not transfer your Personal Data to countries outside of EU and EEA (‘Third
Countries’), except where required by the purposes set out in this Policy. If we need to transfer any
Personal Data to Third Countries, we always ensure that the transfer meets the relevant
requirements of the Law and we take all steps required to ensure that your Personal Data continues
to receive our standards of protection.
When can Personal Data be transferred outside of the EU and the EEA:
- If the European Commission has made a finding that the third country, territory or sectors
within the third country ensures an adequate level of privacy protection (Adequacy
Decision); - The Third Party has signed the standard data protection clauses (i.e. contract) adopted by
the European Commission and agreed to apply the privacy standards of protection of the
European Union; - The Data Subject has provided consent to the transfer.
Retention of Personal Data:
We will retain your Personal for as long as it is necessary to fulfil the purpose for which it was
collected and/or as soon as it is reasonable to assume that such retention no longer serves the
purposes for which the Personal Data were collected and are no longer necessary for legal or
business purposes (except where retention is permitted or required by the Law and/or other
applicable laws).
Protection of Personal Data:
To safeguard your Personal Data from unauthorized access, collection, use, damage, loss, disclosure,
copying or similar risks, we have introduced appropriate administrative, physical and technical
measures such as up to date antivirus protection, encryption and the use of privacy filters to secure
all storage and transmission of Personal Data to Third Parties. We also allow access to Personal Data
only to those employees who need to know such data and they will only process your Personal Data
on our instructions. However, no method of transmission over the internet or method of electronic
storage is completely secure. While security cannot be guarantee, we try to protect the security of
the Data Subject’s Personal Data and we constantly review and enhance our information security
measures.
Your rights in relation to your Personal Data:
Right to access
Request access to your Personal Data, this enables you to receive a copy of your Personal Data that
we hold about you.
Right to rectification
Request to correct or update any of your Personal Data which we hold.
Right to data portability
Request the transfer of your Personal Data to another party.
Right to erasure
Request to delete your Personal Data. However, we may need to retain certain information for legal
or administrative purposes, such as record keeping and detect fraudulent activities.
Right to restrict processing
Request to restrict the use of your Personal Data.
Right to object
You have the right to object to the collection and use of your Personal Data.
Right to lodge a complaint
You have the right to lodge a complaint about the use of your Personal Data by contacting the Office
of the Commissioner for Personal Data Protection in Cyprus at the contact details below:
Office address: Iasonos 1, 1082 Nicosia, Cyprus Postal address: P.O. Box 23378, 1682 Nicosia, Cyprus
Tel: +357 22818456
Fax: +357 22304565
Email: commissionerdataprotection.gov.cy
If you wish to exercise any of your rights, you may contact our Data Protection Officer in writing or
via email at the contact details provided below:
Name: Lextrus Ltd
Address: 13 Griva Digeni, Stavrakis Building, Office 501, 6030, Larnaca, Cyprus Email:
[email protected]
The Data Protection Officer has the right to require the individual making the request to provide
certain identification documents/information to be able to verify his/her identity.
The Data Protection Officer will respond to your requests within thirty (30) days after receiving your
email/letter.
Effect of Policy and Changes to Policy:
We keep this Policy under review, and we may modify it from time to time without any prior notice.
You should review our Policy on our website periodically to ensure that you are aware of any such
modifications/updates.
COOKIES POLICY
Our website uses cookie technology. Cookies are small files saved to your computer or mobile device
that track, save and store information as well as your interactions and usage of our website. The
primary purpose for collection of data from users to our site is to allow us to provide a smooth
efficient and personalized experience while using our site. Users are advised that if they wish to deny
the use and saving of cookies from this website on to their computers hard drive, they should take
necessary steps within their web browsers security settings to block all cookies from this website
and its external serving vendors.
We also collect other forms of non-personal information such as browsers used to access our
website, search terms used to find the website, traffic referrals and links to our website. Cookies
collected by us are used to enable certain functions and tools of our website, assist in the navigation
of the website, track resources and data used on this site and remember computer settings. You
may prevent your computer from accepting cookies by modifying the properties on your web
browser (see your browser’s “Help” option on how to do this).
We also use the services of Google Analytics software to analyze traffic to our website. Neither of
these programs creates individual profile for visitors, nor do we collect any personally identification
information using these services. Data collected regarding site usage is compiled in aggregate to
improve the performance of the website. If you do not wish your information to be included in this
aggregated data through Google Analytics, modify the properties on your web browser to prevent
your computer or mobile device from accepting cookies. Please read the Google privacy policy.
Types of Cookies
Strictly Necessary Cookies:
These cookies are necessary for the website in order to enable you to use certain features of the
website, such as request specific services, setting your privacy preferences, logging in or filling in
forms. You can set your browser to block or alert you about these cookies, but some parts of the site
will not then work. These cookies do not store any personally identifiable information.
Functionality Cookies:
These are used to allow the website to remember choices you make (such as language) and provide
enhanced features to improve your web experience.
Navigation Cookies:
These cookies enable the site to function correctly and are used to gather information about how
visitors use the site. This information is used to compile reports and help us to improve the site.
Cookies gather information in anonymous form, including the number of visitors to the site, where
visitors came from and the pages they viewed.
Analytical Cookies:
These cookies are used to produce statistical analyses of the way users navigate the site (using
computers or mobile devices), the number of pages viewed, or the number of clicks made on a page
during navigation of a site.
Disabling Cookies
You can prevent the setting cookies by adjusting the settings on your browser (see your browser’s
“Help” option on how to do this). Be aware that disabling cookies may affect the functionality of this
and other websites that you visit.