"The Provider" means Demetris Demetriou.
"The Customer" and/or "Customers" means the person and/or persons, whether natural, incorporated, unincorporated or otherwise, who hold/s one or more account/s with The Provider.
What is considered, according to the legislation, Personal Data
Personal Data is data relating to a living natural person, and whose identity can be found through that data.
Personal Data that The Provider uses:
- your name
- your surname
- the company or organization, if you represent a company or organization, on behalf of whom you make a purchase
- telephone number
- fax number
- email address
- VAT number, if applicable
- payment information (card data and information necessary for payment through The Provider's payment processors)
The Provider's obligations
The Provider collects and processes Personal Data only for the purpose of providing The Provider's services. That includes pricing and billing of The Provider's services, technical support and for contacting The Customer in cases of extreme urgency for the protection of The Provider's Customers, users and systems.
In the case that The Provider needs to process Personal Data in a way that The Customer's consent is required, The Customer will be notified and consent will be required.
In the case that The Provider needs to process Personal Data in a way that the Commissioner of Data Protection's authorization is required, the authorization will be requested prior to the processing.
The Provider NEVER uses or shares The Customer's Personal Data in ways that are forbidden by the legislation.
The Provider's services are not available for use by minors, neither does The Provider voluntarily store information or data on minors.
The Customer's obligations
The Customer can access Personal Data that The Provider keeps on them, through the website for managing information and payments (https://billing.dezillium.com), and make changes to them.
The Customer is obliged to ensure the confidentiality of confidential data and/or information assigned to them by The Provider and The Provider is not responsible in the case of them being lost by and/or stolen from The Customer. In the case of them being lost and/or stolen, The Customer is obliged to inform The Provider as soon as possible.
Exceptions based on the legislation
The Provider, according to the legislation, does not need the consent of The Customer for processing Personal Data in these cases:
- Processing is necessary for the fulfillment of The Provider's obligations, as imposed on it by Law or European Union's Regulations.
- Processing is necessary for the execution of a contract relating to The Customer, ie. billing purposes.
- Processing is necessary for preserving a vital interest of The Provider's customers.
- Processing is necessary for the performance of a task of public interest or task that falls in the exercise of public authority.
- Processing is necessary for statistical purposes, as long as no measures are taken relating to a specific person.
Automated security systems
The Provider uses certain automated security systems, for the protection of The Provider's systems from unauthorized access.
These systems collect information on unsuccessful access attempts, unusual access, for actions that raise reasonable suspicions that they are malicious and actions aimed at hurting the performance of The Provider's systems.
After collection, these systems proceed to take automated decisions to interrupt the malicious access to The Provider's systems, notify system administrators and provide samples of the malicious actions for Legal use in the case that the seriousness of the actions imposes their Criminal Prosecution.
Information that may be requested when providing technical support
In the case that The Customer faces a technical problem and help is required, The Provider may request certain information relating to solving the problem. The Provider will NOT ask for any passwords The Customer uses for access to The Provider's Personal Data management systems.
In the case that The Provider requests passwords for a specially designed system or project The Customer uses (ie third party domain registrar for the purposes of facilitating a domain transfer), The Provider will identify to The Customer by any means The Provider deems necessary, eg. telephone. NEVER share passwords with third parties. The Provider recommends the immediate change of the passwords exchanged, after providing technical support.
Personal Data management website
The security of The Customer's Personal Data is very important. The Provider follows generally accepted industry standards, for the protection of Personal Data provided, during transfer as well as storing them. Your Personal Data is always encrypted while in transit.
Upon using The Provider's services, The Customer may be requested to participate in periodic internal surveys conducted by The Provider to improve The Provider's services and products. These surveys are strictly voluntary. The data collected through these surveys will only be used to improve The Provider's products and services and will NEVER be sold to any third parties.
Content hosted on The Provider's systems
Email addresses are used only for the purpose of electronic mail communications and fraud detection and never sold to any third parties.
The Provider considers electronic mail transmitted via The Provider's services to be the private correspondence between the sender and recipient. The Provider will not monitor, edit or disclose the contents and/or "meta-data" (ie sender/recipient address and/or timestamps) of Customers' private communications, except as required by legislation or for the purposes of troubleshooting email delivery issues.
Data Retention Policy
- Backups: maximum retention of one (1) year. All backups stored offsite or on external media are encrypted.
- Tickets (support/billing/abuse): Tickets are deleted 180(+-7) days after the last response either by The Provider or The Customer.
- Written communication between The Provider and The Customer: six (6) years for the purposes of ensuring that The Provider has fulfilled any obligations to the customer (ie service termination requests). General written communication (ie for the purposes of providing technical support) is deleted 90 days after being received.
- Personal Data: The Provider is required by Law to keep records for accounting purposes for a minimum of six (6) years. Personal Data for Customers that have terminated services are removed from online systems, six (6) years after the last service was cancelled, in the first month of the following year and kept for accounting purposes in electronic form, not accessible online.
- Personal Data, and written communication stored in backups: As mentioned above, in the "Backups:" section. As such, their retention is +1 year from the time of actual deletion/anonymization.
- Personal Information related to third parties (ie payment processors) and not stored on The Provider's systems are subject to the third party's data retention policy.
- Paper copies of Personal Data (ie past printed invoices): Shred by a P3 Security Level paper shredder, six (6) years after the invoice was printed, in the first month of the following year and shreddings are recycled.
Links To Other Sites
The Provider's website(s) contain(s) links to other sites that are not owned or controlled by The Provider. Please be aware that The Provider is not responsible for the privacy practices of such other sites. The Customer is encouraged to be aware when you leave The Provider's website and to read the privacy statements of each and every web site that collects Personal Data. This privacy statement applies only to information and data collected by The Provider.
Changes To This Privacy Statement