Privacy Policy

1. INTRODUCTION
 
We created this Data Protection Privacy Policy (hereinafter “Privacy Policy”) which describes the information we collect, how that information may be used, with whom it may be shared, and your choices about such uses and disclosures. We encourage you to read this Privacy Policy carefully before using our website or services or transacting business with us. By using our website (hereinafter our “Services”), you are accepting the practices described in this Privacy Policy.
 
You should consult our Terms of Use which is available on our website which is inherently adopted by the current Privacy Policy, which refers to the same terminology and as has last been updated on 30th March 2022. Such documents constitute the agreement between any User (as therein defined) and the Association (as therein defined) and are drafted in accordance with the European General Data Protection Regulation 2016/697 and the Cyprus Protection of Natural Persons with Regard to Processing of Personal Data and the Free Movement of such Data Law of 2018 (Law 125(I)/2018) (hereinafter collectively referred to as the “Applicable Law”) and outlines our practices regarding the processing of Personal Data (as therein defined) of the Users.
 
2. WHO IS RESPONSIBLE FOR COLLECTING AND PROCESSING YOUR PERSONAL DATA
 
The website is operated and the processing of the data collected is administered by the registered association ΠΑΓΚΥΠΡΙΟΣ ΑΘΛΗΤΙΚΟΣ ΣΥΝΔΕΣΜΟΣ ΙΔΙΟΚΤΗΤΩΝ ΜΙΚΡΩΝ ΣΚΑΦΩΝ (ΠΑ.Σ.Ι.ΜΙ.Σ) (PASIMIS) registered in Cyprus with registration number 2020 and registered address at 2 Lysandrou Street, 2007 Strovolos, Nicosia, Cyprus.
 
3. HOW WE COLLECT AND USE DATA
 

In General: We may collect information that can identify you, such as your name and surname and other information that does not identify you, such as your gender and browsing data. By registering and using our Services, you are authorizing us to collect, use and retain data so that we can provide you with our Services. When you provide us with your Personal Data through the use of our Services, such may be sent to servers located in the EU or countries outside the EU. 

3.1. Data you share directly

You can register as a User by completing and submitting the online Membership Registration Form which is further subject to review and approval by the Club’s Board prior to granting of authorized access to any User.

3.2. Data we collect automatically
Activity Data
We collect information about your activity on our Services such as how you use the Services, the date and time you logged in, features you’ve been using, clicks and pages which have been shown to you, referring webpage address and advertisements that you click on.
Location Data
Use of the Services and subject to receiving your permission, allows us to collect data regarding your precise geolocation (latitude and longitude) through GPS, Bluetooth or your Wi-Fi connection. The collection of your geolocation may occur in the background even when you are not using our Services, if you specifically gave us permission to do so. 
Device and equipment data
We automatically collect information from your device when you are using our website. This information could include your device ID, IP address, the operating system (OS) used by your device, access times, and your mobile device’s geographic location while our website is actively running. Furthermore, we can collect information on your wireless and mobile network connection, like your service provider and signal strength. Also, information on device sensors such as accelerometers, gyroscopes and compasses may be collected.
 
3.3. Cookies Policy
What is a cookie?
Cookies are small data files of information that a website transfers to your hard drive or mobile device to store and sometimes track information about you. Although cookies do identify a user’s device, cookies do not personally identify users.
Additionally, mobile devices may use other tracking files which are similar to cookies (for example iOS devices use Apple’s ‘identifier for advertisers’ (IDFA) and Android devices use Google’s Android ID). In the context of tracking within a website, the concept of a cookie will include an IDFA and an Android ID for the purpose of this Cookie Policy.
Why we use cookies
Our Services use cookies to distinguish you from other users. This helps us to improve our Services and to provide you with a good experience when you browse or use our Services.
Types of cookies we use
We may use the following cookies:
Strictly necessary cookies: these are cookies that are required for the operation of the Services, such as to enable you to log into your Account.
Performance cookies: these types of cookies recognise and count the number of visitors and Users of our Services and to see how Users move around in each. This information is used to improve the way our Services work.
Functionality cookies: these cookies recognise when you return to our Services, enable personalised content and recognise and remember your preferences.
Targeting cookies: these cookies record your visit to a website or website, including the individual pages visited and the links followed.
Generally, the strictly necessary cookies and some performance and functionality cookies only last for the duration of your visit to a website or expire when you close a website: these are known as ‘session cookies’. The functionality cookies and some targeting and performance cookies will last for a longer period of time: these are known as ‘persistent cookies’.
Third party cookies
Some of the persistent and session cookies used by our Services may be set by us, and some are set by third parties who are delivering services on our behalf. For example, we use Google Analytics to track what users do on the website so we can improve the design and functionality.
Blocking cookies
Most websites, mobile devices and websites automatically accept cookies but, if you prefer, you can change your browser, device or website settings to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browser or device. To block the Identifier for Advertisers (IDFA) on your iPhone Operating System (iOS) mobile device, you should follow this path: Settings > General > About > Advertising and then turn on ‘Limit Ad Tracking’. To block Android ID on your Android device, you should follow this path: Google Settings > Ads and then turn on ‘Opt out of interest-based ads’.
Please note however, that (as with other websites and websites) by blocking or deleting cookies used on our Services you may not be able to take full advantage of them.
 
4. HOW WE USE THE PERSONAL DATA WE COLLECT
 
4.1. In General. We may use the information that we collect about you to:
4.1.1. Deliver and improve our products and Services, and manage our business; 
4.1.2. Help you manage your Account and provide customer support; 
4.1.3. Perform research and analysis about your use of, or interest in, our products, services, or content; 
4.1.4. Communicate with you by email, telephone and/or mobile device about products or services that may be of interest to you either from us or other third parties; 
4.1.5. Develop, display, and track content and advertising tailored to your interests on our Services and other sites, including providing our advertisements to you when you visit other sites; 
4.1.6. Use website analytics; 
4.1.7. Enforce or exercise any rights in our Terms of Use; 
4.1.8. Perform functions or services as otherwise described to you at the time of collection;
In all circumstances, we may perform these functions directly or use third parties to perform these functions on our behalf who will be obligated to use your Personal Data only to perform the requested services for us. 
4.2. Specifically: We use your Personal Data for security and so that we fulfil our legal and contractual obligations: 
4.2.1. To abide by court decisions and to provide all information requested by administrative and judicial authorities, law enforcement officials and legal officers;
4.2.2. To fortify our security, according to law, against fraudulent activity and any kind of threats;
4.2.3. To enforce our Terms or Use and Privacy Policy;
4.2.4. To provide safer and more secure Services to Users and to improve the User’s experience via the improvement of our technology.
 
5. WITH WHOM WE SHARE YOUR PERSONAL DATA
 
5.1. Service Providers
We may share information, including Personal Data, with third parties that perform certain services on our behalf. We use third parties to help us operate and improve our Services. These third parties assist us with various tasks, including data hosting and maintenance, analytics, customer care, marketing, advertising, payment processing and security operations.
These service providers may have access to Personal Data needed to perform their functions but are not permitted to share or use such Personal Data for any other purposes.
 
We may also share Personal Data with partners who distribute and assist us in advertising our Services. For instance, we may share limited Personal Data on you in hashed, non-human readable form to advertising partners.
 
Please also note that we use Google Analytics in order to improve the Services we provide. These platforms collect the following types of data: Internet Protocol (IP) Address, location and browser information, Pixel Tags (tiny graphic images with a unique identifier, similar in function to cookies), browser local storage, mobile information (device information, Operating System (OS) etc.).
 
You can find their Terms of Use and Privacy policies in below links:
Google Analytics: Privacy Policy www.google.com/policies/privacy/partners/ and Terms of Service https://marketingplatform.google.com/about/analytics/terms/us/ 
Go Daddy: Privacy Policy https://www.godaddy.com/en-uk/legal/agreements/privacy-policy and Terms of Use https://www.godaddy.com/en-uk/legal/agreements/universal-terms-of-service-agreement
JCC Payment Systems Ltd: Privacy Policy https://www.jcc.com.cy/privacy-statement-and-cookies/ and Terms and Conditions https://www.jcc.com.cy/terms-conditions/
 
5.2. Legal Reasons
We may disclose and/or share your Personal Data:
5.2.1 In response to a subpoena or similar investigative demand, a court order, or a request for cooperation from a law enforcement or other government agency;
5.2.2 To establish or exercise our legal rights;
5.2.3 To defend against legal claims or as otherwise required by law;
5.2.4 When defending ourselves we may raise or waive any legal objection or right available to us;
5.2.5 When we believe disclosure is appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing;
5.2.6 To protect and defend the rights, property or safety of our Association, our users, our employees, or others;
5.2.7 To enforce our Terms of Use or other agreements or policies.
 
5.3.  With your consent or at your request
5.3.1 We may use and share non-personal information we collect under any of the above circumstances; 
5.3.2 We may also share it with other associates or third parties in order to enforce our Terms of Use or other agreements or policies including but not limited to the issuance of ASA Sailing School Certificates and/or deliver advertising you may see on our Services and on our website or websites of others;
5.3.3 We may combine non-personal information we collect with additional non-personal information collected from other sources;
 
6. HOW YOU CAN ACCESS YOUR PERSONAL DATA 
 
You may access your Account and review and/or edit your personal data at any time. Any User is at all times responsible to proceed with any amendment and/or update and/or completion of such data which should be promptly notified to the Association through updating of the profile and address tabs of any Account. Your Account may be permanently deleted upon cancellation and non-renewal of your Annual Membership. 
 
The Association retains the right to maintain any personal data required even after the cancellation of your Annual Membership and deletion of your Account for due compliance with the Applicable Law. 
Warning: Even after you remove Personal Data from your profile or delete your Account, copies of that Personal Data may still be viewable and/or accessed to the extent such Personal Data has been previously shared with others or copied or stored by other Users or to the extent such Personal Data has been shared with search engines. We cannot control this, nor do we accept any liability for this. If you have given third party websites or websites access to your Personal Data they may retain such Personal Data to the extent permitted under their terms of service and/or privacy policies.
 
7. HOW WE PROTECT YOUR PERSONAL DATA 
 
We make sure that your Personal Data is collected and processed by us or our authorized partners securely and confidentially. We also take reasonable measures (including technical and organizational) to prevent the unauthorized access or alteration or erasure or misuse or loss of (and disclosure or destruction of) your Personal Data, but ultimately, we make no assurances about our ability to prevent any such issues. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. If you believe that your Account or Personal Data is no longer secure, please notify us immediately via the contact information set out below.
 
8. HOW LONG WE RETAIN YOUR PERSONAL DATA 
 
We keep your Personal Data only as long as we need it for legitimate business purposes as set out in this Privacy Policy and in the Terms of Use and as permitted by the Applicable Law. To protect the safety and security of our Users on and of our Services, we implement a safety retention window of thirty (30) days following account deletion. During this period, Account information will be retained although the Account will not be visible on the Services anymore.
In practice, we delete or anonymize your Personal Data upon deletion of your Account (following the safety retention window) or after two (3) years of continuous inactivity, unless:
8.1 we must keep it to comply with the Applicable Law;
8.2 there is an outstanding issue, claim or dispute requiring us to keep the relevant Personal Data until it is resolved.
 
Note that even though our systems are designed to carry out data deletion processes according to the above guidelines, we cannot promise that all Personal Data will be deleted within a specific timeframe due to technical constraints.
 
9. YOUR RIGHTS
 
You can choose not to provide us with certain Personal Data, but that may result in you being unable to use certain features of our Services because such Personal Data may be required in order for you to register as a User and use our Services. Our Services may also deliver notifications to your email account or mobile phone. You can disable these notifications by unsubscribing on any email newsletters or emailing us at info@pasimis.com.
You also have the following rights as per the applicable legislation:
9.1 Right to be informed: You have the right to be informed about the collection and use of your Personal Data by us.
9.2 Right to access: You have the right to request to access your Personal Data that we keep at all times and we will get back to you within a month of the date of your request.
9.3 Right to rectification: You have the right to correct, rectify and or update your Personal Data.
9.4 Right to “be forgotten”: You have the right to request your Personal Data to be deleted. We will comply with this request the soonest possible, unless we have legal obligation to act otherwise.
9.5 Right to restrict processing: You have the right to request the restriction or suppression of your Personal Data. Please note that this is not an absolute right and it can apply in specific circumstances. 
9.6 Right to portability: You have the right to request to obtain and reuse your Personal Data for your own purposes across different services. You can move, copy or transfer Personal Data easily from one IT environment to another in a safe and secure way, without affecting its usability.
9.7 Right to object: You have the right to object to the processing of your Personal Data in certain circumstances (such as purposes of direct marketing).
 
10. CHILDREN’S PRIVACY
 
Although our Services are general audience services, we restrict the use of our Services to individuals aged 18 and above. Personal Data regarding children under the age of 18 is collected and/or processed and/or stored by the Association only in relation to Sailors/Athletes of our Academy and to which any legal guardian has provided their explicit consent. 
 
11. RESPONSE TO PERSONAL DATA BREACH INCIDENTS
 
When we learn of a suspected or actual Personal Data breach, our designated personnel shall perform an internal investigation and take all appropriate measures for remedies the soonest possible. Where there is any risk to your rights and freedoms, we shall notify the Office of the Commissioner for Personal Data Protection of Cyprus, without delay and when possible, within seventy two (72) hours. You will also be notified via email or any other means of contact regarding the breach and potential risk of your Personal Data.
 
12. PRIVACY POLICY UPDATE
 
We reserve the right to modify this Privacy Policy at any time, in our sole discretion, with or without notice. The modified Privacy Policy shall be made publicly available on the website. You should always review the newest modified version of the Privacy Policy as soon as it is available. It is noted that we retain the right to process your Personal Data as per the previous Privacy Policy applicable, for which we have your prior consent.
 
13. HOW TO CONTACT US
If after reviewing this Privacy Policy, you still have questions about our information practices, please contact us at:
ΠΑΓΚΥΠΡΙΟΣ ΑΘΛΗΤΙΚΟΣ ΣΥΝΔΕΣΜΟΣ ΙΔΙΟΚΤΗΤΩΝ ΜΙΚΡΩΝ ΣΚΑΦΩΝ (ΠΑ.Σ.Ι.ΜΙ.Σ)
2 Lysandrou Street, 2007 Strovolos, Nicosia, Cyprus
Phone: 22492777
Email: info@pasimis.com