Privacy Policy
Last updated: 29/11/2023
Introduction
COLLETRA FINTECH LTD (“Colletra,” “We,” “Us,” “Our”) is a company registered in the Republic of Cyprus. This Privacy Policy demonstrates Our commitment to protecting the privacy and security of the personal information of Our customers and users. It explains how we collect, use, disclose, and safeguard your information in accordance with the General Data Protection Regulation (GDPR).
Scope and Consent
This policy applies to all users of Colletra’s services, including visitors to our website. By accessing or using Our services, you consent to the collection, use, sharing, and processing of your personal information as described in this policy.
Types of Information Collected
We may collect the following types of personal data:
1. Contact Information: Name, email address, phone number, postal address.
2. Account Information: Username, password, and other credentials used to access our services.
3. Payment Information: Credit card details or other payment information for purchases and transactions.
4. Usage Data: Information about how you interact with our website, including IP, browser type, pages visited, and referring URL.
5. Cookies and Similar Technologies: We may use cookies and similar technologies to collect information about your browsing activities.
Legal Basis for Processing
We process personal data based on the following legal bases:
1 Performance of a Contract: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
2. Legal Obligation: Processing is necessary for compliance with a legal obligation.
3. Legitimate Interests: Processing is necessary for our legitimate interests, such as improving our services and marketing.
4. Consent: Processing is based on your consent, which you may withdraw at any time.
Purpose of Processing
We collect and process personal data for the following purposes:
1. Providing Services: To provide and maintain our services, communicate with you, and fulfill your requests.
2. Marketing: To send promotional materials, newsletters, and other marketing communications.
3. Analytics: To analyse and improve our website and services.
4. Legal Compliance: To comply with applicable laws, regulations, and legal processes.
5. Security: To protect against fraud, unauthorized access, and other liabilities.
Data Retention
We retain personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. We will delete or anonymize personal data when it is no longer necessary.
Data Security
We implement appropriate technical and organisational measures to protect personal data from unauthorised access, disclosure, alteration, or destruction. These measures include encryption, access controls, regular security assessments, and staff training.
Data Sharing
We may share personal data with the following parties:
1. Service Providers: Third-party service providers who assist us in operating our website and providing our services.
2. Business Partners: Trusted business partners who offer complementary products or services.
3. Regulatory Authorities: Government or regulatory authorities as required by law or to protect our legal rights.
User Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of Access (Data Subject Access Request – DSAR): You have the right to request access to your personal data that we hold. This includes the right to know the purposes of processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data have been or will be disclosed.
- Right to Rectification: You have the right to have inaccurate personal data corrected. This also includes the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- Right to Erasure (Right to be Forgotten): You can request the deletion or removal of personal data where there is no compelling reason for its continued processing. This right is not absolute and only applies in certain circumstances.
- Right to Restrict Processing: You have the right to ‘block’ or suppress further use of your personal data. When processing is restricted, we can still store your data, but may not use it further.
- Right to Data Portability: You have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance from us.
- Right to Object: You have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling), direct marketing (including profiling), and processing for purposes of scientific/historical research and statistics.
- Rights in Relation to Automated Decision Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
- Right to Withdraw Consent: If you have given consent for the processing of your data, you have the right to withdraw that consent at any time, though this will not affect the lawfulness of processing based on consent before its withdrawal.
- Right to Lodge a Complaint with a Supervisory Authority: You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
These rights are subject to certain exceptions and limitations under the GDPR. Colletra is committed to honoring these rights and will provide mechanisms for you to exercise them.
To exercise these rights or for any inquiries or complaints regarding our use of your personal data, please contact us using the information provided in the “Contact Information” section below.
Cookies and Similar Technologies
Our website may use cookies and similar technologies to enhance your browsing experience and gather information about your usage patterns. You can manage your cookie preferences through your browser settings or other mechanisms. However, please note that disabling cookies may affect the functionality of our website. For more information, please visit the ‘Cookies’ section of our website.
Marketing Communications
If you have provided your consent, we may send you marketing communications about our products, services, and promotions. You may opt-out of receiving these communications at any time by following the instructions provided in the communication or contacting us using the information in the “Contact Information” section below.
International Data Transfers
If we transfer personal data outside the European Economic Area (EEA), we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses or Privacy Shield certification.
Updates to the Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated Privacy Policy on our website. Please review this Privacy Policy periodically.
Children’s Privacy
Our website is not intended for children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected personal data from a child, please contact us using the information provided in the “Contact Information” section below, and we will take appropriate measures to delete the information.
Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
COLLETRA FINTECH LTD
Address: IRIS TOWER, 8 John Kennedy
Floor 7, Flat/Office 740B, 3106,
Limassol, Cyprus
Email Address: info@colletra.com
Phone Number: +357
Supervisory Authority
If you are an EU resident and believe that we have violated your rights under the GDPR, you have the right to lodge a complaint with the supervisory authority in your country of residence.
Governing Law and Jurisdiction
This policy is governed by the laws of the Republic of Cyprus, and any disputes will be subject to the exclusive jurisdiction of the Cypriot courts.