At SMARTAVA LTD (hereinafter „we,“ „us,“ or „our“), we take the protection of your personal data very seriously. This Privacy Notice explains how we collect, process, store, and protect your personal data in accordance with the European Union’s General Data Protection Regulation (GDPR).
1. Controller and Contact Information
Controller:
SMARTAVA LTD
Archiepiskopou Makariou III, 59
MOUYIAS TOWER, 3rd Floor, Flat/Office 301
6017 Larnaca, Cyprus
For questions related to this Privacy Notice or the processing of your data, please contact:
Email: mail@smartava.ltd
Phone: +35724030230
2. Data Collection and Purpose of Processing
We only collect personal data that is necessary for us to provide our services, to fulfill contractual obligations, or to comply with legal requirements. This may include, for instance, basic contact details (name, email address, etc.) or any information you voluntarily provide through our website or other direct interactions.
Why We Process Your Data:
- To deliver the services you have requested.
- To communicate with you regarding our services, updates, and support.
- To ensure the proper functioning and security of our website or applications.
- To comply with legal obligations and regulatory requirements.
3. Legal Bases for Processing
We process your personal data based on one or more of the following legal grounds under the GDPR:
- Article 6(1)(b) GDPR (Contract): Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract.
- Article 6(1)(f) GDPR (Legitimate Interests): Processing is necessary for the purposes of our legitimate interests, such as ensuring the security of our systems or conducting certain business operations, except where such interests are overridden by your fundamental rights and freedoms.
- Article 6(1)(c) GDPR (Legal Obligation): Processing is necessary for compliance with a legal obligation to which we are subject.
4. Data Storage and Security
- Servers Located in the EU (Cyprus or Germany): We store and process all personal data exclusively on our own servers located in Cyprus or Germany.
- Own Hardware and AI Models: We use only our own hardware and proprietary AI models to process any data.
- No Transfer to External Services: Your data is never shared or transferred to third-party service providers, external cloud services, or external AI solutions.
- Security Measures: We implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data.
5. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Notice or as required by law. Once the data is no longer needed for these purposes, it will be securely deleted or rendered anonymous in a way that no individual can be identified.
6. Your Rights Under the GDPR
Under the GDPR, you have the following rights:
- Right of Access (Art. 15 GDPR): You have the right to obtain confirmation as to whether your personal data is being processed and to request details about that processing.
- Right to Rectification (Art. 16 GDPR): You have the right to request the correction of inaccurate personal data.
- Right to Erasure (Art. 17 GDPR): You have the right to request the deletion of personal data, under certain conditions.
- Right to Restriction of Processing (Art. 18 GDPR): You have the right to request the restriction of the processing of your personal data, under certain conditions.
- Right to Data Portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit those data to another controller, where technically feasible.
- Right to Object (Art. 21 GDPR): You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data, under certain conditions.
- Right to Withdraw Consent (Art. 7(3) GDPR): Where processing is based on consent, you may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
To exercise any of these rights, please contact us using the details provided in Section 1. Additionally, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR.
7. Changes to This Privacy Notice
We may update this Privacy Notice from time to time to reflect changes in our practices, legal requirements, or operational needs. Any updates will be posted on our website with a revised „Last Updated“ date. We encourage you to review this Privacy Notice periodically to stay informed.
Last Updated: 27.02.2025
If you have any questions regarding this Privacy Notice or our data protection practices, please do not hesitate to contact us at the address or email provided above. We appreciate your trust and are committed to keeping your data secure and confidential.