PRIVACY POLICY

Last updated: 21 August 2019

Preamble

This Privacy Policy governs privacy of the users (“User”, “You”, “Your”) of the https://febo.mobi/ website (“Website”) and the Febo.mobi Application (“Application”) provided by FEBO Telecom Ltd (“Company”, “We”, “Us”, “Our”) and applies to any personal data (“Data”), collected, used, processed, and stored by us or provided by you in relation to your use of this Website, our Febo.mobi Application and our Services (“Services”), and explains your rights in that regard.

We respect your privacy, protect it and take it very seriously and in accordance with applicable law and regulations. Please, read this Privacy Policy carefully.

By visiting and using this Website, Application and our Services, you accept and agree to this Policy, abiding by this Policy provisions enclosed herein.

The User is also responsible for being acquainted with any amended or updated version of our Privacy Policy placed on our Website/in our Application. The provisions of updated versions shall apply from the date of publication, unless otherwise expressly stated.

This Policy is incorporated into our Terms of Use and applies to the Data obtained by us through your use of the information, software, products and services made available through our Website/Application.

Data Controller

To comply with the applicable data protection laws, the EU General Data Protection Regulation 2016/679 as of 27 April 2016 (GDPR), together with the Cyprus Law providing for the Protection of Natural Persons with regard to the Processing of Personal Data and for the Free Movement of such Data (Law 125(I)/2018), and any implementing legislation, we are the Data Controller responsible for your personal Data collection and processing. Our company has appointed the Data Protection Officer (DPO), who can be contacted by details indicated in the Contacts section of this Policy.

What Data and When the Data is Collected

We collect the Data given to us by you when you specifically decide so, the Data collected automatically, and the Data obtained through concluded contracts.

We may collect the following Data in cases, as follows:

  • Identity Data (name, username or similar identifier) - when you register, complete contact forms, sign up to newsletters;
  • Contact Data (billing/payment address, delivery address, email address, phone numbers) - when you contact us through the Website/Application, email, phone, post, any other means;
  • Financial Data (payment card details, bank account details, activity log, billing, payment methods, etc.) - when you use and pay for our Services;
  • Technical Data (IP address, login, web browser type and version, time zone, location, OS, data from your device), when you connect to our Website/Application and use it;
  • Usage Data (date of your use, traffic data, times and frequency and duration of using our Website/Application and other characteristics of your use thereof), when you connect to our Website/Application.

We do not collect data from third parties, except for cases where we are represented as a party to Data processing (eg, as a service provider, through agent(s), partners, etc.) or if obliged so by law.

You represent and confirm to provide us with only true and authentic information.

Please, be noted that if you directly disclose your personal Data (e.g., plastic card details or other sensitive data) through public features, this information may be collected and used by other persons.

The Data Storage Security

We process personal Data strictly confidential and in accordance with the industry standards, internal security policies, applicable law and regulatory requirements.

Our employees responsible for your Data security are highly trained and legally obliged to keep confidential the information they access. Such employees will process your personal Data confidentially and strictly in accordance with our instructions.

We will keep your Data secure, using technical and organisational arrangements to safeguard your Data (e.g., the user account access is controlled by password and unique username; the Data are stored on secure servers, etc).

We have taken appropriate security measures for your personal Data, which enable to protect our User’s Data against accidental loss, unauthorised access, use, destruction, alteration, disclosure; to manage third party risks, through use of contracts and security reviews; to ensure business continuity and disaster recovery; to train our personnel on Data security, and other organizational arrangements.

To use our Website/Application functions, you may or will be required to submit certain Data, including passwords. You are responsible for keeping your passwords and similar security information safe and confidential.

We stick to any security measures, however any downloadable documents, software or media obtained through our Website/Application are provided to you at your own risk.

We strive to do our utmost to protect your Data, however please note that information provided through the Internet is not absolutely secured and, therefore, is carried out at your own risk and discretion, whenever and wherever that is beyond our reasonable control. Please, notify us of an unauthorized access to your account or any other breach of security straight away by contact details indicated in the Contacts section of this Policy.

The Data Retention

Unless a longer retention period is required or permitted by law, we will hold your Data on systems for the period necessary to fulfil the purposes outlined in this Privacy Policy or until you request us to delete/erase your Data (under the “right to be forgotten” as per GDPR). Please, note that deletion/erasure will be fulfilled without undue latency, however there might be some delay in deleting your Data from our servers and backup storage. Also, please mind that under some circumstances your Data may persist on backup media, for legal or other purposes (e.g. in case of dispute resolution, etc.)

The Legal Basis for Data Processing

The legal basis for us to process your personal Data shall be based on the grounds as follows:

  • Consent: when you explicitly agree for us to process your personal data for a specific purpose (e.g., cookies acceptance, Account registration, billing data provision, newsletters and notifications receipt, advertising and marketing, etc).
  • Contract: when processing is necessary for contractual obligations.
  • Legitimate interest: this basis may be used by us for the purposes of preventing fraud, for marketing purposes, for commercial interests, etc.
  • Legal obligation: when processing is necessary for you to comply with the law or as a statutory obligation, not a contractual obligation.

The Purpose of Data Use and Processing

The Data are processed to the extent of legal basis stated above in the legal basis section, as well as for the purpose:

  • to identify our customers,
  • to provide our Services and manage our customer relationships,
  • to ensure the Information Security, so that to prevent unauthorised access to your Data,
  • to comply with legal and regulatory obligations with respect to any illicit or criminal activity;
  • to keep our Website and Application safe and secure, running properly;
  • to screen the use of our Services for overall statistics;
  • to send you welcome email following registration procedures, as well as our Services updates;
  • to maintain accuracy of our records,
  • to send you our email notifications about eventual changes in Services, Terms of Use, our policies and procedures, etc.
  • to send you advertising letters, marketing notifications and the Company’s promotions, etc.

The Data processing based on your consent may be terminated due to your consent withdrawal. You can withdraw your consent at any time notifying us by contact details indicated in the Contacts section of this Policy.

You may also subscribe or unsubscribe of our mailing services, contacting us by our contact details or through the details provided in the sent message.

We can and/or will also use and process your Data for advertising newsletters and direct marketing notifications, after you give us your consent by ticking the box for the advertising and marketing notifications receipt confirmation. Where your data is processed for that purpose, you have the right to object to such processing, whether with regard to initial or further processing, at any time and free of charge. To exercise your right to object to the Data processing for advertising and marketing purposes, including both initial and further processing, the User can notify us about it by contact details indicated in the “Contacts” section. Further processing for advertising and marketing purposes can be also objected by clicking "unsubscribe" in the notification.

Use of Cookies

We will use cookie files and tracking technologies to store and manage our User’s preferences and analyse the User’s usage data from the information collected by cookies to improve your use of our Services. Our Cookies Policy envisage the information on what cookies and technologies we use, why we use them and how you can control and manage them.

You can set your browser to refuse all or part of browser cookies. If you refuse or opt out of cookies, some features or information in our Application/Website may not operate in a proper manner.

The User’s Rights

You have the following rights (“data subject rights”) in relation to your Data and you may make enquiries to exercise any of your rights mentioned below, as follows:

  1. right to access - the right to request copies of the information we hold about you at any time, as well as the right to request us to modify, update and/or delete such information;
    thereupon, we will not charge you for providing your access to your personal Data, and we will not refuse to act on your request, provided that your requests are reasonable, justified and well-grounded, as stipulated in the clause 5 of the Article 12 of the GDPR;
  2. right to rectify - the right to have your Data corrected if it is inaccurate or incomplete;
  3. right to erase - the right to request that we delete or remove your Data from our systems;
  4. right to restrict - the right to limit the way we use your Data;
  5. right to object - the right to object to our use of your Data even for legitimate interests;
  6. right to Data portability - the right to request that we move, copy or transfer your Data (e.g., to another data controller);
  7. withdrawal of consent - if processing of your Data is based on condition of your consent, you may withdraw this consent to the processing of your Data;
  8. right to lodge a complaint - if you are not satisfied with the way we process your Data you can file a complaint by contact details indicated in the Contacts section of this Policy. If you are not satisfied with our handling of your complaint you can lodge a complaint with the Office of the Commissioner for Personal Data Protection on the website http://www.dataprotection.gov.cy

Please, take note that your rights may be limited under certain circumstances (e.g. if fulfilling your request may expose personal Data about another person, or if we’re asked to delete Data which we are required to keep by law).

It is important that the Data that we hold about you are accurate, actual, true and authentic. Please, keep us notified of your personal Data changes, if any and where applicable, while we store it.

Third Parties and Links to Other Websites

Our company can share or disclose your personal Data by transmission to third parties or countries (eg, in the case of other countries’ servers use outside Cyprus or the EEA countries) in accordance with the basis laid down by applicable law.

Please, note that your Data may be required in cases where it is necessary:

  • to provide our Services or comply with the law;
  • in case of changes of business ownership and control;
  • to our company subsidiaries or affiliates where applicable;
  • to contractors; agents; partners, etc.

If the Data is transferred to third parties, including other countries, we will apply all the Internet Security safeguards, envisaged by the industry standards, technologies, data protection measures, appropriate software, applicable law of the country where the Data is located. In any case, we will provide an appropriate level of your Data protection (e.g., contractual clauses, data transfer agreements, etc.), where applicable.

This Privacy Policy applies only to the actions between us and our Users with respect to our Application and Services and does not extend to other websites or links, including but not limited to those of social media, accessed from our Website or Application, where such links may be from time to time provided (to other websites, applications, plug-ins). We have no control over such third-party websites and are not responsible for the content of these websites. When clicking on these links, please read the privacy notice of every third party website you visit.

We accept no responsibility for third party downloads provided by external websites.

Changes of Business Ownership and Control

Our Company may expand or reduce our business and this may involve the sale of or transfer of all or part of our Company. Data provided by Users will be transferred together with the business or the Company part, to the extent that it is associated with the transferred business.

Contacts

You may inform us of any changes in your personal Data, and we will act in accordance with your requests and our obligations under Data Protection law, including the GDPR, as stipulated above in this Policy. Should you have any questions regarding this Privacy Policy or about the Company and our Services, please contact us by: