In this Privacy Notice (hereinafter the “Notice”) you can find the information with regard to the processing of your personal data (hereinafter shall also be referred to as the “data”) when you visit or use https://citadelventures.com/ (hereinafter the “Website”). Please read this information before the usage of the Website and prior to the provision of any personal data to the Website. This Notice is subject to changes. In case of any changes, we will post the revised version of the Notice on the Website and, if we have your e-mail address, we will communicate you about the revision of this Notice. It is your responsibility to revise this Notice whenever you access the Website. Your use of the Website shall be considered that you have read, understood and have no objections to the processing of your data in accordance with this Notice. Should you have any questions in regard to this Notice, please, do not hesitate to contact us via e-mail address [email protected].
Legal and contact information.
The Website is maintained, owned and operated by CITADEL VENTURES CYPRUS LIMITED, the company incorporated in the Republic of Cyprus, with its registration number ΗΕ 384776, with its registered address at 79 Spyrou Kyprianou Ave, Protopapas Bldg, 2nd floor, office 201, 3076 Limassol, Cyprus (hereinafter the “Company”, “We”, “Us”, “Our”).
What data we collect.
The data which are collected automatically.
When you use the Website, some data are collected from you by automated means.
- Via Google Services:
- Via Google Analytics:
- The total time you spend on the Website;
- The time you spend on each page and in what order those pages were visited;
- What internal links were clicked (based on the URL of the next pageview);
- Your IP address and user agent string;
- Initial page inspection that analytics.js performs when creating a new tracker object is used to determine your geographic location, what browser and operating system are being used, your device`s screen size, whether flash or java is installed, and the referring site.
2. Via Google reCAPTHCA. In case of Google reCAPTCHA, Google collects the data about your input in order to distinguish whether an input is made by a human or by a robot or with the use of any other form of automated means.
3. Via Google Tag Manager. Google Tag Manager is a tool made by Google that allows us to integrate and manage tags (snippets of code) into the Google Tag Manager collects the Aggregated data about your tag firing.
2. Via Cloudflare:
- Your IP address;
- System configuration information;
- Other information about traffic to and from the Website.
The data which you voluntarily provide us.
- Contact data. When you contact us via available contact details or the interface of the Website, you hereby provide us with the following data:
- Your name;
- Your email address;
- Other contact details;
- The subject of your communication including all the data it may contain.
2. The status of your consent to receive the Newsletter of the Company. We collect the information on whether have you consented to receive the Newsletter of the Company. You will always have a possibility to unsubscribe from the Newsletter by sending us a proper request or by the interface of Newsletter message.
Why we collect these data.
- To administer the Website. We use the data which are collected automatically for the following purposes:
- To administer the Website;
- To protect the Website from DDoS attacks and other cyberattacks;
- To protect the Website from any illegal, unlawful activity, fraud, and abuse;
- To diagnose any problems with the Website and the Serverwhich makes the Website available;
- To provide you with the Website tailored for your device, language, and opted preferences;
- Toload balance to the Server which makes the Website available.
Legal basis for the processing for this purpose: the legitimate interests pursued the Company and the third party in accordance with Article 6(1)(f) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the “GDPR”).
2. For the purposes of research and analysis. We use contact data and the data which are collected automatically for the following purposes:
- Conduct research and analysis in regard to the usage of the Website by the audience of the Website;
- Having known the information about the usage of the Website by the audience of the Website, to develop and enhance this Website and the server which makes the Website available;
- To conduct so-called “A/B tests” (to find out more A/B tests please follow https://en.wikipedia.org/wiki/A/B_testing);
- To test new features on the Website.
Legal basis for the processing for this purpose: the legitimate interests pursued the Company and the third party in accordance with Article 6(1)(f) of the GDPR.
3. To contact you. We use your contact datain order to contact you when required by the situation.
Legal bases for the processing for this purpose:
- If you are interested in entering into business relationships with the Company: the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract in accordance with Article 6(1)(b) of the GDPR.
- If you make a request as the data subject or your request relates to another legal issue: the processing is necessary for compliance with a legal obligation to which the Company is subject in accordance with Article 6(1)(с) of the GDPR.
- If we send you the Newsletter of the Company: you have agreed to the processing of your data for this purpose and this consent is given in accordance with Article 6(1)(a) of the GDPR.
- If your question relates to the Company in general or relates to the products and services of the Company: the processing is necessary for the purposes of the legitimate interests pursued the Companyand the third party in accordance with Article 6(1)(f) of the Provision of the information about the Company to the general audience is the legitimate interest of the Company.
4. To comply with applicable law. We may use your data for the purposes of compliance with applicable legislation.
Legal basis for the processing for this purpose: the processing is necessary for compliance with a legal obligation to which the Company is subject in accordance with Article 6(1)(с) of the GDPR.
How long will we retain your data?
For the data which are collected automatically – for a period of twenty-six (26) months starting from the date of your last visit to the Website. For contact data – as long as required by a particular purpose of your message.
Recipients of your data.
Please read the information below to find out the list of recipients of your data.
- Our employees, affiliates, contractors, and sub-contractors. The Website is maintained by a large number of individuals: our employees, employees of our affiliated entities, contractors, and sub-contractors. Thus, your data will be shared with them. Please note, that these transfers are secured by proper contractual arrangements which oblige these recipients to process your data in strict compliance with this Policy and within the terms of confidentiality and professional secrecy regime.
- The hosting provider that owns the server which makes the Website available. Our Website is placed on the third-party server; thus, your data will be shared with this services provider.Nevertheless, your data will be placed on this server only in encrypted form: from this follows that these services provider will not be able to decrypt your data without decryption keys which are in sole possession of the Company.
- Public authorities of our jurisdiction. In case of the legal obligation to disclose your data to the public authorities of our jurisdiction (the term “public authorities” may include, without limitation, court, police, financial investigation unit), the Company will perform this disclosure.
- Google and Cloudflare. As mentioned above, the Company uses the services, provided Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA and Cloudflare, Inc. 101 Townsend St, San Francisco, CA 94107 USA.Google LLC. and Cloudflare, Inc. are certified under EU-U.S. Privacy Shield Framework. The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce. For more information on the Privacy Shields, please visit the U.S. Department of Commerce’s Privacy Shield website at: https://www.privacyshield.gov/welcome. You can find the information about certification of Google under EU-U.S. and Swiss-U.S. Privacy Shield frameworks via the link https://policies.google.com/privacy/frameworks?hl=en&gl=de and the information about certification of Cloudflare under EU-U.S. and Swiss-U.S. Privacy Shield frameworks via the link https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active.
As the data subject, you have several rights which you can implement either by contacting us via email [email protected] or by sending a request to our legal address. These rights are the following:
- The right to withdraw consent. If you previously consented (under Article 6(1)(a) of the GDPR) to processing of your data, you have the right to withdraw this consent at any time. It means that we will stop the processing of the personal data for the processing of which the consent was requiredstarting from the date of the withdrawal. The withdrawal of consent shall not affect the lawfulness of the processing based on consent before its withdrawal.
- The right of access. You have the right to obtain from us the confirmation as to whether or not the data concerning you are being processed, and, if we indeed process your personal data, to receive a copy of the personal data undergoing processing.
- The right to rectification. You have the right to obtain from us the rectification of inaccurate personal data concerning you.
- The right to erasure (or the right “to be forgotten”). You have the right to obtain from us the erasure (removal) of your personal data. Upon your request, your personal data shall be removed. This right shall be applied if:
- your personal data are no longer needed for the purposes for which these data were collected;
- you have withdrawn your consent (if you have provided this consent) and there are no other legal bases for further processing;
- we do not need to keep your personal data for the purposes of compliance with the applicable legislation;
- the data are processed unlawfully;
- there are no any restrictions of this right by the applicable legislation;
- in other cases when the erasure (removal) is required or permitted by the applicable law.
5. The right to object to processing. You have the right to object, on grounds relating to your particular situation, to processing of your personal data, if the grounds of this processing were necessary for the purposes of the legitimate interests pursued by the Company or by the third party (Article 6(1)(f) of the GDPR)or this processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Company (Article 6(1)(e) of the GDPR). Additionally, you have the right to object to the processing of your personal data for direct marketing purposes (if applicable).
6. The right to restriction of the processing. You have the right to obtain from usrestriction of processing, in case if one of the following applies:
- you contested to the accuracy of the personal data, for a period enabling the Сompanyto verify the accuracy of the personal data;
- processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
- we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
- you have objected to processing on the basis of your right to object pending to verification whether your legitimate grounds override those of the Company.
7. The right to data portability. You have the right to receive from us the data which were collected from you, in a structured, machine-readable format and have the right to transmit those data to another controller (in a plain language, to another company). Nevertheless, this rule applies only to processing which:
- Was carried out by automated means;
- Isbased on Articles 6(1)(a) and 9(2)(a) of the GDPR (consent) or is based on Article 6(1)(b) of the GDPR- processing which was carried out under the contract between you and us.
Please note, that these rights are applicable with some restrictions:
- If we are not sure about the identity of the requestor,we shall verify the identity of a user/visitor who requests for the implementation of any of the rights before the implementation of this right.
- We may restrict the rights specified above or deny in implementation of any of the rights if this restriction or denial is grounded on the legislation to which the Company is subject. In this case, we will specify you the reason for the denial in the reply to your request.
8. The right to lodge a complaint with the supervisory authority. You can always contactus for any issue with regard to the processing of your data, including complaints. Nevertheless, if you suppose that your rights under applicable data protection legislation have been violated, you can lodge a complaint either:
- Withthe Commissioner for Personal Data Protection of the Republic of Cyprus (jurisdiction of our incorporation). The Website of the Commissioner http://www.dataprotection.gov.cy/; or
- With the data protection authority of the country of your habitual residence. You can find the list of all EU Data Protection Authorities on the Website of the European Data Protection Board https://edpb.europa.eu/about-edpb/board/members_en.
The Website may contain links to the services, websites or resources that are operated by third parties. These links are being provided as a convenience and for informational purposes only; the Company is not liable for the processing of personal data by these services, websites or resources. Please visit the “privacy” section prior to the usage of these services, websites or resources and provision of any personal data to them.