PRIVACY POLICY

Last updated on 10th of May2024

Privacy Policy

1. Introduction

At E.K. ENTERPRISES LTD (hereinafter “we”, “us” “) the protection of your personal data is a top priority. Keeping your data secure and private is part of our philosophy for delivering high standards of services.The purpose of this Privacy Policy is to provide a clear explanation of when, why and how we collect and use personal data. We have designed it to be as user friendly as possible and have separated it in sections to make it easy for you to find the information that is most relevant to you.
This Privacy Policy has been prepared in accordance with the provisions of the EU General Data Protection Regulation (“GDPR”), which gives individuals in the EU more control over how their data is used and places certain obligations on businesses that process the information of those individuals, and the related Cyprus Law.

2. Who we are

E.K. ENTERPRISES LTD is a company registered in Cyprus under registration number HE 443711 with its registered office located at Gladstonos 69 ACROPOLIS CENTER floor 3 flat 301 3040 Limassol, Cyprus and we import and distribute toys and clothing for Adults, to whom this Privacy Policy is directed to, at retail and wholesale level, online or through our physical stores in Cyprus.
This Privacy Policy is directed to natural persons (hereinafter our “clients”) who are either past, current or potential clients, or are authorized representatives/agents of past, current or potential clients, or are beneficial owners in legal entities who are past, current or potential clients.
We do not, to our knowledge, collect any information from any person under the age of 18.
Our website, products and services are directed exclusively to people who are at least 18 years of age or older. If you are under 18 years of age, do not use or provide any information to this website through any of its features, register on the website, make any purchases through the website, or provide any information about yourself to us, including your name, address, telephone number or email address.
In case we discover that we have collected or received personal data from a minor under the age of 18 we will delete that information. If you believe we may have information from or about a person under the age of 18, please contact us.

3. Identity and contact details of the Data Controller and Data Protection Officer.

(a) Data Controller
E.K. ENTERPRISES LTD, a Cyprus private limited liability company, having registration number HE 443711, is the “Data Controller” pursuant to the GDPR, and related Cyprus Law, and determines how your personal data is kept and processed.
The main establishment and the central administration of the Data Controller is situated at Gladstonos 69, ACROPOLIS CENTER, 3rd floor, Office 301 3040 Limassol, Cyprus.
(b) Data Protection Officer («DPO»)/ Responsible Person for GDPR
We have designated a Data Protection Officer («DPO»)/ Responsible Person for GDPR, who is responsible to monitor compliance with this Privacy Policy as well as the applicable Laws and has the obligation to liaise with the Cyprus Supervisory Authority, namely the Office of the Commissioner for Personal Data Protection.
The DPO/ Responsible Person for GDPR may be contacted directly with regards to all matters concerning this Privacy Policy and the processing of your personal data including the enforcement of all applicable and available rights.
Official requests may be made by post at Gladstonos 69, ACROPOLIS CENTER, 3rd floor, Office 301, 3040 Limassol, Cyprus or electronically at info@cyprusloveshop.com.

4. How do we collect personal data?

We collect and process different types of personal data which we receive from our clients in person or via our website.

5. Do we use Cookies?

Yes, this website uses cookies – small text files that are placed on your device to help the website provide a better user experience.
In general, cookies are used to retain user preferences, store information for things like shopping cart, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better.
The cookies use for the purposes of this website can be classified into the following five categories:
i. Strictly necessary cookies – These cookies are essential for you to browse the website and use its features, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

ii. Functional Cookies – These cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

iii. Analytical Cookies – These cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

iv. Performance cookies – These cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

v. Advertisement cookies – These cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.
The above are the main ways of classifying cookies, although there are cookies that will not fit neatly into these categories or may qualify for multiple categories.
In some special cases we also use cookies provided by trusted third parties. Our website uses Google Analytics which is one of the most widespread and trusted analytics solution on the web to help us to understand how you use the website and ways that we can improve your experience. These cookies may track things such as how long you spend on the webisite and the pages that you visit so that we can continue to produce engaging content. For more information on Google Analytics cookies, visit the official Google Analytics page.
Use of your IP Addresses: An IP address or Internet Protocol Address is a numerical address assigned to your device on the Internet. We may use your IP address and browser type to analyse usage patterns and diagnose problems on this website, but without additional information your IP address does not identify you as an individual.
When accessing our website, our cookies are sent to your web browser and stored on your device. By using our website, you agree to the use of cookies and similar technologies. The Law provides that we can use cookies that are strictly necessary to enable you to use certain features of this website. For all other types of cookies your consent is necessary and you may prefer to disable these types cookies on this website and on others.
6. What categories of personal data do we collect?
We collect and use several types of information the individuals we co-operate with, including information by which you may be personally identified and that is defined as personal data under applicable law such as your first and last name, address, contact details (telephone number, email address).
Should there be a need to further process the personal data for a purpose other than that for which they were initially collected, you will be informed in advance about the additional purpose and the relevant details in respect to the further processing.
With your explicit consent we may collect special categories of personal data. Pursuant to the definition given by the GDPR, these data may include racial or ethnic origin, political opinions, religious or philosophical beliefs, health data, the processing of genetic data, biometric data, data concerning health, sex life or sexual orientation and criminal records.

7. What lawful reasons do we have for collecting, processing and disclosing personal data

In order to proceed with a business relationship or transaction our clients must provide their personal data to us which are necessary for the required commencement, execution and continuation of a business relationship or transaction.
In accordance with GDPR we may rely on the following lawful reasons when we collect and process personal data to operate our business and provide our services:
• Compliance with legal obligation: We may process personal data in order to meet legal and regulatory obligations.
• Contract: We may process personal data for the purposes of providing our services in accordance with our terms and conditions and/ or any other contract that you have with us.
• Consent: We may rely on your freely given consent at the time you provided your personal data to us for a purpose of the process being other than for the purposes set out herein above. Then the lawfulness of such processing is based on that consent. You have the right to withdraw consent at any time. However, the legality of the processing of personal data prior to the receipt of the withdrawal will not be affected.
• Legitimate interests: We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced. A legitimate interest is when we have a business or commercial reason to use our clients’ information. Instances of such processing activities can include, initiating legal claims, preparing our defence in litigation procedures, initiating complaints to regulators etc.

8. Why do we need personal data?

We aspire to be transparent when we collect and use personal data and tell you why we need it, which typically includes:
• Providing the requested services.
• Customer management: to manage your account, to provide you with customer support and with notices about your account, including notices about changes to services we offer or provide through it;
• Administering, maintaining and ensuring the security of our information systems, applications and websites; Server, i-cloud and internet providers
• Functionality and security: to detect, prevent, and respond to actual or potential fraud and illegal activities;
• Compliance: to enforce our terms and conditions and to comply with our legal obligations as these derive from the applicable laws;
• in any other way we may describe when you provide the information; or for any other purpose with your consent provided separately from this Privacy Policy.
• Without the minimum personal data, our company will not be able to deliver the online received orders to customers. Courier companies require personal details in order to be in a position to contact the customer and complete the delivery as per customer’s request. Courier companies are liable by law to protect the personal details of our clientele. Courier companies domestic and non are complying to the GDPR rules and regulations.

9. Do we share personal data with third parties ?

In the course of our business relationship our clients’ personal data may be provided to various departments within our Company.
Furthermore, the following third parties may also be the recipients of the personal data under the certain circumstances:
– Programmers
– Server, i-cloud and internet providers
– Banks and Financial and Services providers for payments’ processing
– Company accountants
– Courier companies
– Franchisees of our company when absolutely necessary for the purpose at hand
Third parties to whom we may disclose Personal Data may have their own privacy policies which describe how they use and protect Personal Data. If you want to learn more about their privacy practices, we encourage you to visit the websites of those third parties.
Of course, due to the nature of our products and services, discretion and the avoidance of sharing information with third parties that is not absolutely necessary for the provision and quality of our services is a matter of utmost concern to us.
In addition to the above, there is also the possibility that We, or part(s) of our company, may one day be purchased by, or merged with, another company. If that’s the case, the acquiring (or merging) company will have access to your information.
10. What about personal data security?
We have put in place appropriate technical and organizational measures including physical, electronic and procedural measures to protect personal data from loss, misuse, alteration or destruction. We restrict access to information at our offices so that only officers and/or employees who need to know the information have access to it. Those individuals who have access to the data are required to maintain the confidentiality of such information. In addition, we have trained our employees on how to handle, manage and process personal data, applied upgraded technical measures and transformed our policies and procedures in a way that will comply with the GDPR.
Please be aware that the transmission of data via the Internet is not completely secure. Users should also take care with how they handle and disclose their personal data and should avoid sending personal data through insecure email.

11. How long do we retain personal data?

We will keep our clients’ personal data for as long as we have a business relationship.
Once our business relationship has ended, we will hold your personal data on our systems for the longest of the following periods:
a) any retention period that is required by law or professional standards;
b) the end of the period in which litigation or investigations might arise in respect of the services or
c) as directed by our own internal retention policies or practices, the length of which may vary depending on the nature of the information that is held.
The personal data processed for the purposes of sending newsletters shall be kept with us until you notify us that you no longer wish your personal data to be used for this purpose.

12. Do we change this Privacy Policy?

We may modify or revise our Privacy Policy from time to time to reflect our current privacy practices. When we make changes to https://sexshopcyprus.com/ the Privacy Policy, we will revise the “updated” date at the top of this page. We encourage you to periodically review this Privacy Policy that can be found at our website to be informed about how E.K. ENTERPRISES LTD is protecting your Personal Data.

13. What are your data protection rights?

Subject to the provisions of the GDPR, you have certain rights regarding the Personal Data we collect, process or disclose and that is related to you, including the right:
• To receive access to your personal data (right to access).
• To rectify inaccurate personal data concerning you (right to data rectification);
• to request deletion/ erasure of your personal data (right to erasure/deletion, “right to be forgotten”);
• to receive the Personal Data provided by you in a structured, commonly used and machine-readable format and to transmit those Personal Data to another data controller (right to data portability);
• to object to the use of your personal data where such use is based on our legitimate interests or on public interests (right to object);
• in some cases, to request the restriction of processing of your personal data (right to restriction of processing);
• To withdraw the consent given to us with regard to the processing of your personal data at any time. Note that any withdrawal of consent will not affect the lawfulness of processing based on consent before it was withdrawn.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your other rights. This helps us to ensure that personal data is not disclosed to any person who has no right to receive it. No fee is required to make a request unless your request is clearly unfounded or excessive. Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds.

14. How to raise a complaint

To exercise any of the above rights, or for any questions or complaints about our use of your personal data, please contact our Data Protection Officer/ Responsible Person for GDPR, either by post at Gladstonos 69, ACROPOLIS CENTER, 3rd floor, Office 301, 3040 Limassol, Cyprus, or electronically at info@cyprusloveshop.com.
Complaints may also be lodged to the supervisory authority in Cyprus (Office of the Commissioner for Personal Data Protection), by post P.O.BOX 23378, 1682 Nicosia, Cyprus or by email commissioner@dataprotection.gov.cy or by fax 22304565. More information can be found at http://www.dataprotection.gov.cy.