Please read this website privacy policy carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information, and how to contact us and supervisory authorities in the event you have a complaint.
This notice explains how CPT Cyprus Public Transport Services and Operations Limited collects, uses and protects personal information through this website.
This website is operated by CPT Cyprus Public Transport Services and Operations Limited, hereinafter referred to as “CPT”, “we” or “ours”.
We collect, use and are responsible for certain personal information about you. When we do so, we are regulated under the General Data Protection Regulation, which applies across the European Union, and we are responsible as “controller” of that personal information for the purposes of those laws.
This privacy policy relates to your use of our website, https://www.publictransport.com.cy only.
Throughout our website we may link to other websites owned and operated by certain trusted third parties and partners. These other third-party websites may also gather information about you in accordance with their own separate privacy policies.
For privacy information relating to these other third-party websites, please consult their privacy policies as appropriate.
We collect personal information about you when you access our website.
We collect this personal information from you either directly, such as when you contact us, or indirectly, such as your browsing activity while on our website. Please see the “Cookies and other tracking technologies” section below.
The personal information we collect about you depends on the particular activities carried out through our website. This information is limited to cookies only.
This website is not intended for use by children and we do not knowingly collect or use personal information relating to children.
When we use your personal information, we are required to have a legal basis for doing so. There are various different legal bases on which we may rely, depending on what personal information we process and why.
The legal bases we may rely on include:
We collect and use this personal data to provide our services to you. If you do not provide personal data we ask for, it may prevent us from providing our services to you.
A cookie is a small text file which is placed onto your device, such as a computer, smartphone or other electronic device, when you use our website.
We use cookies on our website. These help us, amongst other things, to recognize you and your device and store some information about your preferences or past actions.
For further information on cookies, our use of cookies and/or relevant similar technologies, when we will request your consent before placing them, and how to disable them, please see our Cookies Policy.
Within our Company, your personal data is accessible only to those who need to access it and only for the purposes mentioned above.
We may disclose your information to our affiliates, in which case we will require these affiliates to comply with this Privacy Notice.
Outside our Company, recipients of your personal data may be subcontractors or third parties who cooperate with and/or provide services to our Company in the context of its business, such as companies that provide email services, web hosting services, information technology services, legal representatives and other similar providers.
We choose our associates very carefully, after the necessary checks have been carried out and sufficient guarantees have been provided to implement appropriate technical and organizational measures. This helps ensure that processing meets the requirements of the GDPR and the relevant laws, and ensures the protection of your rights.
If you would like more information about who we share our data with and why, please contact us using the details in the “How to contact us” section below.
Personal data provided to us via our Site will only be stored until the purpose for which it was processed has been fulfilled or, in the case of consent, until you withdraw your consent.
If your data is transferred to entities or other third parties whose headquarters or place of data processing is not located in a member state of the European Union or the European Economic Area, we ensure before forwarding the data that, outside of legally permitted exceptional cases pertaining to the recipient, either an appropriate level of data protection exists or your sufficient consent exists.
Appropriate protection may include, for example, an adequacy decision of the European Commission, suitable guarantees, or the agreement of EU standard contractual clauses between us and the recipient.
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorized way. These measures include, but are not limited to, access control, internal audit and other relevant procedures.
Furthermore, we limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.
We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
As a data subject, you may contact us at any time to make use of your rights. These rights are the following:
For further information on each of those rights, including the circumstances in which they apply, please contact us using the details in the “How to contact us” section below.
If you still feel that your personal data has not been handled appropriately according to the law, you can submit your complaint with the Office of the Commissioner for Personal Data Protection.
Address: 1 Iasonos Street, 2nd Floor, 1082 Nicosia
Tel: +357 22 818456
Email:
commissioner@dataprotection.gov.cy
You can contact us by post or email if you have any questions about this privacy policy or the information we hold about you, to exercise a right under data protection law, or to make a complaint.
CPT Cyprus Public Transport Services and Operations Limited
Postal address:
81-83 Griva Digeni, 6th Floor,
1090 Nicosia, Cyprus.
Email address: dpo@publictransport.com.cy
This privacy notice was published in July 2020 and last updated on 7th June 2021.
We may change this privacy notice from time to time and when we do, we will inform you via our Site or other means of contact.