Who are we?

REDMAX TECHNOLOGIES LIMITED (ΗΕ 152980)

Address: 193 Giannou Kranidioti Ave., Latsia, Nicosia, 2234
Tel: +357 22 277800
Fax: +357 22 277809
Email: info@redmaxtech.com
Website: www.redmaxtech.com

Nature of business: Turnkey solutions provider in the area of telecommunications (such as fiber optics, high quality IT services and diversified managed services), specifically and exclusively focused on business customers.

How do we collect information from you?

We obtain information about you when you use our website, for example, when you contact us with a request, query or complaint and/or when you shop from us online or you share your personal information with us by placing orders or by sending contact forms through our website.

We may also record information about you while you use our website even if you do not do any of the above and simply browse through our website by clicking on links displayed one our website. Such information is automatically recorded in the server logs of your website and/or by cookies as explained below in this Privacy Policy. Your activity on our Facebook page, Instagram, LinkedIn and Twitter Profile, is also recorded in a similar manner and we also collect information about you when you like, share or comment on our Facebook Page, Instagram, LinkedIn and Twitter Profile or send us a message on Facebook, Instagram, LinkedIn or Twitter, or any other means of distance communication.

We collect also personal data about you offline or through any means of communication, such as via email or phone or fax, in particular, when you visit us or contact us requesting information about our products or services, when you request a written offer, when you conclude a contract with us, when you receive the products which you have purchased or we provide you our company services or our company solutions, when you pay us for your purchases or the provision of services/solutions to you, when we pay you for orders we made (in case you are our supplier  or partner or associate), or when you submit requests, questions or complaints to us.

We may also collect information about you, not directly from you, but from third parties, such as a telecommunication provider or an IT professional, or any of our supplier or partner or associate, who refer you to us with your knowledge and / or consent.

The companies in our group may pass information to one another for the purpose of contacting you for related products or services, if you have previously consented to such processing.

What type of information is collected from you?

The personal information we collect may include:

When you are a client or a supplier or a partner or an associate of us, or a contact person or a representative of a company or a legal entity, which is a client or a supplier or a partner or an associate of us:

– Full Name (of Contact Person or Representative)
– Address
– Phone (work / mobile)
– Email(s)
– Billing Name / Address (if different)
– IP Addresses, AS numbers, RIPE LIR Account Name

Further, we may also collect financial information about you, such as your bank and/or your bank account number and/or your IBAN, when you pay us for your purchases or services/solutions to you, or when we pay you for the products or services delivered to us as a supplier or service provider or partner or associate.

We collect also all the personal data you provide to us when you visit us or fill in any of our contact or written forms of our company or when you conclude and sign any tender and/or contract and/or agreement with us, which consist mainly of the terms of our contract and your contact details, such as your full name, your title, phone number, fax number, address, email address and any other details of you and/or your representative of the legal entity, as well as details relating to our products and/or services you ordered and/or requested from us and/or provided to you, in case you are a client, or supplies or products or services we asked from you, in case you are a supplier or partner or associate, and the payments of them.

If you are a professional of the telecommunication industry, we may collect your information, such as your name, contact details and projects you have worked or are working on, or projects of our clients which you are involved, when you submit it to us through business meetings with our staff, when you contact us for co-operation and from publicly-available sources such as advertising.

We collect also information about you in your capacity as a visitor of our website, specifically, your IP address as well as information regarding what pages on our website you have accessed and when; these are automatically recorded in our server logs as part of how the internet works and through cookies as explained in our cookie policy. We do not access that data and we do not engage into any other processing in relation to it.

We also collect any other information you provide to us by filling in and submitting web forms on our website, Facebook Page, or Instagram, LinkedIn and Twitter profiles, such as a query, an order, rating, comment, request or complaint. If you have liked our Facebook Page, follow us on Instagram or Twitter or connect with us through LinkedIn, we collect your Facebook, Instagram, Twitter or LinkedIn name as well as any likes, views or comments you make on our Facebook, Instagram, LinkedIn or Twitter posts, as well as anonymized statistics regarding how users engage with our page and profiles as provided by Facebook, Instagram, LinkedIn and Twitter. Moreover, if you place an order in our shopping cart or request a service or solution, we also collect information about your products or services or solutions requested, regardless if you finally pay for the product or services/solutions or not.

Finally, we also collect any other information you provide by communicating with us via phone or email or any other means of communication as described in the previous section of this Privacy Policy.

We have reviewed all of our forms to ensure that we collect and process only the information that is strictly necessary for the intended purpose specified or being apparent to you or required by law, thus avoiding excessive or unnecessary processing. Furthermore, we do not collect any special category data about you, such as your political beliefs or your health status.

How is your information used?

We use your information which is not special category personal data lawfully in accordance with Article 6(1)(a), i.e., for purposes you have consented to, Article 6 (1) (b), i.e., as necessary to conclude and perform a contract with you, Article 6 (1) (c), i.e., to comply with obligations imposed by law (such as tax legislation) and Article 6 (1) (f), i.e., as necessary for legitimate interests we pursue as a business.

We provide more details immediately below to help you understand how exactly we use your information:

We use your information in order to:

Article 6(1)(a)

• process your personal information for any specific purpose, you have consented to;

Article 6 (1)(b)

• process orders or tender requests for products or services or solutions,
• conclude and/or perform a contract with you by carrying out our obligations arising from the contract entered into between you and us, such as to deliver and / or install and/ or set up and / or maintain products purchased and / or provide you support or maintenance or other relevant company services regarding to our company products or services or solutions and to charge you for the products you ordered and / or the services and/ or solutions provided to you, or pay you for the supplies or services delivered to us by issuing relevant invoices and receipts;

Article 6 (1)(c)

• comply with our obligations derived from law such as tax legislation with regard to issuing and retain payment-related documentation (invoices, receipts) for bookkeeping and auditing purposes;

Article 6 (1) (f)

• notify you of key changes in our services (such as opening hours), products (such as stopping the marketing of a product), when this is relevant, or changes to our privacy policy;
• deliver and/or set up our products and/or services to you (e.g. IP Address assignment, bandwidth policy, network protocols setup)
• audit and/or support and/or maintain the proper operation of our product or service or solution delivered to you.
• archiving contact details of you and your products, services, solutions, communication and relevant contracts or agreements for purposes of better organization and customer service.
• serve you by sending you communications you have requested via email or our web forms, such as a reply to a query or a comment, or informing you about or making changes which you have requested in relation to your order;
• ensure fraud prevention and protect other legitimate interests of our company, such as to keep records of our clients and suppliers and/or partners and/or associates, get anonymized statistics relating to the needs and behavior of our clients, maintain central technical infrastructure (where applicable), have better organization and effective management of the company, reduce credit risk and receive payment for purchases made and / or services performed, contact you for the purpose of notifying you of any possible delay in the payment of invoices or for collecting any due amounts or serving needs communicated to us;
• If you are a professional in the telecommunication industry, such as a telecommunication provider or IT specialized in telecommunications, to communicate with you regarding business collaborations;
• To the extent that you act as a representative of a company or a legal entity, we process your personal data to satisfy our legitimate interests and those of the company or the legal entity you represent, in particular to conclude and perform a contract between us and the company or legal entity you represent.

We will not normally contact you for marketing purposes by mail, email or text message unless you have given your prior consent or to the extent permitted by law for existing customers about related products and/or services.

You may change your marketing preferences and withdraw your previously-given consent at any time, without any consequences, by contacting us at the details set out at the beginning of this Privacy Policy. You also have the right to object to the processing of your personal data, including for direct marketing purposes. For more on this right to object to the processing of personal data for direct marketing and in general, see below in this Privacy Policy.

Where and for how long do we keep your information?

Your personal information is stored in physical (hard copy) files and some information that does not include sensitive data, in computer servers located in our premises in Cyprus. By the way of exception, personal information in our corporate emails is stored by Google (Gmail) on its own servers.

We only keep information for as long as it is necessary for us to service you and as required to comply with legal or regulatory obligations to which we are subject, more specifically, those arising from tax legislation (six years from the end of the financial year to which they refer according to the Assessment and Collection of Taxes Law of 1978 (L.4/1978), Section 30), as well as to be able to defend or institute any legal actions against or in the name of our company (the limitation period for contractual disputes is six years according to the statute of limitations). To cover for these, we retain your personal data for a maximum of 7 years from the end or termination of the contract we have with you.

We retain your information for a period of 18 months, in case we have collected your information in any of the ways described earlier in this Privacy Policy but we have never had a contract with you or a company or a legal entity you represent.

The information collected for questions, comments, complaints, requests to the company is kept for 6 months from their submission.

In the event of a data breach or a relevant allegation, the personal data relating to its handling will be retained up to twelve (12) months after the completion of any procedure relating to the breach.

After the lapse of the aforementioned periods of retention, we remove the above information from our systems by deleting it or we fully anonymize it so that you can no longer be identified by it. In this latter case, we do not delete all of the information but only those pieces of information such as your name, address, email address and any other information revealing that the said information belongs to you.

Should the Cyprus Data Protection Commissioner specify any maximum retention periods, shorter or longer than the above, we will immediately adjust our retention policy accordingly.

Who has access to your information?

We will never sell your personal data to third parties and we will not share it with third parties for marketing purposes apart from us between companies in our group if you have consented to.

We may also pass your personal data to third party service providers. Such third parties may be messengers or technical service providers who provide us with software systems (or their maintenance) or product storage services necessary to conduct administrative tasks inherent in the provision of our services to you or in the conducting of our business. We only disclose to them the personal information that is absolutely necessary to deliver the service or perform the said task and, when legally required, we have a contract in place that requires them to keep your information secure and in accordance with the principles and rules of the General Data Protection Regulation and not to use it for their own direct marketing purposes or for any purposes other than to provide the service or complete the task as explained above.

We may also share your information with the parent company and/or members of our group of companies, in the context of organizing our business efficiently.

If you have been referred to us by your telecommunication provider, we may forward your order to the said provider to the extent necessary for the purposes of work coordination, pricing or payment.

We also pass your information as may be contained in our emails, to Google Workspace (Gmail), which provides us with a relevant technical service of data processing for the said purposes. Gmail has committed to keep your information secure and in accordance with the principles and rules of the General Data Protection Regulation.

We may also pass your personal data to our lawyers and accountants / auditors to the extent necessary to defend or institute legal claims and to comply with legal obligations with regards to financial accounts and tax reasons respectively.

We may also transfer personal information to the banks, in particular when you pay us by a bank transfer or when you get paid as a supplier or a service provider or a partner or an associate in the same way. Banks are controllers of personal data themselves and are bound by all of the obligations of the General Data Protection Regulation. You can see their own privacy policies on their websites.

We may transfer your personal information to a third party as part of a sale of some or all of our business assets to any third party or as part of any business restructuring or reorganization in which case we will take measures to ensure that all data protection principles and related rights as derived by the General Data Protection Regulation are fully complied with, prior, during and after the relevant transfer.

Finally, we may disclose your information to public and / or regulatory or supervisory authorities if such disclosure is required by law or an order issued by a court of law.

What are your rights?

You may at any time send us any of the following requests and we will meet them at the earliest possible and in any case, within a month from the date of receipt of your request and inform you about the action we have taken. If your request is for any reason complex to examine or meet, we will ask you for an extension before the aforementioned one-month period expires.

If we have legitimate reasons to refuse to satisfy your request, we will inform you accordingly and, in this case, you have the right to submit a relevant complaint to the Cyprus data protection authority, namely, the Data Protection Commissioner (http://www.dataprotection.gov.cy/) if you believe that our decision is unjustified.

These are your rights and the relevant requests you can submit to us:

A request that we permanently delete all or some of your information from our records (right to be forgotten or to erasure), for example when we no longer have reasons to retain it.

A request for you to access your information that we keep in our records (right of access).

A request that we provide you with a copy of your information that exists in our records, in digital or hard copy form. If you require more than one copy, we may charge you a maximum of EUR 40,00 as administrative costs (right to a copy).

A request that we update or correct your information that we keep in our records (right to rectification), for example, in case it is outdated or contains errors or inaccuracies.

A request that we provide you with information of yours we keep in our records in a structured, commonly used and machine-readable format or forward it in such form to another provider of your choice, if such forwarding or transfer is technically possible (right to portability). Please note that this right applies only in relation to data that you yourself has provided to us with and which we process by electronic means in the context of a contract between you and our company or because you have consented to us doing so.

A request that we stop doing anything with your information without however deleting it from our records (right to restriction of processing). In this case, we will restrict access to your data.

A request that we stop processing your information for direct marketing purposes or on the basis of legitimate interests pursued by our company as explained under the fourth question of this Privacy Policy or in the name of the public interest (right to object). In the case of direct marketing, we will stop processing your information. In the rest of the cases, we will do the same unless we have compelling reasons to refuse to do so, which we will explain.

In case of purposes, you have consented to, you can also submit a request to withdraw your consent at any time (right to withdraw consent), without affecting the lawfulness of processing based on consent before its withdrawal.

If you wish to exercise any of the above rights you will be able to do so by contacting us at any of the contact details stated above in this Privacy Policy, preferably by email specifying the type of right you seek to exercise.

Please note that before acting upon any of your above requests, we may require you to prove your identity, if we are in doubt about your true or correct identity. If we cannot identify you, i.e., we do not hold personal data belonging to the person you are saying you are, we will inform you accordingly and we will not act upon your request.

The personal data relating to the handling of any of your requests will be retained up to nine (9) months after the completion of any procedure relating to the request.

What security measures do we apply to protect your information?

When you provide us with personal information, we take organizational and technical measures to ensure to keep it secure and protected against unauthorized disclosure or access, alteration, accidental loss or other violation or unlawful processing. Some of them are role based access control via permissions delegation, firewall security, offsite backups, alarm system, surveillance system, visitor logs. Such measures, amongst others, aim at restricting access to personal information, ensuring secure storage, limiting the risk of viruses and other harmful events, securing and keeping secure back-ups and effectively destroying unnecessary or outdated data.

The data related to the handling of any incident of personal data breach are kept for a period of twelve (12) months from its notification to the competent authority or the final termination of any process related to the breach if such a process exists.

Transferring your information outside the European Union

We do not transfer your information outside the European Union.

Except in cases where technical service providers we collaborate with, as explained above, use servers located in third countries such as the United States for data storage, we do not transfer your information outside the European Union. If it ever becomes necessary to transfer your personal data to a country that is not a Member State of the EU, we will ensure that your personal data receives equivalent and/or appropriate respect and protection, specifically by signing with parties based outside the EU, relevant data sharing and/or or a ‘controller-to-processor’ agreements using standard contractual clauses approved by the European Commission under Article 46 of the Regulation, if the country is one for which there is no EU Commission Adequacy Decision under Article 45 of the Regulation. You have the right to receive details of these agreements, so in case you request and your data is indeed transferred, we will provide you with the relevant details.