QHL QUAD CODE HOLDING LIMITED, a limited liability company part of the QUAD CODE Entities, incorporated and registered in the Republic of Cyprus under company number HE390331 and have our main business office at Spyrou Kyprianou & Evgeniou Voulgareos Kato Polemidia, 4153 Limassol, Cyprus (hereinafter “Quadcode”). Quadcode is the Controller and responsible for the personal information you disclose to us to make use of our Services.
Processing of your Data is carried out by Quadcode following the principles of lawfulness, fairness, transparency and always adhering to the intended purpose of data processing, the principle of data minimization, accuracy, limited data storage, data integrity, confidentiality and accountability. Quadcode may process your personal data for any of the following reasons:
To comply with the applicable legal, regulatory, tax, accounting requirements we keep your personal data for a minimum period of 5 years from the date our business relationship is terminated. We may need to retain your information for a longer period where we need the information to comply with regulatory or legal requirements or where we may need it for our legitimate business purposes, such as to respond to queries or complaints, fighting fraud and financial crime and responding to requests from regulators.
At the expiration of the personal data retention period the personal data is erased by irreversible destruction and we also inform all third parties, to whom the personal data was transferred, regarding such erasure and request implementation of similar actions on their part.
We protect your data by adhering to industry standard regulations on data protection by categorising them into data types (e.g. technical, personal data, cookie data, etc) while applying relevant protection processes and due diligence procedures. Therefore, we apply appropriate technical and organisational controls to protect your data, including secure computer systems adopting least privilege access in order to prevent unauthorised access, disclosure, modification, or destruction of personal data. Any hard copy documents are locked in a secure cabinet, and destroyed once no longer required.
Encryption of your data in transit. Encryption provides a high level of security and privacy for your personal data. When personal data in provided when using our Services, we use strong encryption technologies (such as Transport Layer Security) to protect the personal data during transmission from your devices to our servers.
For providing more trust and security we use digital EV (Extended Validation) Certificates issued by trusted Certificate Authorities. You can see the ‘Green Bar’ in the supported browser versions which confirms what all transmitted personal data is secure.
Protection of your personal data in our infrastructure. We make it a priority to develop Services that are secure "by default". The "default" security of our Services means that every new services and features are designed with strict security requirements in mind before we even begin development. This is the key to guaranteed protection and privacy of all personal data that our Services handle and store, once the service or new feature is released.
To secure personal data, we use the pseudonymisation which allows most of our Services to operate without using your actual data. Instead of that, our services use a system ID that can't be traced back to identify you.
Quadcode is always vigilant about the Security of the personal data stored in our infrastructure. Because of that we locate all our equipment used for your personal data processing in secure personal data centres. Network access to this equipment is isolated from the Internet. We use network segmentation for isolation of Services which need different level of security from each other. In addition, we restrict logical access to the personal data for our employees on "need to know" basis. So, only personnel, who really require access to the personal data for the purpose of providing you with our best Service, will have access to it.
Threats protection. Quadcode is highly knowledgeable about modern threats to personal data security and privacy, and we are well prepared to combat them. All events that occur in our infrastructure are continuously monitored, analysed and responded, which allows us to ensure proper protection of your personal data, keeping it safe from threats, vulnerabilities, and the effects of malware.
In the event of a failure that affects the accessibility of your personal data, we have personal data backup and recovery procedures in place that will help us to restore your personal data in a short time. For further guarantee the quick recovery we use high availability mode enabled for most critical databases which allows us to minimise downtime.
Employee awareness of data security. Our employees may handle your personal data in order to provide you with the first-class Service. To guarantee the security and confidentiality of your personal data, we monitor all employees’ actions with access to your personal data in our systems and grant access strictly on a "need to know" basis: only employees who need access will receive it. We hold regular training sessions to make sure that each employee understands the principles that Quadcode follows to achieve robust data security and privacy.
If you choose not to give your personal information. In the context of our business relationship we may need to collect data by law, or under the terms of a contract we have with you. Without this data, we are, in principle, not in a position to close or execute a contract with you. If you choose not to give us this data, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform the Services.
To what extent we carry automated decision-making and profiling. In establishing and carrying out a business relationship, we generally do not use automated decision-making. If we use this procedure in individual cases, we will inform you of this separately. In some cases, we may proceed with profiling in order to evaluate certain personal aspects. We shall inform you accordingly in case we perform any profiling. In general, any data collection that is optional would be made clear at the point of collection.
We use different methods to collect data from and about you including through:
Direct Interactions. You will provide to us your Identity, Contact and Financial Data online through the Website and/or by completing and filling online forms and/or by corresponding with us by emails or otherwise.
We require to collect the above data in order to that we are able to (i) provide our services efficiently, (ii) to comply with our ongoing legal and regulatory obligations, including, inter alia, (a) to prevent fraud and money laundering acts and/or (b) conduct the assessment of suitability and appropriateness test.
If you fail to provide the data when requested we may not be able to perform the contract we have or trying to enter into with you (for example, to provide you with our Services). In this case, we may have to cancel a Service you have with us but we will notify you if this is the case at the time.
It is important that the data we hold about you is accurate and current. Please keep us informed if your data changes during your relationship with us.
Automated Technologies or Interactions. When using our services, your device automatically transmits to us its technical characteristics. Locale (a set of parameters that determine regional settings of your interface, namely, residence country, time zone and the interface language) is used for the purpose of providing you with the best possible service within our platform.
Using the information about IP address, cookies files, information about browser and operating system used, the date and time of access to the site, and the requested pages addresses allows us to provide you with the optimal operation on our web application, mobile and/or desktop versions of our application and monitor your behaviour for the purpose of improving the efficiency and usability of our Services.
We use web analytics tools to track performance of our website and marketing source of user by cookies in order to optimize our marketing costs and provide users with better experience.
You may at any time request that we refrain from any such transmissions (to the degree this is possible and subject to any of our legal obligations) by sending your request to the DPO using our details in the OUR CONTACT DETAILS below using the registered email address you disclosed and registered with us. We will address your request within 30 business days.
Our Website uses analytics services, which are a set of tools used to collect and analyse anonymous usage information, enabling us to better understand how our Website is used. This, in turn, enables us to improve our Website and the Services offered through it. You do not have to allow us to use these cookies, however whilst our use of them does not pose any risk to your privacy or your safe use of our Website, it does enable us to continually improve our Website, making it a better and more useful experience for you.
You will be required to provide cookie consent by acknowledging the privacy and cookie policies during registration of your account. By giving your consent to the placing of Cookies you are enabling us to provide the best possible experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of our Site may not function fully or as intended.
You can choose to delete cookies on your computer or device at any time, however you may lose any information that enables you to access our Website more quickly and efficiently including, but not limited to, login and personalisation settings. It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.
You can instruct your browser to enable or disable cookies, refuse all cookies or to indicate when a cookie is being sent. Please note that by doing so you may not be able to use all the provided functions of our Website and/or Services in full.
We use the following cookies:
|Strictly Necessary Cookies
|These are cookies that are required for the operation of Our Site. They include, for example, cookies that enable you to log into secure areas of our website.
|Analytics and Performance Cookies
|We use third party analytics providers, such as Google Analytics to collect information about the usage of our services and enable us to improve how these services work, for example, by ensuring that users are finding what they are looking for easily.
|These are used to recognise you when you return to Our Site. This enables us to personalise our content for you and remember your preferences (for example, your choice of language or region).
|We use third party targeting tools, such as LinkedIn Insights and ads tags. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests.
Please see our cookies policy for further details.
We strive to maintain discretion with respect to client related matters and assessments of which we acquire knowledge. We may disclose data that concerns you only if (i) we are legally required to do so; (ii) if required when you expressly order us to process a transaction or any other service and (iii) it is required for the provision of our services under our contractual relationship and/or (iv) protection of our legitimate interests, in accordance with the provisions of the GDPR and applicable local legislation as amended from time to time.
We may share your personal data in the following circumstances, the following are examples of where and how your information may be transferred, but please note this is not an exhaustive list and that due to ongoing changes in our IT and operational infrastructure this may change at any time:
Should there be a business need to transfer or process your data to company(ies) and/or third parties might imply a transfer of your data to third countries, which may not fall within ambit of the GDPR (so called Third Countries) we will ensure that they are subject to appropriate security measures and safeguards as deemed appropriate under GDPR and other relevant national and international data protection laws. This may include entering into the appropriate contractual agreements to regulate any such transfers and safeguard any personal information transferred to them. A transfer to a company and/or third party based in a Third Country would only take place where one of the following applies:
Remedial action shall be taken in response to misuse or unauthorized disclosure of personal information by a third party collecting, storing or processing personal information on behalf of Quadcode.
If you want to obtain further information on any data transfers mentioned above please contact us using the registered email address you disclosed to us through the points of contact listed in the Section OUR CONTACT DETAILS.
Under certain circumstances in accordance with GDPR and the applicable local legislation as amended from time to time you have rights, which we will always work to uphold. Some of the rights are rather complex and include exemptions, thus we strongly advise you to contact us (at the contact details listed in the section OUR CONTACT DETAILS below) and/or seek guidance from the regulatory authorities for a full explanation of these rights. You can find a summary of your rights below in this section:
|Full Name of Legal Entity:
|QHL QUAD CODE HOLDING LIMITED
Spyrou Kyprianou & Evgeniou Voulgareos,
To enable us to process your request, please contact us using the registered email address you disclosed and registered with us. We may require that you provide us with proof of your identity, such as by providing us with a copy of a valid form of identification. This is to ensure that we appropriately protect the personal data we hold from unauthorised access requests and comply with our security obligations.
If you have any questions, or want more details about how we use your data, you may contact us at the above contact details and we will be happy to provide you with further details.
If following your request to us we are unable to provide you with a satisfactory answer then you may lodge a complaint with the local data protection supervisory authority. The data protection supervisory authority in Cyprus is: Commissioner for Data Protection P.O. Box 23378, 1682 Nicosia, Cyprus- www.dataprotection.gov.cy
We would however appreciate the chance to deal with your concerns before you approach the GRA, so please contact us in the first instance.
We may provide links to third party websites in our Website. These linked websites are not under our control, and we therefore cannot accept responsibility or liability for the conduct of third parties linked to our websites, including without limitation to the collection or disclosure of your data. Before disclosing your data on any other website, we encourage you to examine the terms and conditions of using that website and its privacy policies.
We have the right, at our discretion, to change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection and in order to ensure that the information herein provides relevant and adequate information about our collecting and processing of your data