Data Protection Policy
How Mediac Marketing Ltd handles, protects, and manages personal data in compliance with GDPR and Cyprus law.
1. Purpose
This Data Protection Policy describes the approach of Mediac Marketing Ltd (Reg. No. ΗΕ 431704, Cyprus) to the collection, use, storage, and protection of personal data. It applies to all personal data processed by the company in the course of its business activities and website operation.
2. Data Protection Principles
Mediac Marketing Ltd processes personal data in accordance with the following principles established under Article 5 of the GDPR:
- Lawfulness, fairness and transparency: Data is processed lawfully, fairly, and transparently.
- Purpose limitation: Data is collected for specified, explicit, and legitimate purposes and not processed in a manner incompatible with those purposes.
- Data minimisation: Only data that is adequate, relevant, and limited to what is necessary is collected.
- Accuracy: Data is kept accurate and, where necessary, up to date.
- Storage limitation: Data is kept in identifiable form only as long as necessary for the purposes of processing.
- Integrity and confidentiality: Data is processed with appropriate security to protect against unauthorised access, loss, or destruction.
- Accountability: The company takes responsibility for demonstrating compliance with these principles.
3. Data Categories Processed
In the course of operating this website and providing services, we may process:
- Contact information (name, email address, phone number)
- Business information (company name, job role)
- Technical data (IP addresses, browser data, cookies where consented)
- Communication records (correspondence relating to services)
- Financial and contractual data (billing information where services are contracted)
4. Data Security Measures
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
- HTTPS/TLS encryption for all data transmitted to and from this website
- Access control policies limiting data access to authorised individuals only
- Regular review of data protection practices and procedures
- Data processing agreements with third-party service providers
- Policies for responding to security incidents and data breaches
5. Data Transfers
Where personal data is transferred to third parties or outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or other mechanisms permitted under GDPR Chapter V.
6. Data Retention
We retain personal data only for as long as necessary:
- Contact enquiries: up to 24 months
- Contract and service data: up to 7 years (in compliance with Cyprus commercial law)
- Analytics data: as configured per platform (typically up to 26 months)
- Cookie consent records: 12 months
7. Data Subject Rights
All rights of data subjects are described in detail on our GDPR Rights page. Requests may be submitted to privacy@mediacmarketing.com.
8. Accountability
The Director of Mediac Marketing Ltd, Max Rigas, holds overall accountability for data protection compliance. Day-to-day data protection queries should be directed to privacy@mediacmarketing.com.
9. Contact
For any data protection queries: privacy@mediacmarketing.com
Mediac Marketing Ltd, Reg. No. ΗΕ 431704, Republic of Cyprus.