IT’S TIME TO
BE INFORMED
DATA PROTECTION and
GDPR COMPLIANCE
At CAYAsail, we value and respect your privacy and are committed to safeguarding your personal information. This notice explains how we collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679.
Data Collection and Use
We only collect personal data when it is necessary for providing our services or improving user experience. This may include:
Contact Information (e.g., name, email, phone number) – collected when you contact us, subscribe to newsletters, or register for services.
Usage Data (e.g., IP address, browser type, pages viewed) – collected automatically for analytics and security.
We will always inform you of the purpose and legal basis for processing your data, and we do not collect more data than necessary.
Legal Basis for Processing
Under GDPR, we process personal data based on the following legal grounds:
Consent: When you provide consent for specific purposes, like receiving newsletters.
Contractual Necessity: When data processing is necessary for fulfilling our contractual obligations with you.
Legitimate Interests: For purposes such as enhancing security, preventing fraud, or improving our services, provided these do not override your rights.
Data Security
We implement strict technical and organizational measures to protect your data against unauthorized access, alteration, loss, or disclosure. These measures include:
Secure servers and encryption protocols.
Regular security audits and data access restrictions.
Data minimization practices to limit the volume of collected and retained data.
Third-Party Sharing and International Transfers
We do not sell or rent your personal data to third parties. In cases where we use third-party services (e.g., payment processors, analytics), these providers are thoroughly vetted to ensure GDPR compliance. If personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs).
Cookies and Tracking Technologies
Our website uses cookies and similar technologies to enhance user experience and gather analytics. You have the right to manage your cookie preferences, and you may opt-out of non-essential cookies.
For more details, please review our Cookie Policy.
Data Retention
We only retain your personal data as long as necessary for the purposes outlined in this notice or as required by law. Once it is no longer needed, we securely delete or anonymize your data.
Your Rights
Under GDPR, you have the following rights:
Access: Request a copy of your personal data and understand how it is processed.
Rectification: Request corrections to inaccurate or incomplete data.
Erasure ("Right to be Forgotten"): Request deletion of your data under certain conditions.
Restriction: Limit the processing of your data under specific circumstances.
Data Portability: Obtain your data in a structured format or have it transferred to another controller.
Objection: Object to data processing for direct marketing or legitimate interest purposes.
Withdraw Consent: Withdraw consent at any time, without affecting the legality of prior processing.
To exercise your rights, please contact us at info@cayasail.com
Changes to This Notice
We may update this GDPR Compliance Notice as needed to reflect changes in legal requirements or our data practices. We encourage you to review this notice periodically.
Contact Us
If you have any questions or concerns about this notice or your data privacy, please reach out to our Data Protection Officer at: info@cayasail.com
CAYAsail
1, Yuri Gagarin str, Ayia Napa, 5330, Cyprus
Email: info@cayasail.com
Phone: +357 95771480
Come talk to us
We’ve been obsessed with exploring these islands for several years - let us show you the best we’ve found! Contact us so we can help you organise a memorable experience at one of the most magical places on the planet!
