Protection of our Clients / Resellers / Partners Data
Registered users on my.netshop-isp.com.cy are “Clients” [Clients (Individuals or Companies) / Resellers / Partners] and unregistered users are “Visitors”. This applies to both Clients and Visitors.
Our team is working diligently to be compliant with the General Data Protection Regulation, GDPR, which will apply from May 25, 2018. Because of these ongoing changes in the law, and the changing nature of technology, NetShop ISP data practices will change from time to time. If and when our data practices change, NetShop ISP will post the changes on our websites to notify you of the changes. View our Roadmap towards GDPR Compliance.
How we Collect your Personal Data
Your personal data is only collected for specific, explicitly stated and legitimate purposes. NetShop ISP websites collect data to provide you with a better service. You provide some of this data, such as when you create an account in myNetShop portal my.netshop-isp.com.cy, submit the call back form, apply for a Dedicated Center Visit, or contact us for support.
Anonymous Data Collection through NetShop ISP Websites
NetShop ISP uses technology to compile statistics about our visitors and their use of our sites by collecting anonymous information about the use of our websites e.g. we track how many visitors access our websites, the length of their stay, their IP and which pages they view. This technology does not identify you personally. We also use technology to determine which web browsers our visitors use and the address from which they accessed our sites (for example, if they connected to a NetShop ISP website by clicking on one of our banner ads).
How we Use your Personal Data
NetShop ISP may use this information to contact you about your services and to inform you about services we believe will be of interest to you. If we do so, each communication we send you will contain instructions permitting you to “opt-out” of receiving future communications. Similarly, we may provide “subscription” e-mail services which enable you to receive current news about NetShop ISP and its business. For all such services, we will provide an opportunity to “opt-out” of, or cancel, the subscription.
Disclosure of Your Personal Data
NetShop ISP ensures that your personal data is always processed in accordance with good practice. No more personal data is processed than is necessary having regard to the purposes of the processing. All reasonable measures are taken to complete, correct, block or erase data to the extent that such data is incomplete or incorrect, having regard to the purposes for which they are processed. NetShop ISP does not keep personal data for a period longer than is necessary, having regard to the purposes for which they are processed.
Right to be forgotten
You have the right to have your personal data erased and no longer processed. If you wish to delete your account, at any time you can do so by raising a ticket to email@example.com via your registered account requesting account termination. Client details will be deleted by our system and you will no longer accessing or using our Services. At this stage, it is not clear if the right to be forgotten also means removing data from backups, because certain types of storage media, for example, tapes, do not allow deleting bits of data without destroying the entire backup. Your business may also be subject to certain backup retention policies for archiving and legal purposes.
Link to Other Sites
Information and Access Policy
You have the right to obtain:
- - Confirmation that your data is being processed
- - Access to your personal data
- - Update your personal data
- - Other supplementary information (mostly the information provided in privacy notices)
Dealing with your cloud storage and data protection vendor
The GDPR impose new security and contractual requirements on organizations (controllers) dealing with cloud service providers and data protection vendors such as NetShop ISP (processors).
The relationship between controllers and processors can be summarised by the following points:
- - Cloud service providers have to offer sufficient guarantee that the service meets technical and organizational requirements of the new regulation.
- - Service contracts between the controller and the processor prohibit the use of subcontractors without the consent of the controller.
- - On termination of the service contract, all data must be removed from the cloud and the processor must provide sufficient proof that it has been done.
- - Controllers have a duty to report data breach incidents to the regulatory body.