Privacy Policy
Last updated: 2026-07-12
This policy explains how Kipos collects, uses and protects your personal data when you use this website, contact us or place an order. We process personal data in line with the EU General Data Protection Regulation (GDPR) and Cyprus data-protection law.
Who we are (data controller)
The data controller is [Company legal name] Ltd (trading as Kipos), registration no. [HE company registration no.], VAT [Cyprus VAT reg. no.], [Registered address], Cyprus.
For any privacy question or to exercise your rights, contact us at [email protected] or +357 96 299374.
What data we collect
Order & enquiry data: name, email, phone, delivery address and the details of your order, quote request or message.
Technical & usage data: with your consent, cookies and analytics identifiers (pages viewed, device/browser). See our Cookie Policy.
Why we use it and our legal basis
To process and deliver your order and provide after-sales support — legal basis: performance of a contract (and steps before it).
To answer contact and B2B quote enquiries — legal basis: our legitimate interest in responding to you, or steps before a contract.
For analytics and marketing (e.g. measuring visits, remarketing) — legal basis: your consent, which you can withdraw at any time.
To meet legal and tax obligations and to establish or defend legal claims — legal basis: legal obligation / legitimate interest.
Who we share it with
Service providers acting on our behalf: delivery/assembly partners, email and hosting providers, and analytics/advertising providers (only with your consent). We do not sell your personal data.
Public authorities where required by law.
International transfers
Some providers (e.g. analytics) may process data outside the EEA. Where they do, we rely on appropriate safeguards such as the EU Standard Contractual Clauses or an adequacy decision.
How long we keep it
Order records are kept for as long as needed to fulfil the order and to meet legal, accounting and tax obligations (generally up to 6 years). Enquiry data is kept only as long as needed to handle your request. Consent-based analytics data is kept for the provider's standard retention period.
Your rights
You have the right to access, rectify, erase, restrict or object to the processing of your data, to data portability, and to withdraw consent at any time (without affecting prior processing).
To exercise any right, email [email protected]. You also have the right to lodge a complaint with the Office of the Commissioner for Personal Data Protection of Cyprus (dataprotection.gov.cy).
Security
We use appropriate technical and organisational measures to protect your data. No method of transmission over the internet is completely secure, but we work to protect your information.
Changes to this policy
We may update this policy from time to time. The current version is dated below. Questions: [email protected].