1. Introduction

Digilime (hereinafter “we”, “us”, “our” or the “Company”) is a digital agency based in Nicosia, Cyprus. We are fully committed to processing personal information in accordance with the European Union’s General Data Protection Regulation (Regulation (EU) 2016/679) — commonly known as the GDPR — as well as with Cyprus’s national data protection law: Law 125(I)/2018, which governs the protection of individuals with regard to the processing of personal data and the free movement of such data.

This Privacy Policy outlines how we collect, use, share, transfer, and securely store your personal data when you interact with us — whether through our website, communications, or services. We encourage you to read this policy carefully to fully understand how your information is handled, and to contact us if you have any questions or concerns about our privacy practices.

2. Scope & Data Controller

This policy applies to personal data collected through our website (e.g., contact forms), email, phone, or in the course of providing our services. The data controller is Digilime, registered in Nicosia, Cyprus.

3. Types of Personal Data Collected

A) Identity & Contact: Name, job title, company, email, phone, address

B) Usage & Technical Data: IP address, browser type, pages visited (via cookies and analytics tools)

C) Project Details: Information shared by clients relevant to project management

D) We collect only what is necessary for the intended purpose.

4. Legal Basis for Processing

We process personal data based on:

A) Consent (when submitting a form)

B) Contractual necessity (e.g., service delivery)

C) Legal obligations (when applicable under employment or data protection law)

D) Legitimate interests (e.g., performance improvements, analytics)

5. Purpose of Processing

A) Manage client projects and communications

B) Send service-related updates or marketing (with consent)

C) Improve website functionality and user experience

D) Meet legal requirements

6. Data Retention

We keep your personal data for up to seven (7) years after our relationship ends, or until it’s no longer needed for the reasons we collected it. If the data is no longer useful for legal, business, or regulatory purposes, we will safely delete it or make it anonymous — unless the law allows or requires us to keep it longer.

7. Data Sharing & Transfers

We do not sell your personal information. However, we may share it with trusted third-party service providers (such as Google Analytics) solely for the purpose of supporting our operations. Any such sharing is governed by data processing agreements that ensure full compliance with the GDPR.

8. Individual Rights

Under GDPR and Cyprus law, you have the right to:

A) Access, rectify, or delete your data (“right to be forgotten”)

B) Restrict or object to processing

C) Withdraw consent

D) Lodge a complaint with the Cyprus Commissioner for Personal Data Protection

9. Security

We implement technical and organizational measures (SSL/TLS, access controls) to protect against unauthorized access and data breaches.

10. Changes to This Policy

We regularly review this Policy and may update it from time to time without prior notice. We encourage you to check this page periodically to stay informed about any changes or updates.