Privacy

1. Controller (Data Controller)

INNOVATION WORKFLOW SYSTEMS LIMITED
61–63 Lord Byron Street
Business Center 6th Floor Office 602
6023 Larnaca
Cyprus

Company Registration Number: HE482110
General Manager: Ioannis Papapetrou
Contact form

2. Scope

This Privacy Policy explains how we process personal data when you visit our website or contact us. Our services are offered exclusively to businesses (B2B). We do not intentionally offer services to consumers.

3. Personal Data We Process

Depending on how you interact with us, we may process:

• Contact data (e.g., name, business email address)
• Communication content (your message and any information you submit)
• Technical data (e.g., IP address, device/browser information, timestamps) in server logs

4. Purposes and Legal Bases

We process your personal data for the following purposes:

4.1 Website access & security (server logs)

Purpose: ensuring website operation, security, and troubleshooting.
Legal basis: legitimate interests (Art. 6(1)(f) GDPR).

4.2 Handling inquiries (contact form / email communication)

Purpose: responding to inquiries, communicating with you, and initiating or managing a business relationship.
Legal basis: legitimate interests (Art. 6(1)(f) GDPR) and/or steps prior to entering into a contract (Art. 6(1)(b) GDPR), depending on the context.

5. Contact Form and FormSubmit (Third-Party Service)

We use FormSubmit to deliver messages submitted via our contact form to our inbox. When you submit the form, the data you enter (e.g., name, email, message) is transmitted to FormSubmit and forwarded to us by email. FormSubmit acts as a service provider for message delivery. Please also review FormSubmit's privacy terms.

Recipients:

• Internal recipients (authorized employees/management)
• FormSubmit as an external service provider for delivery

International transfers: FormSubmit may process data outside Cyprus/EU depending on its infrastructure. Where applicable, transfers should be safeguarded (e.g., by appropriate contractual measures).

6. Cookies and Similar Technologies

We aim to keep this website lightweight.

• Essential cookies (if any) may be used to ensure basic functionality and security.
• Non-essential cookies (e.g., analytics/marketing) are used only with consent, where required by applicable ePrivacy rules.
• We do not use analytics or marketing cookies.

7. Data Retention

We retain personal data only as long as necessary:

• Server logs: typically for a short period required for security and troubleshooting (e.g., days to weeks), unless needed longer for investigation of incidents.
• Inquiry communications: as long as needed to handle your request and for reasonable follow-up, or longer if required for contractual or legal reasons.

8. Your Rights

Under the GDPR, you may have the right to:

• access your personal data
• rectify inaccurate data
• erase data (where applicable)
• restrict processing
• object to processing based on legitimate interests
• data portability (where applicable)

To exercise your rights, contact us via the contact form.

9. Right to Lodge a Complaint (Cyprus Supervisory Authority)

You have the right to lodge a complaint with the competent supervisory authority in Cyprus (Commissioner for Personal Data Protection).

10. Data Security

We implement appropriate technical and organizational measures to protect personal data. No method of transmission over the internet is 100% secure, but we work to protect your data against unauthorized access, loss, or misuse.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. The latest version will be available on this website.

Last updated: 2026-01-16