IWS Contact

Privacy 

1. Controller (Data Controller) 

  INNOVATION WORKFLOW SYSTEMS LIMITED
61–63 Lord Byron Street
Business Center 6th Floor Office 602
6023 Larnaca

Cyprus Company Registration Number: HE482110
General Manager: Ioannis Papapetrou
Email: info@iws.ltd 

2. Scope

This Privacy Policy explains how we process personal data when you visit our website or contact us. Our services are offered exclusively to businesses (B2B). We do not intentionally offer services to consumers.

3. Personal Data We Process 

Depending on how you interact with us, we may process:
Contact data (e.g., name, business email address)
Communication content (your message and any information you submit)
Technical data (e.g., IP address, device/browser information, timestamps) in server logs

4. Purposes and Legal Bases  

We process your personal data for the following purposes: 

4.1 Website access & security (server logs)
urpose: ensuring website operation, security, and troubleshooting. Legal basis: legitimate interests (Art. 6(1)(f) GDPR). 

4.2 Handling inquiries (contact form / email communication)

Purpose: responding to inquiries, communicating with you, and initiating or managing a business relationship. Legal basis: legitimate interests (Art. 6(1)(f) GDPR) and/or steps prior to entering into a contract (Art. 6(1)(b) GDPR), depending on the context.

5. Contact Form and FormSubmit (Third-Party Service)  

We use FormSubmit to deliver messages submitted via our contact form to our inbox. When you submit the form, the data you enter (e.g., name, email, message) is transmitted to FormSubmit and forwarded to us by email. FormSubmit acts as a service provider for message delivery. Please also review FormSubmit’s privacy terms. 

Recipients: 

Internal recipients (authorized employees/management)
FormSubmit as an external service provider for delivery 

International transfers: 

FormSubmit may process data outside Cyprus/EU depending on its infrastructure. Where applicable, transfers should be safeguarded (e.g., by appropriate contractual measures). (If you want, I can add a stronger “SCC language” paragraph once you confirm your hosting/processing regions.)

6. Cookies and Similar Technologies  

We aim to keep this website lightweight. 

Essential cookies (if any) may be used to ensure basic functionality and security.
Non-essential cookies (e.g., analytics/marketing) are used only with consent, where required by applicable ePrivacy rules.
If you do not use analytics/marketing tools, you can state: “We do not use analytics or marketing cookies.”

7. Data Retention 

We retain personal data only as long as necessary:
Server logs: typically for a short period required for security and troubleshooting (e.g., days to weeks), unless needed longer for investigation of incidents.
Inquiry communications: as long as needed to handle your request and for reasonable follow-up, or longer if required for contractual or legal reasons.

8. Your Rights 

Under the GDPR, you may have the right to:
access your personal data
rectify inaccurate data
erase data (where applicable)
restrict processing
object to processing based on legitimate interests
data portability (where applicable)
To exercise your rights, contact us at: contact@iws.ltd

9. Right to Lodge a Complaint (Cyprus Supervisory Authority)

You have the right to lodge a complaint with the competent supervisory authority in Cyprus (Commissioner for Personal Data Protection).

10. Data Security 

We implement appropriate technical and organizational measures to protect personal data. No method of transmission over the internet is 100% secure, but we work to protect your data against unauthorized access, loss, or misuse.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. The latest version will be available on this website.

Last updated: 2026-01-16