Welcome to the Privacy Policy of Odiovibe (“we,” “us,” “our”). We are committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR) and the Cyprus Processing of Personal Data (Protection of the Individual) Law of 2018 (Law 125(I)/2018). This policy outlines how we collect, use, and protect your data when you interact with our website.

This Privacy Policy applies exclusively to personal data collected through our website (www.odiovibe.com). It does not cover data collected through other means, such as direct communication, contractual engagements, or offline interactions with Odiovibe.

1. What Data We Collect

We collect personal data only as necessary for the operation of our website and to enhance user experience. This includes:

Cookies & Usage Data

• Essential Cookies: Required for the website’s core functionality, such as maintaining session security and enabling basic features.
• Non-Essential Cookies: Used only with user consent and may include IP addresses, browser type, and session data to improve website functionality and user experience.
• Usage Data: Automatically collected to analyze website performance, including page visits, session duration, and user interactions to help improve the website and enhance user experience.
• Cookie Preferences: Users can manage cookie settings through the floating cookie settings icon at the bottom of the screen.

User-Submitted Data

At this time, Odiovibe does not offer contact forms or collect personal data directly through the website. If data collection features (such as contact forms) are introduced in the future, personal data provided will be processed in accordance with this policy.

2. Data Controller

Odiovibe is the Data Controller for personal data collected via this website.

For inquiries regarding data protection, please contact us at info@odiovibe.com. 

3. Legal Basis for Processing

We process personal data based on the legal grounds outlined in Article 6 of the GDPR, including:

• Consent (Article 6(1)(a)): When you voluntarily provide data or accept non-essential cookies.
• Contractual Necessity (Article 6(1)(b)): When processing is required to respond to your inquiries or pre-contractual requests.
• Legal Obligation (Article 6(1)(c)): When processing is necessary to comply with legal and regulatory requirements.
• Legitimate Interests (Article 6(1)(f)): When processing is necessary to maintain website security, prevent fraud, or analyze performance, provided it does not override your fundamental rights.

Our processing activities are based on the legal grounds outlined in Article 6 of the GDPR, which include:

• Your consent for data voluntarily provided.
• The necessity of processing to fulfill a contractual obligation or respond to your inquiries.
• Compliance with legal obligations.
• Our legitimate interests in ensuring the security and functionality of our website.

For any inquiries regarding data protection, please contact Odiovibe (info@odiovibe.com) directly. Additionally, you can contact the Commissioner for Personal Data Protection in Cyprus at commissioner@dataprotection.gov.cy.

4. How We Use Your Data

The data we collect is used for the following purposes:

• Website Functionality: Ensuring the secure and efficient operation of the site.
• Analytics: Improving website performance and user experience by analyzing visitor behavior and engagement.
• User Preferences: Storing cookie and language preferences to enhance your browsing experience.

5. Data Sharing

We do not sell, rent, or share your personal data for marketing purposes. However, we may engage third-party service providers (Data Processors) to support our website operations, such as:

• Hosting Providers: To ensure the website’s stability and performance.
• Technical and Security Services: To monitor, troubleshoot, and maintain security.

All third-party processors are carefully selected and contractually bound to comply with GDPR and maintain strict confidentiality.

Suggested Refinement:
We do not sell, rent, or share your personal data for marketing purposes. However, we may engage third-party service providers (Data Processors) to support our website operations, such as:

• Hosting Providers: To ensure the website’s stability and performance.
• Technical and Security Services: To monitor, troubleshoot, and maintain security. All third-party processors are contractually bound to only process data on our behalf, follow our documented instructions, and implement appropriate safeguards in compliance with GDPR.

6. Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes outlined in this policy, unless otherwise required by law.

7. How We Protect Your Data

We take appropriate technical and organizational measures to protect your personal data from unauthorized access, use, or disclosure. These measures include encryption, secure storage, access controls, and regular audits to ensure GDPR compliance. 

Any third-party Data Processors handling personal data must also adhere to GDPR standards.

8. Incident Response Policy

In the event of a data breach involving website data (such as cookies or future contact form submissions), Odiovibe will:

• Notify the Cyprus Data Protection Commissioner within 72 hours of becoming aware of the breach.
• If a detailed report is required, it will be submitted within the relevant timeframe set by applicable laws. The report will outline:

1. The nature and scope of the breach.
2. The categories and number of affected data subjects.
3. The potential impact on individuals.
4. The corrective actions taken to mitigate the breach. 
5. Identify affected individuals and, if the breach poses a high risk to their rights or freedoms, notify them without undue delay, providing all necessary information as required.

If the data breach does not pose a significant risk to the rights and freedoms of the individuals involved, notifications to affected individuals may not be necessary.

9. Minors’ Data and Other Sensitive Information

We do not knowingly collect personal data from individuals under the age of 18. If such data is voluntarily submitted, it will only be processed for the specific purpose of the request and handled with additional safeguards. We strongly discourage minors from submitting personal data via the website.

Likewise, we do not request, encourage, or require the submission of sensitive personal data as defined under Article 9 of GDPR (e.g., health data, racial/ethnic origin, political opinions, religious beliefs, biometric data). If such data is submitted, it will be processed only where necessary, handled with strict confidentiality, and stored securely in compliance with GDPR.

If you believe that sensitive data or minor’s data has been submitted in error, please contact us immediately at info@odiovibe.com for prompt correction or deletion.

10. Your Rights

Under the GDPR, you have the following rights:

• Right to Access (Article 15): Request access to personal data we hold about you.
• Right to Rectification (Article 16): Request correction of inaccurate or incomplete data.
• Right to Erasure (Article 17): Request deletion of your data in specific circumstances.
• Right to Restriction of Processing (Article 18): Request limitations on how we process your data.
• Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format.
• Right to Object (Article 21): Object to the processing of your data, including non-essential cookies.

To exercise your rights, please contact us at info@odiovibe.com. We will respond within one month, as required by GDPR, typically within one month.

11. Cookies and Tracking Technologies

Cookies are small text files stored on your device when you visit our website.Our website uses cookies and similar technologies to enhance your browsing experience. 

• Essential cookies are required for the core functionality of the site.
• Non-essential cookies, which may track browsing behavior or improve personalization, are used only with user consent.

You can manage cookie preferences via the floating cookie settings icon at the bottom of the screen, where you can find more information on the cookies we use.

12. Third-Party Services

Our website may contain links to third-party services, including:

• Event registrations
• Informational resources
• External platforms used in collaboration with Odiovibe

These services are not controlled by us, and we are not responsible for their privacy practices. Please review their privacy policies before engaging with them.

13. Complaint Mechanism

If you have any concerns about the way we handle your personal data, we encourage you to first contact us at info@odiovibe.com so we can attempt to resolve your issue. We are committed to handling all inquiries in a timely and professional manner.

Additionally, you have the right to lodge a complaint with the supervisory authority responsible for data protection in your region.

• If you are located in Cyprus, you may contact the Office of the Commissioner for Personal Data Protection:
  Email: commissioner@dataprotection.gov.cy
  Address: 1 Iasonos Street, 1082 Nicosia, Cyprus
  Phone: +357 22 81 84 56
• If you are located outside Cyprus, you may contact your local data protection authority.

14. Changes to This Policy

We reserve the right to update this Privacy Policy periodically.

• Changes will be published on this page and will take effect immediately upon posting.
• Users are encouraged to review this page regularly to stay informed of updates and ensure they are familiar with the current version.

15. Contact Information

For any questions regarding this Privacy Policy, you may contact us at:
Email: info@odiovibe.com
Phone: +357 2232 0700
Address: 9B Alykou Potamou, Industrial Area Dali-Nisou, Nicosia 2571, Cyprus