Privacy Notice

Date: 25 October 2024

We are REDLAB LTD (also “Company” or “we”), a company duly organized and validly existing under the Laws of the Republic of Cyprus and duly registered under Registration No. HE 465199 having its Registered Office situated at: 13 Kypranoros Str. 2nd Floor, Office 201, 1061 Nicosia, Cyprus. We are committed to safeguarding your privacy. This Privacy Notice explains how we handle your personal data when you use our services or interact with us. By engaging with us or our services, you accept the terms outlined in this notice.

We deeply value your trust and are dedicated to protecting your personal information. Should you have any questions or concerns about this notice or our privacy practices, please contact us at info@redlabdev.com.

The Company acts as the data controller for your personal data, determining how and why it is processed. We are responsible for ensuring that your data is handled in compliance with legal requirements. If you have any questions or need more information about how we process your data, feel free to get in touch using the contact details provided.

We may collect various types of personal data to meet the purposes outlined in this document, including:

3.1. Regulatory Data: information needed for compliance purposes, such as AML checks and sanctions screening.
3.2. Identity Information: e.g., your full name, identification numbers, and information from official documents.
3.3. Contact Information: e.g., your name, email address, phone number, and mailing address.
3.4. Professional Information: e.g., job titles, employer details, and career history.
3.5. Technical Information: e.g., data about the devices you use to access our services, including IP addresses, browser types, and operating system details.
3.6. Surveillance Data: Video recordings and related metadata from our premises and communication channels.
3.7. Risk Information: e.g., information related to your business affiliations and any data used for fraud prevention.
3.8. Employment Information: e.g., data from job applications, including CVs, employment history, and references.

We gather personal data directly from you when you use our services or contact us. We also collect data from third parties, including service providers, governmental authorities, and publicly accessible sources.

We process your personal data for various reasons, all grounded in legal bases to ensure compliance. These purposes include:

5.1. Service Delivery: To fulfil our contractual obligations and provide the services you have requested.
5.2. Service Improvement: To analyse data and enhance our service offerings.
5.3. Legal Compliance: To adhere to legal and regulatory requirements, such as AML laws and tax regulations.
5.4. Hiring and Employment Processes: To manage job applications and employment records.
5.5. Dispute Management: To handle and resolve legal claims and disputes.
5.6. Contract Management: To maintain and uphold our contractual agreements.
5.8. Communication: To respond to your inquiries and provide updates on our services.
5.9. Marketing: To send promotional materials and service updates.

The legal bases for processing your data include:

(a) Consent: When you have given us explicit permission.
(b) Contractual Necessity: To perform our contract with you.
(c) Legal Obligation: To comply with legal requirements.
(d) Legitimate Interests: For purposes that are necessary for our legitimate interests, balanced against your rights.
(e) Public Interest: When processing is necessary for tasks carried out in the public interest.

Certain personal data is required to use our services. If you do not provide this mandatory data, you may not be able to access certain services. Providing optional data is entirely at your discretion and does not affect your service access. Respective marking will be added in cases when provision of personal data is obligatory.

We share your data with trusted partners to deliver our services and with authorities when required by law.

We employ various security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include, for example, encryption, access controls, secure development practices, and regular staff training. We continuously improve our security practices to counter emerging threats.

We retain your personal data only for as long as necessary to meet the purposes outlined in this document (please see Section 5 above). We regularly review the data we hold to ensure it remains accurate and necessary. When no longer needed, we securely delete or anonymize your data.

To provide our services, we may transfer your personal data outside the EU/EEA. We ensure such transfers are protected through appropriate measures in line with the requirements of the General Data Protection Regulation (EU) 2016/679 as well as other applicable security and personal data protection laws. For more information, please contact us.

You have several rights concerning your personal data, including:

11.1. Access: Request access to your personal data to understand how it is used and ensure its accuracy.
11.2. Correction: Request correction of any inaccurate or incomplete data.
11.3. Deletion: Request deletion of your data when it is no longer needed or if you withdraw consent.
11.4. Restriction: Request limited processing of your data in certain circumstances.
11.5. Portability: Request a copy of your data in a machine-readable format for transfer to another service provider.
11.6. Objection: Object to processing for specific reasons, including direct marketing.
11.7. Withdrawal of Consent: Withdraw consent for data processing at any time.

To exercise these rights, contact us using the details provided. We may need to verify your identity before processing your request. Note that some rights are subject to legal exceptions.

We do not use automated decision-making with legal or significant effects. We may use profiling to enhance your experience by personalizing our services.

If you’re concerned about how we handle your data, we’d like to address it directly. However, you can also file a complaint with your local data protection authority. In Cyprus, this is Personal Data Protection Commissioner.
Personal Data Protection Commissioner address:
40 Th. Dervis Street 1066 NICOSIA Tel : 357 22 818 456 / Fax : 357 22 304 565
Email: commissioner@dataprotection.gov.cy
Website: http://www.dataprotection.gov.cy/

We may update this Privacy Notice to reflect changes in our practices. Updated versions will be posted on our website, and significant changes will be communicated to you.