PRIVACY POLICY

PrivacyPolicy for Ex-Askisi

EffectiveDate: 13/09/2024

Ex-Askisi("Ex-Askisi", "we", "us", or "our"), acompany based in ­­Cyprus, operates the Ex-Askisi website and the Ex-Askisimobile application (collectively, the "Platform"). Ex-Askisi providesan online platform and app for Trainers and Health Professionals to advertiseand offer their services to customers (the "Services"). This PrivacyPolicy explains how we collect, use, and disclose information about you, incompliance with the General Data Protection Regulation (Regulation (EU)2016/679) ('GDPR') and the Cypriot Law 125(I) of 2018.

Byinstalling, using, registering to, or otherwise accessing any apps or loggingin to our website or Platform, you agree to this Privacy Policy and giveexplicit and informed consent to the storage, use, and processing of yourpersonal data. Consent will be obtained through specific actions such asticking a checkbox for each type of data processing activity. You can withdrawyour consent at any time by contacting us. We reserve the right to modify thisPrivacy Policy at any time, so please review it frequently. If we make materialor significant changes to this Privacy Policy, the updates will be posted tothe website at www.exaskisi.com/privacy-policy. Any changes to this PrivacyPolicy will be effective upon their being posted on our website. Your continueduse of the Platform will signify your acceptance of the changes to this PrivacyPolicy.

Forpurposes of this Privacy Policy, “personal data” means personally identifiableinformation that specifically identifies you as an individual.

All Datarequested by this Platform is mandatory and failure to provide this Data maymake it impossible for this Platform to provide its services. In cases wherethis Platform specifically states that some Data is not mandatory, Users arefree not to communicate this Data without any consequences on the availabilityor the functioning of the service. Users who are uncertain about which PersonalData is mandatory are welcome to contact us.

1.     DPOContact details:

We haveappointed a Data Protection Officer (DPO) who is responsible for overseeingquestions in relation to this privacy policy. If you have any questions aboutthis policy, including any complaints or requests to exercise your legalrights, please contact the DPO using the details set out below.

DPO Name: MichalisMosfilis

DPO Email: info@exaskisi.com

DPOPhysical Address: 4Leoforos, 16B, Pyla 7080, Larnaca, Cyprus

2.    Scopeof Application

ThisPrivacy Policy applies to:

-      Visitorsto our Platform

-      Trainersand Health Professionals using our Services

-      Customersengaging with Trainers and Health Professionals through our Platform

-      Participantsin Ex-Askisi events or surveys and seminars

Byusing our Platform and/or Services, you agree to the collection and use of yourinformation in accordance with this Privacy Policy.

3.    DataCollection

PersonalInformation we collect includes:

-      ContactInformation

-      Including physicaladdresses, email addresses, phone numbers

-      IdentificationInformation

-      Including fullname, government ID, passport information,date of birth

-      FinancialInformation

-      Including bankaccount details, payment card details

-      TransactionalInformation

-      Including detailsof transactions and payments

-      LocationalInformation:

-      Including country,IP address, location data from devices

-      UsageInformation

-      Including metadataabout your use of our Platform and Services

-      Interactiondata that includesinformation on your online behaviour on our Platform and information about whenyou click on one of our adverts and in general how you interact with ourproducts and services.

-      TechnicalInformation

-      Including IPaddress, login data, browser type and version, operating system

-      CommunicationsInformation

-      Including Informationfrom communications with us

-      ProfessionalInformation

-       Professional career and educational background

-      Publicand Third-Party Records

-      Including Informationfrom public sources and third-party partners

-      Consents

-      Including permissions,consents, or preferences given to us

-      PlatformContent

-      Including content,you post or transmit on the Ex-Askisi Platform

-      HealthData

-      Thisincludes any health-related information that you provide to us in order tobetter serve you and meet your particular needs, such as disabilities,chronic illnesses and any other health information you have provided to us onthe platform.

-      Health data also included information about yourheight, body fat percentage, measurements and or any other data about yourbody.

-      Health data also includes weight and information aboutyour current level of physical activity.

Thetypes of personal data may vary depending on the type of activity you areengaged in. The personal data we may collect, process and use may include, butare not limited to your name, screen/nick name, e-mail address, phone number,photo or other image, birthdate, sex, address, friend connections, avatarimage, credit card information, shipping information; and location (only ifdirectly identifiable to you, otherwise we treat the data as non-personaldata).

Wealso collect, use and share Aggregated Data for any purpose. Aggregated Datacould be derived from your personal data but is not considered by law aspersonal data as they do not reveal your identity directly or indirectly. Thismeans that you cannot be identified. However, if we combine or connectAggregated Data with your personal data so that it can directly or indirectlyidentify you, we treat the combined data as personal data which will be used inaccordance with this privacy policy.

Weanalyse the information collected to identify trends, usage, activity patterns,that will help us improve the quality of our services and provide you the bestpossible experience.

Wedo Not collect any Special Categories of Personal Data about you (this includesdetails about your race or ethnicity, religious or philosophical beliefs, sexlife, sexual orientation, political opinions, trade union membership andgenetic and biometric data). Nor do we collect any information about criminalconvictions and offences.

Wemay also collect non-Personal Information through cookies and other trackingtechnologies. Please view our Cookies Policy.

 

4.     HowIs Your Personal Data Collected?

We willcollect and process the following data about you

-       Youdirectly, when you use our Services or contact us

-       Yourinteractions with our Platform and Services

-       Thirdparties, such as business partners, service providers, and social networks

-       Informationyou give us. This is information (including Identity, Contact, and Marketingand Communications Data, health data etc.) that you consent to giving us aboutyou by filling in forms through the Platform, or by corresponding with us. Itincludes information you provide when you sign up or register to use thePlatform, download or register the Platform, subscribe to any of our services,share data via the Platform’s social media functions, enter a competition,promotion or survey, and when you report a problem with the Platform. If youcontact us, we will keep a record of that correspondence.

-       Informationwe collect about you and your device. Each time you use our Website, MobileApplication or Call Center we will automatically collect personal dataincluding Device, and Usage Data. We collect this data using cookies and othersimilar technologies.

 

5.    InformationUse

Weuse your Personal Information for the purposes of:

-      Provideand improve our Services

-      Manageour relationship with you

-      Tomanage Your Account: to manage your registration as a user of the Service.

-      Developmarketing activities

-      Communicatewith you about our products and services

-      Complywith legal and regulatory obligations

-      Preventfraud and manage risks

-      Conductbusiness operations

-       Wemay periodically contact you by phone, email, text message or mail to informyou about new products, special offers or other information which we think youmay find interesting using the information you have provided.

-       Fromtime to time, we may also use your information to contact you for marketresearch purposes.

-       Wemay use the information to customize the website according to your interests.

 

6.    LegalBasis for Processing

Weprocess your Personal Information based on:

-      Performanceof a contract

-      Compliancewith legal obligations

-      Yourconsent

-      Ourlegitimate interests

 

7.    InformationSharing

Wemay share your information with:

-      Clientsto whom you provide services

-      Trustedthird-party agents, partners, suppliers, and service providers

-      Governmentor public agencies, law enforcement authorities, regulators

-      Thirdparties acquiring any part of our business

-      Academicinstitutions for research purposes

-      Thepublic in anonymized reports

-      Ouraffiliates

Wewill only send you Notifications about ourservices and directmarketing communications by email or text if we have your consent. You have theright to withdraw that consent at any time by contacting us asdescribed below [Your Rights – Provision 10 of this Privacy Policy].

Note thatwe may share your personal data with third parties for the purposes set out inProvision 5 of this Privacy Policy to the following External Third Parties:

a)     Trainersand Health Professionals and Gyms who are advertising their services on theplatform and whom you choose and or indicate that you would like to hire viaour Platform.

b)     Paymentcard processors that process credit and debit card payments

c)     Serviceproviders acting as processors who provide IT and system administrationservices

d)     Professionaladvisors acting as processors including lawyers, bankers, auditors and insurerswho provide consultancy, banking, legal, insurance and accounting services.

e)     Regulatorsand public agencies, when we believe release is appropriate to comply with thelaw, to enforce our Terms & Conditions and other agreements or to protectthe rights, property, or safety of us, our employees or customers, our businesspartners or others.

f)      Otherauthorities who require reporting of processing activities in certaincircumstances. In these cases, we provide them with only the information theyneed to perform their function.

g)     Thirdparties we use to contact you or to send you information or news, providedthese third parties agree to comply with our privacy policy.

h)     Thirdparties to whom we may choose to sell, transfer or merge parts of our businessor our assets. Alternatively, we may seek to acquire other businesses or mergewith them. If a change happens to our business, then the new owners may useyour personal data in the same way as set out in this privacy policy.

i)      TheCompany may disclose Your Personal Data in the good faith belief that suchaction is necessary to:

a.      Complywith a legal obligation

b.     Protectand defend the rights or property of the Company

c.      Preventor investigate possible wrongdoing in connection with the Service

d.     Protectthe personal safety of Users of the Service or the public

e.      Protectagainst legal liability

 

8.    Retentionof Personal Information

Weretain your personal data only for as long as necessary to fulfill the purposesfor which it was collected, as required by applicable law. For example:

-      Contactand Identity Data is retained for 7 years after the end of the customerrelationship for tax purposes.

-      TransactionData is retained for 10 years after the transaction for accounting and taxpurposes.

-      HealthData is retained for the duration of the user’s activity on the platform anddeleted after 1 year of inactivity.

 

Whenwe no longer need to process your personal information for legitimate businessneeds, we will delete or anonymize it securely..

9.    Linksto other websites

Ourwebsite may contain links to other websites of interest. This privacy policyonly covers use of www.exaskisi.comand therefore we cannot be responsible for the protection and privacy of anyinformation you provide when you visit sites we link to. We advise whenvisiting other websites you exercise caution and check the privacy statementapplicable to the website in question.

10.  Your Rights

Youhave the right to:

-      Accessyour Personal Information

-      Rectifyinaccurate information

-      Eraseyour information in certain circumstances

-      Restrictprocessing

-      Objectto processing based on legitimate interests

-      Obtaina portable copy of your information

-      Withdrawconsent

Controllingyour personal information:

Youmay choose to restrict the collection or use of your personal information inthe following ways:

Whenever you receive an email ortext message we will provide you with an “unsubscribe” link. Click on the linkand follow further instructions to remove yourself from future communications.

Whenever you receive a phone callfrom us you may request that we do not contact you by phone in future.

If you have previously agreed to ususing your personal information for direct marketing purposes, you may changeyour mind at any time by writing to or emailing us

Toexercise these rights, contact us at info@exaskisi.com or 4 Leoforos, 16B, Pyla7080, Larnaca, Cyprus.

Youhave the right to lodge a complaint with the data protection supervisoryauthority in your country at any time. In Cyprus, this authority is the Officeof the Commissioner for Personal Data Protection (Commissioner).However, we wouldappreciate the opportunity to address your concerns before you escalate thematter to the data protection authority. Therefore, please get in touch with ususing the contact details provided above.

11.  Children's Privacy

OurPlatform and Services are not directed at children under 16 years old. If webecome aware that we have collected Personal Information from a child under 16 withoutparental consent, we will take steps to delete that information.

TheCompany may collect and store identifiers such as cookies or IP addresses fromChildren without parental consent for the purpose of supporting the internaloperation of the Service.

Wemay collect and store other personal information about children if thisinformation is submitted by a child with prior parent consent or by the parentor guardian of the child.

 

12.  Cookies and Tracking Technologies

Wemay use cookies and similar tracking technologies (like web beacons and pixels)to access or store information. Specific information about how we use suchtechnologies and how you can refuse certain cookies is set out in our CookiePolicy

13.  SocialLogins

If youregister or log in using a social media account, we may have access to certaininformation about you from the social media provider. We use this informationas described in this privacy policy.

14.  Do-Not-TrackFeatures

We do notcurrently respond to DNT browser signals or any other mechanism thatautomatically communicates your choice not to be tracked online.

15.  DataSecurity

We storeyour personal data on secure servers located outside of the European EconomicArea (EEA). To ensure your personal data is protected, we implement varioussafeguards when transferring it out of the EEA. One safeguard we use istransferring personal data to countries that the European Commission has deemedto provide an adequate level of protection. Alternatively, we use specificcontracts approved by the European Commission to give personal data the samelevel of protection it has in Europe.

For furtherdetails, see European Commission: Model contracts for the transfer ofpersonal data to third countries.

We takedata security very seriously and have strict procedures and security featuresin place to prevent your personal data from being accidentally lost, used, oraccessed in an unauthorized way. We require all data processors to whom weshare your data to use at least the same level of security we use to protectyour personal data.

If there isa suspected personal data breach, we have procedures in place to deal with itand will notify you and any applicable regulator when legally required to doso.

We mayrequest proof of identity before disclosing personal information to you inrelation to a request for the data we hold on to you.

We storeyour information on secure servers outside the European Union we usethird-party solutions to operate our servers. Your personal data will be storedby other third parties to support our business operations. We have ensured thatthese third-party providers offer an adequate level of protection in accordancewith the law and guidance given by the European Commission.

16.  Keepingyour payment details safe

We arecommitted to ensuring the protection of your payment card details. Paymentsmade via our Platform are processed and managed by specialist payment cardcompanies which are not part of us.

Anytransactions carried out by us, or our chosen third-party provider of paymentprocessing services is encrypted. We only keep an encrypted authenticationtoken to represent your card and this token is transmitted to the relevantpayment card processing company during the order processing. We only store anddisplay the first six and last four digits of your payment card number, thecard type and the card expiry date. The full payment card number is neverstored on any of our systems and is only stored and processed by a payment cardprocessing company approved by us.

17.  DataRetention

We retainyour personal data for no longer than necessary to fulfil the purposesdescribed above.

By law we mustkeep basic information about our customers (including Contact, Identity, andTransaction Data) for at least seven years after they cease being customers fortax purposes.

In somecircumstances we will anonymise your personal data (so that it can no longer beassociated with you) for research or statistical purposes, in which case we mayuse this information indefinitely without further notice to you.

If you donot use the Platform for a period of 3 years then we will treat the account asexpired and your personal data may be deleted.

18.  Updatesto This Privacy Policy

We mayupdate this Privacy Policy from time to time. Your continued use of ourPlatform and Services after any changes constitutes your acceptance of therevised Privacy Policy.

19.  Safeguards

We followgenerally accepted industry standards and maintain reasonable safeguards toattempt to ensure the security, integrity and privacy of the information inDaily Workout’s possession. Only those persons with a need to process yourpersonal data in connection with the fulfillment of their tasks in accordancewith the purposes of this Privacy Policy and for the purposes of performingtechnical maintenance, have access to your personal data in our possession.Personal data collected by us is stored in secure operating environments thatare not available to the public. To prevent unauthorized on-line access topersonal data, we maintain personal data behind a firewall-protected server.However, no system can be 100% secure and there is the possibility that despiteour reasonable efforts, there could be unauthorized access to your personaldata. By using the Platform, you assume this risk, and we will not be liablefor any misappropriation or theft of your personal data.

20.  ContactUs

If you havequestions or concerns about this Privacy Policy, please contact us at info@exaskisi.com

21.  Review,Update, or Delete Your Data

You mayhave the right to request access to, review, update, or delete the personalinformation we collect from you. To request this, please submit a data subjectaccess request or contact us.