Note: This Privacy Policy is also available in Greek on the Greek-language pages of this website. In case of any discrepancy or ambiguity between the two versions, the English version shall prevail.
Welcome to the Privacy Policy of the Pancyprian Footballers’ Association (PASP)! We are committed to protecting your personal data and ensuring its confidentiality and security, in line with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Cyprus Processing of Personal Data (Protection of the Individual) Law of 2018 (Law 125(I)/2018). This policy explains how we collect, use, and protect your information when you interact with our website. By using our website, you agree to the practices described herein.
About PASP: In this document, “PASP” refers to the Pancyprian Footballers’ Association, the official representative body for professional footballers in Cyprus.
1. What Data Is Collected
1.1. Cookies & Usage Data
We collect limited technical data through the use of cookies and similar technologies, such as your device type, browser, pages visited, and interaction patterns. This data helps us understand how users engage with the website and improve our services.
Please refer to Section 6 (Cookies and Tracking Technologies) below for detailed information about the types of cookies used and how to manage your preferences.
1.2. User-Submitted Data
This website does not include public contact forms and does not collect personal data directly from the general public. In specific cases (e.g., voting forms for PASP members), we may collect limited data such as full name and team affiliation. These forms are shared only with relevant users via secure, non-public links. No sensitive personal data is requested, and the data is processed solely for the stated internal purpose (e.g., vote verification).
2. Data Controller
The Data Controller for this website is:
Pancyprian Footballers Association (PASP), 48 Themistokli Dervi Street, Office 202, 1066 Nicosia, Cyprus | Email: info@pasp.org.cy | Phone: +357 22 466508
2.1 Legal Basis for Processing
We process personal data on the following legal grounds, as defined by the GDPR:
- Consent: When you have given clear consent for the collection and use of your personal data (e.g., accepting cookies).
- Contractual Necessity: When processing is required to perform a contract or take steps prior to entering into a contract (e.g., participation in member-only activities).
- Legal Obligation: When processing is necessary to comply with a legal requirement (e.g., compliance with tax or sports governance regulations).
- Legitimate Interests: When processing is necessary for our legitimate interests (e.g., ensuring secure and functional use of the website), provided that such interests are not overridden by your fundamental rights and freedoms.
2.2 Inquiries
For any inquiries regarding data protection, you may contact PASP at info@pasp.org.cy. You may also reach out to the Office of the Commissioner for Personal Data Protection in Cyprus at commissioner@dataprotection.gov.cy.
3. How We Use Your Data
The data collected automatically (such as cookies and usage data) is used for the following purposes:
- Ensuring the secure and efficient operation of the website
- Analyzing website traffic and improving user experience
- Storing user preferences (e.g., language settings), with user consent
Purpose of Collection: Personal data is collected and processed solely to support website functionality, maintain security, and improve accessibility and performance.
In specific cases where voting forms are shared with footballers, any personal data voluntarily submitted (such as full name and team) is used exclusively to verify identity and ensure the integrity of internal procedures (e.g., voting or surveys). This data is not used for any promotional, commercial, or profiling purposes.
4. How We Protect Your Data
We take appropriate technical and organizational measures to protect the personal data processed via our website. These include secure servers, encryption technologies, access controls, and periodic security reviews.
Security Measures: We implement appropriate security measures, such as encryption, secure data storage, and access controls, to prevent unauthorized access, use, or disclosure of your personal data.
5. Your Rights
As a user of our website, you have the following rights under the General Data Protection Regulation (GDPR):
- Right to Access (Article 15): You have the right to request access to the personal data we hold about you, including any data collected via cookies or usage data.
- Right to Rectification (Article 16): You can request the correction of any inaccurate or incomplete personal data that we hold about you.
- Right to Erasure (Article 17): You have the right to request the deletion of your personal data, provided that the data is no longer necessary for the purposes for which it was collected, or if you withdraw your consent (where applicable).
- Right to Restriction of Processing (Article 18): You can request that we restrict the processing of your personal data under certain conditions, such as if you contest the accuracy of the data or if the processing is unlawful.
- Right to Data Portability (Article 20): You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another data controller.
- Right to Object (Article 21): You can object to the processing of your personal data at any time, including the use of cookies or other tracking technologies.
If you wish to exercise any of these rights, please contact us at info@pasp.org.cy. We will respond to your request in accordance with GDPR requirements and applicable legislation, typically within one month.
6. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and provide you with personalized content. Cookies are small text files stored on your device when you visit our website.
We use both essential and non-essential cookies:
- Necessary Cookies (Always active): Required for basic site functionality such as secure login, navigation, or saving your consent preferences. These cookies do not store personally identifiable information.
- Functional Cookies: Enable specific features like content sharing, media playback, or third-party tools.
- Analytical Cookies: Help us understand how visitors interact with the site (e.g., page visits, bounce rates).
- Performance Cookies: Measure loading speeds and responsiveness to optimize user experience.
- Advertisement Cookies: Deliver personalized ads based on prior browsing activity and help assess campaign effectiveness.
- Social Media Cookies: Allow content sharing and integration with social media platforms, and may track your interaction with embedded content.
Additional cookie categories may be used depending on the services integrated at any given time. All non-essential cookies are only activated with your explicit consent.
You can manage your cookie preferences at any time by clicking the cookie settings icon or tab visible on the screen (e.g., footer or popup). Each category includes a short explanation of its purpose.
Νote: Essential cookies are required for the website to function properly. If you do not wish to accept even these, you may choose to discontinue your visit to the website.
7. Children’s Data Protection
Our website may occasionally be accessed by individuals under the age of 16, especially if they are registered athletes or members of PASP-related activities. We do not intentionally collect personal data from minors without the prior consent of a parent or legal guardian. If you are a parent or guardian and believe your child has submitted personal data via the website, please contact us at info@pasp.org.cy so that we can take appropriate action.
8. Sensitive Data
We do not collect or process any special categories of personal data (such as data concerning health, religion, political opinions, or biometric identifiers) through this website. Users are requested not to submit such information via any communication channels that may be provided.
9. Data Sharing
We do not share personal data with third parties for marketing or commercial purposes. However, limited data may be shared with trusted service providers (data processors) solely for operational purposes, such as hosting, maintenance, or technical support of the website. These third parties process data strictly under our instructions and in accordance with the GDPR. PASP ensures that all such processors adhere to appropriate data protection and security standards.
We do not sell or rent personal data under any circumstances.
10. Third-Party Services
10.1 Linked Websites
Our website may contain links to external websites or services not operated by us. These may include social media platforms, sponsors, or partners. Please note that we are not responsible for the privacy practices or content of these third-party websites. We encourage you to read their respective privacy policies before interacting with them.
10.2 Payment Platforms – Πλατφόρμες Πληρωμών
For some services, such as registration fees or renewals, our website may redirect you to third-party payment platforms like JCCsmart.com or Bill.me. These services operate independently of our website, and we do not collect or process any payment or financial data directly.
Transactions are securely handled by the respective platforms, under their own terms and privacy policies. PASP does not store credit card data or access sensitive billing details. We recommend reviewing the payment provider’s policies before proceeding.
11. Data Retention
We retain personal data only for as long as is necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. When data is no longer needed, it is securely deleted or anonymized. Data retention practices are reviewed periodically to ensure ongoing compliance with the General Data Protection Regulation (GDPR).
12. Automated Decision-Making
We do not use your personal data to make decisions based solely on automated processing, including profiling, that produce legal effects concerning you or similarly significantly affect you.
13. Incident Response Policy
In the event of a personal data breach, we will promptly assess the situation and implement appropriate technical and organizational measures without undue delay.
If the breach is likely to result in a risk to the rights and freedoms of natural persons, we will notify the relevant Data Protection Authority within 72 hours, in accordance with Article 33 of the General Data Protection Regulation (GDPR).
If the breach is likely to result in a high risk to the rights and freedoms of individuals, we will also inform affected data subjects without undue delay, in accordance with Article 34 GDPR.
Notifications will include:
- A description of the nature of the breach
- The categories and approximate number of data subjects and records involved
- The likely consequences of the breach
- The measures taken or proposed to address and mitigate the breach
The Data Controller is responsible for coordinating the incident response and ensuring that any required communications are made in a timely and transparent manner.
If the breach is unlikely to result in a risk to individuals’ rights and freedoms, no notification to data subjects is required.
14. Complaint Mechanism
If you have any concerns or complaints regarding the way we process your personal data, we encourage you to contact us first at info@pasp.org.cy so we can attempt to resolve the matter promptly and amicably.
If you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority. In Cyprus, you may contact the Office of the Commissioner for Personal Data Protection at commissioner@dataprotection.gov.cy.
15. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or service offerings. The updated version will be posted on this page and will be effective from the date of publication. We encourage you to review this page periodically to stay informed about how we protect your data.
16. Contact Us
If you have any questions about these Terms of Use or the operation of this website, please contact us at:
Pancyprian Footballers’ Association (PASP)
Address: 48 Themistokli Dervi Street, Office 202, 1066 Nicosia, Cyprus
Phone: +357 22 466508
Email: info@pasp.org.cy
By accessing and using this website, you acknowledge that you have read, understood, and agreed to this Privacy Policy.
For more information, please also review our:
