Privacy Policy

This Privacy Policy explains how ASD may collect, use, store, protect, and process personal data when users visit the ASD website, create an account, subscribe to ASD, browse campaigns, submit claims, or communicate with ASD.

ASD is intended to operate as a Cyprus/EU-facing platform. This Privacy Policy is prepared as a draft structure and should be reviewed by a qualified Cyprus/EU data protection lawyer before publication or commercial launch.

The data controller is the legal entity responsible for deciding how and why personal data is processed through ASD.

Final company details, registered company name, registered address, email address, and data protection contact details should be added here before launch.

Company name: To be completed.

Registered address: To be completed.

Contact email: To be completed.

ASD may collect personal data directly from users when they create an account, complete their member profile, join a waitlist, submit a claim, subscribe, contact ASD, or interact with the platform.

This may include full name, username, email address, phone number, country of origin, city, account login details, subscription status, eligibility status, claim history, campaign interest, messages sent to ASD, and technical website usage data.

For property-related campaigns, ASD may later need additional information to support eligibility checks, legal review, transfer procedures, identity verification, payment coordination, or communication with professional advisors. These additional requirements should be confirmed by ASD and its legal advisors before launch.

ASD may collect data when users fill in forms, create an account, update their dashboard profile, subscribe, submit a campaign claim, upload or provide information, communicate with ASD, or use the website.

ASD may also collect limited technical data automatically, such as browser type, device information, IP address, pages visited, timestamps, and cookie-related information, depending on the analytics, hosting, security, and platform tools used.

ASD may process personal data to provide account access, manage user profiles, operate the member dashboard, manage campaign claims, review eligibility, communicate with users, process subscriptions, maintain platform security, improve the website, comply with legal obligations, and manage relationships with sellers, suppliers, developers, or partners.

ASD may also use user information to confirm whether a profile is complete before allowing campaign claims and to contact users after a claim has been submitted.

ASD may rely on different legal bases depending on the purpose of processing. These may include performance of a contract, steps taken before entering into a contract, compliance with legal obligations, legitimate interests, and consent where required.

Examples include using account data to provide platform access, using claim data to review campaign reservations, using payment-related data to manage subscriptions, using contact details to communicate with users, and using technical data to protect and improve the platform.

The final legal bases should be reviewed and confirmed by a qualified data protection lawyer before publication.

ASD may use third-party payment providers to process subscription payments or other payments. ASD should not store full payment card details directly unless expressly stated and legally reviewed.

Payment providers may process payment information according to their own privacy policies and terms.

ASD may store limited payment-related information such as subscription status, payment confirmation, billing status, renewal status, cancellation status, and transaction references where needed for account management, legal compliance, or support.

When a user submits a claim, ASD may process the user’s profile details, email address, username, claim time, campaign selected, claim status, eligibility status, and communication history.

ASD may use this information to review the claim, confirm whether the profile is complete, assess eligibility, contact the user, manage campaign availability, and coordinate next steps.

For property campaigns, additional information may be required later for legal checks, transfer procedures, identity verification, tax review, or professional review.

ASD may share personal data only where necessary for platform operation, campaign management, legal compliance, professional review, payment processing, delivery coordination, or transaction completion.

Potential recipients may include hosting providers, database providers, payment processors, email providers, analytics providers, legal advisors, accountants, property developers, sellers, suppliers, delivery providers, agents, or other professional partners.

ASD should only share the minimum information necessary for the relevant purpose and should ensure appropriate contractual and legal safeguards where required.

Some service providers used by ASD may process or store data outside Cyprus or the European Economic Area.

Where personal data is transferred internationally, ASD should ensure that appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other legally approved transfer mechanisms where required.

The final wording for international transfers should be reviewed by a data protection lawyer after ASD confirms its final hosting, database, payment, analytics, email, and operational providers.

ASD may use cookies, analytics tools, and similar technologies to operate the website, improve user experience, protect the platform, and understand how visitors use the website.

Cookie use should be explained in the ASD Cookie Policy.

Where consent is required for optional cookies, analytics, advertising, or tracking technologies, ASD should request and manage user consent through an appropriate cookie consent system.

ASD should keep personal data only for as long as necessary for the purpose for which it was collected, unless a longer retention period is required for legal, tax, accounting, fraud prevention, dispute, or compliance reasons.

Account data may be kept while the user account remains active. Claim-related data may be kept for a period necessary to manage claims, disputes, legal obligations, and platform records.

Final retention periods should be confirmed before launch and may be included in a detailed retention schedule.

ASD should apply appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration, disclosure, or destruction.

Security measures may include access controls, secure authentication, database permissions, hosting security, encrypted transmission, role-based admin access, monitoring, and staff or partner confidentiality obligations.

No online system can be guaranteed to be completely secure, but ASD should take reasonable and appropriate steps to protect user data.

Users may have rights under applicable data protection laws, including the right to access personal data, request correction, request deletion, restrict processing, object to processing, request data portability, and withdraw consent where processing is based on consent.

Users may also have the right to lodge a complaint with the relevant data protection authority.

The exact rights and procedures should be reviewed and confirmed by ASD’s legal advisor before launch.

ASD is not intended for use by children or minors.

Users may need to confirm that they are legally able to create an account, subscribe, submit claims, and enter into any campaign-related transaction.

If ASD later allows family accounts, guardians, or other account structures, this section should be updated after legal review.

ASD may contain links to third-party websites, partner websites, payment providers, seller websites, delivery providers, or professional service providers.

ASD is not responsible for the privacy practices, legal terms, security, or content of third-party websites or services.

Users should review the privacy policies and terms of any third-party service before using it.

ASD may update this Privacy Policy from time to time to reflect changes in platform features, legal requirements, service providers, data practices, or business operations.

Updated versions may be published on this page with a revised date.

Users may contact ASD regarding privacy questions, data protection requests, or account data concerns using the contact details provided on the website.

Final privacy contact details should be added before publication.