Privacy Policy

Introduction

HyperSummit Ltd ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website hypersummit.top or use our food delivery optimisation services.

Data Controller Information

The data controller responsible for your personal information is HyperSummit Ltd, a company registered in Cyprus with registration number HE624597. Our registered office is located at Spyrou Kyprianou Street 130, Paralimni, 5291, Famagusta District, Cyprus.

Data Collection

We collect several types of personal data we collect from and about users of our website and services:

• Contact Information: Name, email address, phone number, and company details when you contact us or request our services
• Website Usage Data: IP address, browser type, device information, pages visited, and time spent on our website
• Communication Data: Records of correspondence when you contact us via email, phone, or contact forms
• Business Information: Details about your restaurant or business operations when you engage our consulting services
• Technical Data: Cookies, web beacons, and similar tracking technologies as detailed in our cookie policy

How We Use Your Information

We use of your data collected for the following purposes under various legal bases:

• Service Delivery: To provide food delivery optimisation consulting services and respond to your enquiries (Legal basis: Contract performance)
• Communication: To communicate with you about our services, respond to your requests, and provide customer support (Legal basis: Legitimate interests)
• Website Improvement: To analyse website usage and improve our online services (Legal basis: Legitimate interests)
• Marketing: To send you information about our services that may interest you, where you have consented (Legal basis: Consent)
• Legal Compliance: To comply with applicable laws and regulations (Legal basis: Legal obligation)
• Business Operations: To maintain records, conduct business analysis, and protect our legitimate business interests (Legal basis: Legitimate interests)

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Disclosure

We may share your personal information with the following categories of recipients:

• Service Providers: Third-party companies that provide services on our behalf, such as website hosting, email delivery, and analytics
• Professional Advisors: Lawyers, accountants, and other professional advisors who assist us in conducting our business
• Legal Authorities: Government authorities, law enforcement, or courts when required by law or to protect our rights
• Business Transfers: In connection with any merger, acquisition, or sale of our business assets

Data Retention

We retain your personal information for as long as necessary to fulfil the purposes for which it was collected. Specifically, we retain contact information and communication records for up to 7 years after our last interaction to comply with business record-keeping requirements. Website usage data and cookies are typically retained for shorter periods as specified in our cookie policy. We will delete or anonymise your personal data when it is no longer needed, unless we are required to retain it for legal or regulatory purposes.

International Data Transfers

As we operate primarily within the European Union, your personal data is generally processed within the EU. However, some of our service providers may be located outside the EU. In such cases, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions, to protect your personal data in accordance with GDPR requirements.

Your Rights

Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

• Right of Access: Request information about the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of processing in certain situations
• Right to Data Portability: Request transfer of your data to another organisation
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent where processing is based on consent

To exercise any of these rights, please contact us using the contact information provided below. We will respond to your request within one month, though this may be extended in complex cases.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, secure data storage, access controls, and regular security assessments. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will post the updated policy on our website and update the "Last updated" date. For significant changes, we may provide additional notice such as email notification to registered users.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Supervisory Authority

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the relevant supervisory authority. In Cyprus, this is the Commissioner for Personal Data Protection. You can also lodge a complaint with the supervisory authority in your country of residence or where the alleged infringement occurred.