Cyprus Innovation & Entrepreneurship Calendar logo
Legal

Privacy Policy

Last updated: 30 April 2026

1. Who we are

The Cyprus Innovation & Entrepreneurship Calendar (the “Platform”) is an independent, non-commercial initiative run by entrepreneurs in Cyprus. It is free to use, free to be listed on, contains no advertising, and is not affiliated with any specific organization, university, government body, fund, or association. The Platform exists solely to help the Cyprus innovation, startup, and entrepreneurship ecosystem coordinate event dates and reduce scheduling conflicts.

2. What information we collect

We collect only the minimum data needed to operate the Platform:

  • Public visitors: No personal data is collected. You can browse the calendar without an account.
  • Access request form: Name, email, organization, role, organization type, optional website, and a short explanation.
  • Approved organizers: Login credentials (email, password hash) and the profile information above.
  • Event data: Information you choose to publish about events (title, date, description, organizer, links). This is intended to be public.
  • Technical data: A session cookie used solely to keep you signed in. We do not use analytics, tracking pixels, or advertising cookies.

3. Legal basis for processing (GDPR)

  • Consent — when you submit the access request or sign up.
  • Legitimate interest — to operate, secure, and maintain the Platform.
  • Performance of a service — to provide organizer functionality once approved.

4. How we use your data

  • To review and approve organizer access requests.
  • To let approved organizers post and manage events.
  • To display events to the public so the ecosystem can coordinate.
  • To prevent abuse and keep the Platform secure.

We do not sell, rent, or share your personal data. We do not run advertising. We do not use behavioural tracking.

5. Data storage & sub-processors

Data is stored using cloud infrastructure (Lovable Cloud / Supabase) on servers located within the EU. Access is restricted to platform administrators and protected by row-level security policies. Passwords are hashed; we never see your password in plain text.

6. Your GDPR rights

As a data subject in the EU, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion (“right to be forgotten”) of your account and personal data.
  • Withdraw consent or restrict processing.
  • Request data portability (a copy of your data).
  • Lodge a complaint with the Cyprus Office of the Commissioner for Personal Data Protection.

To exercise any of these rights, contact us via the About page. We will respond within 30 days.

7. Cookies

We use a single strictly-necessary cookie to keep you signed in as an organizer. We do not use analytics, marketing, or third-party tracking cookies. Public visitors do not need cookies to browse the calendar.

8. Data retention

Account data is kept for as long as your organizer account is active. Pending access requests are retained for up to 12 months for review. You may request deletion at any time. Public event data may remain visible for historical reference even after an organizer account is closed, unless you ask us to remove it.

9. Changes to this policy

We may update this policy occasionally. Material changes will be highlighted on this page.