TEDREC PRIVACY POLICY
Effective Date: 05.12.2025
TEDREC (“we,” “our,” “us”) is a company registered in Cyprus that provides advertising account services and technical facilitation. We are committed to protecting your privacy and handling your personal data in an open and transparent manner in accordance with the General Data Protection Regulation (GDPR) and the Cypriot Data Protection Laws (Law 125(I)/2018).
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us as a client. Please read this policy carefully. If you do not agree with the terms, please do not access or use our services.
2. Data Controller
For the purposes of GDPR, the data controller is:
TEDREC
13 Ypsilanti 6057, Larnaca
Email: erinaconnan@tedreg.org
Phone: +357 24633857
3. The Data We Collect
We collect several types of information for various purposes to provide and improve our services:
A. Personal Identification Information:
Full name
Email address
Telephone number
Business name and address (for agency clients)
Signature (from signed agreements)
B. Financial and Transaction Data:
Payment information (processed by secure third-party payment processors; we do not store full credit card details)
Invoice and billing history
Account top-up and spend records
C. Technical and Usage Data:
IP address
Browser type and version
Time zone setting and location
Browser plug-in types and versions
Operating system and platform
Information about your visit, including the full URL clickstream to, through, and from our site
Pages you viewed or searched for, page response times, download errors, length of visits to certain pages
D. Marketing and Communications Data:
Your preferences in receiving marketing from us and our third parties
Your communication preferences
Records of our correspondence (e.g., support tickets, chat logs, emails)
E. Client-Submitted Campaign Data (as per our Terms):
Landing page URLs
Geo-targeting parameters
Ad creatives (text, images)
This data is necessary for platform pre-approvals and service delivery.
4. How We Use Your Data (Purposes and Legal Basis)
We will only use your personal data when the law allows us to. Most commonly, we will use your data in the following circumstances:
Performance of a Contract: To fulfill our obligations under our Terms & Conditions with you, including account delivery,
billing, and support (Legal basis: Article 6(1)(b) GDPR).
Legitimate Interests: For managing our business, providing administration and IT services, network security, fraud prevention, and informing you about changes to our services (Legal basis: Article 6(1)(f) GDPR). We ensure our interests do not override your fundamental rights.
Legal Obligation: To comply with our legal and regulatory obligations in Cyprus (Legal basis: Article 6(1)(c) GDPR).
Consent: For sending certain direct marketing communications. You have the right to withdraw consent at any
time (Legal basis: Article 6(1)(a) GDPR).
Purpose/Activity
Type of Data
Lawful Basis for Processing
To register you as a new client
(A) Identity & Contact
Performance of a contract
To process and deliver services, manage payments
(A), (B), (E) Identity, Financial, Campaign Data
Performance of a contract
To manage our relationship with you (notify of changes, get feedback)
(A), (D) Identity, Contact, Marketing
Performance of a contract, Legal obligation, Legitimate interests
To administer and protect our business and website
(C) Technical
Legitimate interests (for running our business, IT security)
To deliver relevant website content and measure effectiveness
Legitimate interests (to study how clients use our services, to grow our business)
To use data analytics to improve our website and services
(C) Technical
Legitimate interests (to define types of clients, keep website updated)
To make suggestions/recommendations about services that may interest you
(A), (C), (D) Identity, Contact, Technical, Profile, Usage
Legitimate interests (to develop our services and grow our business)
5. Data Sharing and International Transfers
We may share your personal data with the following categories of third parties:
Service Providers: Trusted third parties who provide IT, system administration, payment processing, and hosting services. They act only on our instructions and are bound by confidentiality.
Advertising Platforms: As necessary to set up and manage your accounts (e.g., Meta, Google, Bing).
Their use of your data is governed by their own privacy policies.
Professional Advisors: Including lawyers, bankers, auditors, and insurers in Cyprus or abroad.
Regulatory Authorities: If required by Cypriot or EU law.
Some of these third parties may be located outside the European Economic Area (EEA). We will ensure any transfer is made using appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, or to countries deemed to provide an adequate level of protection.
6. Data Security
We have implemented appropriate technical and organizational security measures (including SSL encryption, access controls, and secure data centers) to prevent your personal data from being accidentally lost, used, and accessed in an unauthorized way, altered, or disclosed.
7. Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements in Cyprus. We typically retain client data for **seven (7) years** from the end of our contractual relationship to comply with Cypriot tax and commercial law. Inactive prospect data is deleted after **two (2) years**.
8. Your Legal Rights Under GDPR
Under certain circumstances, you have rights under data protection laws in relation to your personal data:
Right of Access: Request copies of your personal data.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data.
Right to Restrict Processing: Request restriction of processing your personal data.
Right to Data Portability: Request transfer of your data to another controller.
Right to Object: Object to processing based on legitimate interests or direct marketing.
Right to Withdraw Consent: Where we rely on consent, you can withdraw it at any time.
To exercise any of these rights, please contact us using the details in Section 2. We may need to request specific information from you to confirm your identity. You also have the right to lodge a complaint with the Cypriot supervisory authority:
Commissioner for Personal Data Protection
1 Iasonos Street, 1082 Nicosia, Cyprus
Tel: +357 22818456
Email: commissioner@dataprotection.gov.cy
9. Cookies
Our website uses cookies to distinguish you from other users. This helps us provide you with good experience and improve our site. You can set your browser to refuse all or some browser cookies.
10. Changes to This Privacy Policy
We may update this policy from time to time. The updated version will be indicated by an updated “Effective Date” and will be effective as soon as it is accessible. We encourage you to review this policy periodically.
11. Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact our Data Protection Lead at:
Email: erinconnan@tedrec.org
Postal Address: 13 Ypsilanti 6057, Larnaca