Privacy Policy



W.C.C Web Cyprus Community , UIC HE 412569, address Agia Theklas 82, Thaliana complex 7, Sotira 5391, Cyprus, represented by ILIYA EFTIMOV HRISTOV


This Privacy Policy regulates the data collection and processing on the Site.

Contact details


Data protection officer: Iliya Hristov, contact details:; +357 95 500 224



We process personal data only when one of the following applies:

  • There is concluded contract between you and us with the purpose to execute our contractual obligations;
  • We received explicit consent from you - the purpose is being specified for each case;
  • There is legal obligation for us to process the personal data;
  • The legitimate interest of the Controller

In this Privacy policy you will find detailed information regarding the processing of personal data.


We process personal data to execute our contractual and precontractual obligations. The purpose of the processing is as follows:


  • To Identify the data subject
  • To provide our services and products
  • Prepare offers
  • Send you invoices/ bills for the services you are using
  • To provide you full support
  • To receive payments from you
  • To maintain correspondence with you
  • To prevent unlawful behavior or breach of our Terms of use and Privacy policy

Data we process

On this ground, we process information regarding the type and content of the contract as well as any other information related to the contracted, including:

  • Personal contact data - contact address, email, phone;
  • names
  • email
  • personal number, social security number or UIC
  • gender
  • address
  • age/ date of birth
  • orders history
  • client service communication
  • any information published by the client such as photos, education level, professional experience, articles, blog post, products for sale, job offers, information about a business or personal page, events, and any other information published by the client;


In order to execute our contractual obligations, we need the above informаtion or the execution would be impossible without it.  Such personal data shall be marked in a specific way with a “*” or another sign. All other personal data is collected voluntarily.

Transfer of personal data to third parties

We transfer data to third parties with the purpose to improve the quality of our services and offer you full support. We only transfer personal data to third parties, who have proved to us they have applied or required organizational and technical security measures. In this case, we are responsible for the privacy and security of your data.

We transfer personal data to the following categories of third parties

  • postal and shipment service providers
  • hardware and software service providers
  • consulting service providers, such as lawyers, accountants, tax advisors and others
  • cloud service providers, such as AWS, Google, Microsoft etc.
  • communication applications such as Slack, Microsoft Teams, Zoom and others
  • Document and note creation tools such Microsoft word, Google Doc, Evernote and others

Data deletion

We delete personal data processed on this ground after 5 years after the contract has expired regardless of the reason of the expiration. We chose this time period, because this is the expiration period for the claims from a contract.

We delete personal data collected during pre contractual relations after 12 months.


User Profile

Each registered user has a unique user profile. In the account setttings each registered user can manage their personal data protection settings, including to add, correct and delete personal data, to subscribe and unsubscribe from emails, to download personal data information, to controll privacy settings such as which information is public or private.

Automated processing

We do not use automated algorithms for processing personal data.


Sometimes there is a legal obligation for us to process personal data. In these cases we are obliged to process personal data. Such cases are:

  • Obligations under Measures against money laundry act (MAMLA);
  • Obligations under Consumer protection act (CPA)
  • Obligations to provide personal data to Consumer protection commission and third parties under CPA;
  • Obligations to provide personal data information to Personal data protection commission
  • Obligations under Accounting act and Tax-Insurance Procedure Code (TIPC)
  • Obligations to provide information to the court or third parties under the applicable procedure laws;
  • Obligation to certify the age of the data subject

Data deletion

Personal data processed on this ground is being deleted after the obligation has been fulfilled or has expired. For example under the Accounting act we must store the personal data 11 years.

Transfer of data to third parties

In case of legal obligation for us we could transfer personal data to third parties such as public authorities.



We collect and analyze data on the grounds of our legitimate interest. This data is collected in order to improve our services and client support. On this ground, we collect information regarding the behaviour of our customers and analyze this data. Such data could be: an anonymized IP address that shows only a general location, behaviour on the website of the organization, duration of user sessions on the site;

In case the collected data goes beyond our legitimate interest we would ask for your explicit consent.

Your data could be anonymized. Anonymisation is an alternative to data deletion. When the data is anonymized you could no longer be identified.





We process personal data on this ground only after your explicit consent. The consent is given in compliance with Art. 7 from Regulation 679/ 2016 (GDPR).

We do not foresee any negative consequences for you in case you decide not to share your personal data.

The consent is a separate ground for the processing of personal data and the purpose of the processing is specified for each case.

Processed data

On this ground we process only the data for which we have received your explicit consent. However, in most cases this data includes:

  • Email
  • Name

Transfer to third parties

On this ground we could transfer personal data to third parties, specified with the consent.

Withdrawal of the consent

The consent could be withdrawn at any time. The withdrawal does not in any way affect any contracts or other relations between you and us. The withdrawal does not affect the processing before the withdrawal was given.

To withdraw your consent you just have to use our website or write us an email.

Data deletion

We delete the data processed on this ground after receiving demand from you or 18 months from the initial processing.


Email Marketing

In case you sign up to receive emails from us, you will receive messages with up-to-date information about our services, the services of our partners or other useful information. You can unsubscribe from the email newsletter by clicking the button in the email labeled "unsubscribe" or other similar text. You can also unsubscribe using our contact information provided in this Policy.The data from the Register are not sent to third parties. Google Inc and other marketing platforms


We process data for statistical purposes, which includes analyses in which the results are just general and thus the data is anonymous. It is impossible to identify a person from this data.

Your data could also be anonymized, which is an alternative of the data deletion. In this case all personal data elements, which allow the identification of a person will be permanently deleted. The anonymized data is not a personal data.



To ensure the protection of personal data of the company and the clients we apply all required organizational and technical measures under Data protection act and GDPR, as well as the best international practices.


We have adopted Rules for data processing in the company. To ensure maximum security we could apply additional protection measures such as pseudonymisation, encrypting and other.