Privacy Policy

Last updated: 11/01/2026

This Privacy Policy explains how we collect, use, and protect personal data when you visit or contact D.A. Christoforou (“we”, “us”, “our”).

Who we are (Data Controller)
Legal name: D.A. Christoforou & Sons Ltd
Trading name: D.A. Christoforou
Address: 1 Ioanni Marsellou, Larnaca 6018, Cyprus
Email: [email protected]

Phone: +357 24 653546, +357 24 626744
Company Reg. No: HE2880
VAT No: CY10002889Q

What personal data we collect
We may collect and process the following categories of data:

• Data you provide when contacting us
• Name, phone number, email address
• Messages and attachments you send (e.g., photos of parts, nameplates, site photos, measurements)
• Quote details (product type, specifications, delivery location, timelines)
• Website usage and technical data
• IP address, device and browser information, pages visited, approximate location (city/region), and basic analytics data
  This data is typically collected through server logs and (once enabled) analytics/tracking tools.

Business communications
If you contact us by phone/WhatsApp/Viber/email, we may retain the conversation history to support your request, identify spare parts, provide quotes, and provide after-sales support.

How we use your data
We use personal data to:

• Respond to enquiries, quotes, and stock checks
• Identify spare parts and confirm compatibility
• Arrange delivery or shipping where requested
• Provide support, warranty handling, and after-sales service
• Improve our website and understand what users search for (analytics, if enabled)
• Protect our website and prevent abuse/fraud

Legal basis (GDPR)
Depending on the context, we process data based on:

• Legitimate interests: replying to enquiries, providing quotes, operating and securing the website
• Contract / steps before contract: preparing quotes, processing orders after you accept a quote
• Consent: for optional analytics/advertising cookies (when enabled, via cookie banner)

Sharing your data
We do not sell personal data. We may share data only when necessary, such as:

• Couriers / shipping providers (for delivery): e.g., local couriers (Cyprus deliveries), international courier/postal providers (worldwide shipments)
• Hosting and infrastructure providers: Vultr (website hosting), and any security/caching tools you use
• Analytics/advertising providers (when enabled): Google Analytics, Google Ads, Meta (Pixel)

International transfers
Some service providers (e.g., Google/Meta) may process data outside the EU/EEA. Where this applies, we rely on appropriate safeguards (such as standard contractual clauses) and cookie-consent controls for non-essential tracking.

Data retention
We keep personal data only as long as needed:

• Enquiries/quotes: typically retained for a reasonable period to follow up and support the request
• Orders/invoices: retained as required for accounting/tax and warranty purposes
• Analytics data: retained according to the settings of the analytics platform (when enabled)

Your rights (GDPR)
You have rights to:

• Access your data
• Correct inaccurate data
• Request deletion (where applicable)
• Object to or restrict processing (in certain cases)
• Data portability (where applicable)
• Withdraw consent for non-essential cookies at any time (via cookie settings)

To exercise your rights, contact: [email protected]

Complaints
If you believe your rights are violated, you can also complain to the Cyprus supervisory authority (Office of the Commissioner for Personal Data Protection).

Security
We apply reasonable technical and organisational measures to protect data. No online system is 100% secure, but we aim to prevent unauthorised access and misuse.

Links to other websites
Our site may link to third-party sites (e.g., Facebook, Instagram, Google Business Profile). Their privacy practices are governed by their own policies.