Table of Contents:
of personal information we receive and collect from you when you view and use our website and how that information it is used.
Who Are We?
Extra Dimensions Limited , a company incorporated in
4 Agiou Nektariou, Flat/Office 101, Agia Varvara, 2560 Nicosia, Cyprus E-mail:
2.Our clients may submit inquiries regarding personal data protection, privacy and security matters to
Information we collect
‘personal data’ means any information relating to an identified
or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified,
directly or indirectly, in particular by reference to an identifier such as a name, an identification number,
location data, an online identifier or to one or more factors specific to the physical, physiological, genetic,
mental, economic, cultural or social identity of that natural person. (Article 4, Regulation (EU) 2016/679 of
the European Parliament – GDPR)
In order to use our website OnlineCrush.com you need to provide us with some Personal Data, such as your email address and password. You may also be required
to provide us with Personal Data relating to yourself, such as your name, phone number, postal address and/or
payment information, including bank account, credit or debit card number.
We will solely process this information to provide you with the Service you signed up for.
Besides the Personal Data that you freely choose to share with us, we may collect and
process various information regarding your use of - and your behavior through - the services provided by us.
When you visit our website OnlineCrush.com we store the name of your internet service provider, the website from which you visited us from, the parts of
the website you visit, the date and duration of your visit, and information from the device (device type, operating
system, screen resolution, language, country you are located in, and web browser type) you used during your visit.
We only capture and store a truncated version of your IP address. It is captured and stored in an anonymized format
by suppressing the last octet so your full IP address never reaches our servers and we never have access to it.
We process this usage data to facilitate your access to the services we provide (e.g.
to adjust the services to the device you are using), and to recognize and stop any misuse. We also process usage
data in an anonymized form for statistical purposes and to improve our website OnlineCrush.com.
With regards to the information relating to your behaviour through our website that we automatically collect,
we use them for the purpose of improving and personalizing the services so as to better meet your expectations.
use of certain functions.
We will inform you about relevant changes concerning the Service, such as the implementation
of additional functions, by posting it on this website and by e-mail.
What do we use your information for?
Any of the information we collect from you may be used for one or more of the following purposes:
To personalize and improve your experience;
To improve our website;
To send periodic e-mails if you have opted in to receiving such emails;
For tracking purposes.
If at any time you would like to unsubscribe from receiving future e-mails, you may contact us
EU General Data Protection Regulation (GDPR). The processing of your data is either
based on your consent or in case the processing is necessary for the performance of a contract to which you
are a party, or in order to take steps at your request prior to entering into a contract, cf. GDPR article 6(1)(a)(b).
If the processing is based on your consent, you may at any time withdraw your consent
by contacting us using the contact information in clause 1.
In order to become a member, you must provide us with the required personal data.
If you do not to provide us with all the required information, it will not be possible to deliver the Service.
Children’s Online Privacy Protection Act Compliance. We will not intentionally collect
any information from anyone under thirteen (13) years of age. Our website, products and services are all directed
at people who are at least eighteen (18) years old or older, cf. GDPR article 8.
E. Personal data protection
The physical security of the data you upload to OnlineCrush.com has been protected by our special security protocols engineered to afford a high degree of integrity and
protection against the theft, destruction, unauthorized use, or alteration of the information associated with
you or collected from you. However, no one can guarantee absolute protection of data stored on servers, and
we do not warrant or guarantee the protection and security of any data you enter, upload, or transmit, but we
have a high degree of confidence that our protocols result in security in line with sound business practices and industry standards.
We will store your usage data until such time when you withdraw your consent for us
to do so. All other Personal Data herein specified will be retained for as long as is necessary for the purpose(s)
for which we originally collected it. We may also retain information and/or Personal Data as required by law.
Confidentiality. All personnel are subject to full confidentiality and any subcontractors
and subprocessors are required to sign a confidentiality agreement if not full confidentiality is part of the
main agreement between the parties
Transparency. We will at all times keep you informed about changes to the processes
to protect data privacy and security, including practices and policies. You may at any time request information
on where and how data is stored, secured and used. We will also provide the summaries of any independent audits
of the Service.
The ability to intervene. We enable your rights of access, rectification, erasure,
blocking and objection by offering you the option to send instructions to the following e-mail address
Monitoring. We use security reports to monitor access patterns and to proactively
identify and mitigate potential threats. Administrative operations, including system access, are logged to
provide an audit trail if unauthorized or accidental changes are made.
System performance and availability is monitored from both internal and external monitoring services.
Personal Data breach notification. In the event that your data is compromised, we will
notify you and competent Supervisory Authority(ies) within seventy two (72) hours by e-mail with information
about the extent of the breach, affected data, any impact on the Service, as well as our action plan for measures
to secure the data and limit any possible detrimental effect on the data subjects.
"Personal data breach". means a breach of security leading to
the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal
data transmitted, stored or otherwise processed in connection with the provision of the Service. (Article 4,
Regulation (EU) 2016/679 of the European Parliament – GDPR)
Disclosure of information to third-party
‘Third party’ party means a
natural or legal person, public authority, agency or body other than the data subject, controller, processor
and persons who, under the direct authority of the controller or processor, are authorised to process personal data”.
We do not sell, trade or otherwise transfer to outside parties any personally
This does not include trusted third parties or subcontractors who assist us in
operating our website, conducting our business, or servicing you. Such trusted parties may have access to
personally identifiable information on a need-to-know basis and will be contractually obliged to keep your
Our employees will have access to your personal data. In such a case,
access will be granted only if necessary for the purposes described and only if the employee is bound by an
obligation of confidentiality.
We may also release your information when we believe release is appropriate to
comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.
We will monitor subcontractors’ and sub-processor’s maintenance of these standards
and audits to ensure that data protection requirements are fulfilled.
Legally required disclosure. We will not disclose the customer’s data to law
enforcement except when instructed by you or where it is required by law. When governments make a lawful
demand for customer data from us, we strives to limit the disclosure. We will only release specific data
mandated by the relevant legal demand.
If compelled to disclose your data, we will promptly notify you and provide a copy
of the demand unless legally prohibited from doing so.
Occasionally, at our discretion, we may include or offer third party products or services
on our website. These third party sites have separate independent privacy policies. We therefore have no
responsibility or liability for the content and activities of these linked websites. Nonetheless, we seek to
protect the integrity of our website and welcome any feedback about these websites.
Where do we store the information
Personal data location. All data are stored in databases and file repositories with
us in our servers.
Access, data portability, migration, and transfer back assistance
You may at any time obtain confirmation from us as to whether or not personal data
concerning you are being processed.
You may at any time order a complete data copy, which you may transmit to another
controller of the data. Your data will be delivered by us within sixty (60) working days, and free of charges.
Request for rectification, restriction or erasure of the personal data
Rectification. You may at any time obtain without undue delay rectification of inaccurate
personal data concerning you, cf. clause E.6.
Restriction of processing personal data. You may at any time request us to restrict
the processing of personal data when one of the following applies:
if you contest the accuracy of the personal data,
for a period enabling us to verify the accuracy of the personal data;
if the processing is unlawful and you oppose the erasure of the personal data and
request the restriction of their use instead; or
if we no longer needs the personal data for the purposes of the processing, but they
are required by you for the establishment, exercise or defence of legal claims.
Erasure. You may without undue delay request the erasure of personal data concerning
you, and we shall erase the personal data without undue delay when one of the following applies:
if the personal data are no longer necessary in relation to the purposes for which
they were collected or otherwise processed;
if you withdraw your consent on which the processing is based, and where there is no
other legal ground for the processing;
if you object to the processing in case the processing is for direct marketing purposes;
if the personal data have been unlawfully processed; or
if the personal data have to be erased for compliance with a legal obligation in EU or national law.
Following termination of your account, we may retain your Personal Data (in part or in whole)
in order to meet any regulatory and reporting requirements for the timeframes stipulated by law and in order to be
able to address customer service issues. Any other Personal Data we would have been processing on your behalf would
be deleted permanently .You may request a data copy before termination. You must not cancel the Service account until
the data copy has been delivered, as we otherwise will not be able to deliver the data copy.
Data retention policy. Your data will due to tax regulations be retained for up to ten
(10) full fiscal years from your cancellation of your Service account.
We will cooperate with you in order to ensure compliance with applicable data protection
provisions, e.g. to enable you to effectively guarantee the exercise of data subjects’ rights (right of access,
rectification, erasure, blocking, opposition), to manage incidents including forensic analysis in case of security breach.
Terms of service
Please also visit our Terms & Conditions section establishing the use, disclaimers, and
limitations of liability governing the use of our website at T&C
You may at any time lodge a complaint with a supervisory authority regarding our
collection and processing of your personal data.