Privacy Policy

Last Updated: 20 February 2026

DSSE CY LTD (hereinafter referred to as "DSSE," "we," "us," or "our") values the privacy and security of our business clients. This Privacy Policy outlines how we collect, process, store, and safeguard personal information in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and The Protection of Natural Persons with Regard to the Processing of Personal Data and the Free Movement of Such Data Law of 2018 (Law 125(I)/2018) of the Republic of Cyprus, as amended.

This policy applies to all personal data collected through our website at dsseworld.com, our social media profiles (Instagram, Facebook, TikTok), WhatsApp Business communications, and through our business-to-business operations.

This Privacy Policy applies to personal data of individuals acting in their professional capacity on behalf of business entities. When we refer to "users" or "you," we mean authorised representatives, employees, or contact persons of our corporate clients. We do not provide services to individual consumers.

1. Data Controller Information

The data controller responsible for processing information is:

DSSE CY LTD

Registered Office: Arch. Makariou III 99, 3020 Limassol, Cyprus

Registration Number: HE 479102

Email: info@dsseworld.com

WhatsApp Support: [insert number]

DSSE CY LTD is established within the European Union in Cyprus and acts as the Data Controller for all personal data processed in connection with its business operations within the European Economic Area (EEA).

2. Legal Basis for Processing Personal Data

We process data in accordance with GDPR Article 6(1). Our legal basis for processing includes:

• Contractual Necessity: Processing is essential for performing contracts with our business users (GDPR Article 6(1)(b))

• Legal Compliance: Processing is required to fulfill our legal obligations under Cyprus and EU law, including tax and accounting requirements (GDPR Article 6(1)(c))

• Legitimate Interests: Processing is necessary for our legitimate business interests, such as fraud prevention, system security, improving our services, and managing business relationships (GDPR Article 6(1)(f))

• Consent: Where explicitly provided by users for marketing communications and newsletter subscriptions (GDPR Article 6(1)(a))

Where personal data relates to employees, officers, directors, or representatives of corporate customers or suppliers, such processing is also based on our legitimate interest in conducting and managing normal business-to-business relationships and commercial transactions.

3. Categories of Personal Data Collected

The personal data we collect depends on how you interact with our services:

3.1 Account Registration Data

• Full name

• Email address

• Company name

• Telephone number

• IP address

3.2 Order and Transaction Data

• Order details and purchase history

• Delivery address

• Payment method selection

• Billing address (if different from delivery address)

• Payment processing information (processed directly by PCI-DSS compliant payment gateways; we do not store complete credit card numbers or CVV codes on our servers)

3.3 Business and Tax Information

• Company name

• VAT registration number (VAT EU or Cyprus Tax Identification Number)

3.4 Technical and Usage Data

• IP address and device identifiers

• Browser type, version, and operating system

• Website navigation data and clickstream patterns

• Page response times and download errors

• Referring URLs and exit pages

3.5 Communication Data

• Contact form inquiries

• Newsletter subscription preferences

• Customer service correspondence

• Warranty claim documentation

4. Purpose of Data Processing

We process personal data for the following specific purposes:

• Order Fulfillment: To process, manage, and deliver B2B orders, including coordination with logistics partners

• Account Management: To create and maintain user accounts for our business platform

• Customer Support: To respond to inquiries, send transactional communications (order confirmations, shipping updates), provide technical assistance, and handle warranty claims and after-sales support

• Financial Administration: To generate invoices, process payments, and maintain financial records as required by Cyprus tax law

• Marketing Communications: To send newsletters, product updates, and promotional materials where explicit consent has been provided

• Service Improvement: To analyse usage patterns, enhance website functionality, and optimize user experience

• Security and Fraud Prevention: To protect our systems, detect fraudulent activities, and ensure platform security

Where processing is based on legitimate interests, we ensure such processing is proportionate and does not override the rights and freedoms of the data subject.

5. Cookies and Similar Technologies

Our website uses cookies in accordance with the ePrivacy Directive (Directive 2002/58/EC) as implemented in Cyprus law. Cookies are small text files stored on your device that help us provide and improve our services.

5.1 Types of Cookies We Use

• Essential Cookies: Required for website functionality, including user authentication and session management

• Security Cookies: Used to detect authentication abuse and protect user accounts

• Analytics Cookies: Collect aggregated data about website usage to improve our services

• Preference Cookies: Remember your settings and preferences for enhanced user experience

• Advertising Cookies: Enable tailored marketing content based on your interests (only with consent)

We use a cookie consent management mechanism to obtain, record, and manage user consent for non-essential cookies in accordance with GDPR and ePrivacy requirements.

5.2 Managing Cookie Preferences and Consent

When you first visit our website, you will be presented with a cookie consent banner. You may choose to:

• Accept all cookies

• Accept only essential cookies

• Customize your preferences

You may change your cookie settings at any time through your browser settings.

Essential cookies do not require consent as they are necessary for the website to function. All other cookies require your explicit consent before being placed on your device. Please note that disabling essential cookies may limit your ability to use certain features of our website.

6. Data Sharing and Third-Party Recipients

We share personal data only when necessary for business operations or legal compliance. Recipients include:

• Logistics and Delivery Partners: Your delivery address and contact details are shared with courier services to facilitate order delivery

• Payment Processors: Payment information is processed by certified payment gateways that comply with PCI-DSS standards

• IT Service Providers: Hosting providers, email service platforms, technical support contractors, ERP systems, CRM systems, cloud service providers, and website platforms used to operate our business, including systems such as Odoo

• Professional Advisors: Legal counsel, accountants, and auditors who provide professional services to our business

• Government Authorities: Tax authorities, law enforcement, and regulatory bodies when legally required

All third-party processors are bound by data processing agreements that ensure GDPR compliance. We do not sell or rent personal data to third parties for their marketing purposes.

7. Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law:

• Transaction Records: Maintained for a minimum of 6 years in accordance with Cyprus tax legislation and accounting standards

• Account Data: For as long as required to address contractual obligations, warranty claims, and applicable legal requirements

• Marketing Consent: Maintained until consent is withdrawn or the user unsubscribes from communications

Data may be retained longer where necessary to comply with legal obligations, resolve disputes, or enforce agreements.

8. International Data Transfers

As a Cyprus-based company operating within the European Union, your data is primarily processed within the EU/EEA. If we transfer data to countries outside the EU/EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission (pursuant to GDPR Article 46) or reliance on adequacy decisions where applicable.

9. Your Rights Under GDPR

You have the following rights regarding your personal data under GDPR Articles 15-22 and Cyprus Law 125(I)/2018:

• Right of Access (Article 15)

• Right to Rectification (Article 16)

• Right to Erasure (Article 17)

• Right to Restriction (Article 18)

• Right to Data Portability (Article 20)

• Right to Object (Article 21)

• Right to Withdraw Consent (Article 7)

To exercise these rights, please contact us at info@dsseworld.com or via WhatsApp support. We will respond to your request within one month as required by GDPR Article 12(3).

10. Data Security Measures

In accordance with Article 32 of the GDPR, DSSE implements appropriate technical and organizational measures to safeguard personal data against unauthorized access, accidental loss, destruction, or damage. These measures include encryption, access controls, secure server infrastructure, regular security assessments, and staff training.

11. Right to Lodge a Complaint

Office of the Commissioner for Personal Data Protection (Cyprus)

Kypranoros Street 15, Nicosia 1061, Cyprus

Telephone: +357 22 818 456

Email: commissioner@dataprotection.gov.cy

Website: www.dataprotection.gov.cy

12. Social Media Platforms

We maintain business profiles on Instagram, Facebook, and TikTok. When you interact with us, your data is processed according to their privacy policies.

12.1 WhatsApp Business Communications

We use WhatsApp Business for customer support communications. Your phone number and message content are processed by Meta Platforms Ireland Limited.

https://www.whatsapp.com/legal/privacy-policy-eea

13. Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time.

14. Contact Information