FIPA Cyprus ← Back to home
Data protection

Privacy Policy

Last updated: 14 July 2026

This privacy policy explains how we handle personal data when you visit this website and apply for membership. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Cypriot data protection law.

1. Data controller

The controller responsible for data processing on this website is:

FIPA Cyprus Club
Belmar Co, Georgiou A' Avenue 5C, 4048 Limassol, Cyprus
Represented by Giorgos Mavrounitis
Email: info@fipa-cyprus.com · Phone: +357 99 667233

2. Accessing our website (server log files)

This website is hosted on Cloudflare Pages (Cloudflare, Inc.). When you visit the site, the hosting infrastructure automatically processes technical information transmitted by your browser — such as your IP address, date and time of access, the pages requested, the referring website, and details such as browser type and operating system. This data is processed on the basis of our legitimate interest (Art. 6(1)(f) GDPR) in delivering the website securely and reliably and in protecting it against abuse. It is not merged with other data sources.

3. Membership application form

When you submit the membership application form, we process the details you provide: first and last name, email address, phone number, vehicle make, model and year, the membership tier selected, and any message you add. We use this data solely to review and respond to your application and to contact you about club membership.

The legal basis is the taking of steps at your request prior to entering into a membership (Art. 6(1)(b) GDPR) and, where applicable, our legitimate interest in handling enquiries (Art. 6(1)(f) GDPR).

Form delivery (processor): Form submissions are transmitted and delivered to us via Web3Forms, a form-to-email delivery service, acting as our processor. The data you enter is transmitted to Web3Forms' servers for the sole purpose of forwarding it to us. We have a data processing arrangement in place with this provider. Where this involves a transfer outside the EU/EEA, it is safeguarded by the appropriate mechanisms under Chapter V GDPR (e.g. Standard Contractual Clauses). [Confirm the provider's server location and DPA, and adjust this sentence accordingly.]

Spam protection: To protect the form against automated abuse we use a hidden honeypot field and, where enabled, Cloudflare Turnstile — a privacy-preserving bot-check that does not track you across sites.

4. Contacting us directly

If you contact us by email or phone, the details you provide are processed solely to handle your enquiry, on the basis of our legitimate interest in responding (Art. 6(1)(f) GDPR) and, where your enquiry relates to membership, Art. 6(1)(b) GDPR.

5. How long we keep your data

6. Recipients and processors

We use the following processors to operate this website: Cloudflare (hosting/CDN) and Web3Forms (form delivery). We do not sell your data or use it for advertising.

7. Your rights

Under the GDPR you have the right to access, rectify, erase or restrict the processing of your personal data, the right to data portability, and the right to object to processing based on our legitimate interests. Where processing is based on your consent, you may withdraw it at any time with effect for the future.

You also have the right to lodge a complaint with a supervisory authority. In Cyprus, this is the Office of the Commissioner for Personal Data Protection.

8. Changes to this policy

We may update this privacy policy from time to time to reflect changes in our practices or for legal reasons. The current version published on this page always applies.