At Erabill, we are committed to protecting your privacy and ensuring that your personal data is handled in compliance with the General Data Protection Regulation (GDPR). This Privacy Policy outlines how we collect, use, store, and protect your personal information when you use our services.

1. Data Controller
Erabill, based in Cyprus, acts as the Data Controller for the personal information you provide to us. We are responsible for ensuring that your data is collected and processed in compliance with GDPR regulations.

2. Personal Data We Collect
We may collect and process the following personal data:

• Contact Information: such as your name, email address, phone number, and company details.
• Payment and Transaction Data: when using our services, we may collect data related to your financial transactions.
• Technical Data: such as IP address, browser type, and cookies (as described in our Cookie Policy).
• Usage Data: including information on how you interact with our website and services.

We do not collect any special categories of personal data unless explicitly required for the services we provide and with your consent.

3. How We Use Your Personal Data
Erabill processes your personal data for the following purposes:

• Providing Services: to offer our payment processing solutions and related services to you.
• Communication: to respond to your inquiries, provide customer support, and notify you about updates to our services.
• Compliance: to comply with legal obligations, including anti-fraud measures and regulatory requirements.
• Marketing: to send you information about our services, promotions, or events, where we have your consent.

4. Legal Basis for Processing
Under GDPR, we process your personal data based on the following legal grounds:

• Performance of a Contract: to provide the services you request.
• Legitimate Interest: to improve our services, maintain security, and prevent fraud.
• Legal Obligation: to comply with regulatory and legal requirements.
• Consent: where required, for marketing communications or other specific purposes, which you may withdraw at any time.

5. Data Sharing and Disclosure
We may share your personal data with third parties in the following cases:

• Service Providers: we may share your data with trusted third parties who assist in delivering our services (e.g., payment processors or IT service providers).
• Legal Compliance: we may disclose your data if required to do so by law or in response to a valid request from regulatory authorities.
• Business Transfers: in the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the business transaction.

We ensure that any third parties we work with respect the confidentiality of your personal data and comply with applicable GDPR regulations.

6. Data Retention
We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Once the data is no longer needed, we will securely delete or anonymize it.

7. Your Rights Under GDPR
Under GDPR, you have the following rights concerning your personal data:

• Right of Access: You can request access to the personal data we hold about you.
• Right to Rectification: You can request correction of inaccurate or incomplete personal data.
• Right to Erasure: You can request the deletion of your personal data when it is no longer needed or processed unlawfully.
• Right to Restrict Processing: You can request that we restrict the processing of your personal data in certain situations.
• Right to Data Portability: You can request a copy of your data in a structured, machine-readable format.
• Right to Object: You can object to the processing of your personal data for direct marketing purposes or based on legitimate interest.
• Right to Withdraw Consent: If we process your data based on your consent, you may withdraw it at any time.

To exercise any of these rights, please contact us using the details provided below. We will respond to your request in accordance with GDPR guidelines.

8. Data Security
We take the security of your personal data seriously. Erabill uses appropriate technical and organizational measures to protect your data from unauthorized access, loss, or damage. However, no system can guarantee 100% security, and you should take steps to protect your data while using the internet.

9. Cross-Border Data Transfers
Erabill operates globally, and your personal data may be transferred outside the European Economic Area (EEA). If we transfer your data to countries outside the EEA, we will ensure that appropriate safeguards are in place to protect your privacy, in line with GDPR requirements.

10. Complaints
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in your country or with the Office of the Commissioner for Personal Data Protection in Cyprus.

11. Contact Us
If you have any questions about this GDPR Privacy Policy or wish to exercise your rights, please contact us at:

• Email: info@erabill.com
• Phone: +357 99 767 944

We are committed to addressing any concerns you may have regarding your personal data.