• Home
  • Current: Data Protection Policy

Data Protection Policy

E. Hercules Boat & Spearfishing is committed to protecting privacy and handling of personal data in an open and transparent manner.

1. General

E. Hercules Boat & Spearfishing is committed to protecting your privacy and handling your personal data in an open and transparent manner. When we refer to “personal data” we mean data which identifies or may identify you and when we refer to “sensitive data” we mean details about your past or current physical or mental health status. When we refer to “processing” we mean the handling of your personal data by us, including collecting, protecting and storing your data.

This Statement describes how we collect and process your personal data, including sensitive data, and informs you about your rights in relation to the personal data you entrust to us. If you have any questions about this Statement or wish to obtain more details in relation to the personal data, we process about you please contact the Data Protection Manager, in writing, at 195 Franklin Roosevelt, 3048 Limassol, Cyprus or via email at: [email protected]

2. Who we are

E. Hercules Boat & Spearfishing is a company, registered in the Republic of Cyprus as a limited liability company having a registered office at Franklin Roosevelt 195, 3048 Limassol Cyprus and head office at 195 Franklin Roosevelt, 3048 Limassol, Cyprus.

3. How we collect your personal data

We obtain your data mainly through information you provide directly to us. For example, when you request a quotation or express an interest in a training course.

4. What personal data we collect

We may collect the following personal data from you depending on the product or service we provide to you:

  • Name, address, telephone number, email, fax number.
  • Identification or passport number, date of birth, gender, occupation.
  • Payment details.
  • Details of your visit to our website and your location.
  • Marketing preferences.

Additionally, we may collect sensitive data about your past and present physical or mental health including any injury or disability information and we may collect children’s data, provided that we have first obtained their parent’s or legal guardian’s consent. For the purposes of this Statement, “children” are individuals under the age of sixteen (16).

5. Why we need your personal data

We will only process your personal data under the following circumstances:

  • To perform the contract, we have entered with you or in order to take steps prior to entering into a contract with you. Processing is necessary to provide you with a quotation/costs.
  • To comply with a legal obligation that may impose on us necessary personal data processing activities for identity identification, compliance with court orders, tax law or other reporting obligations and anti-money laundering controls.
  • Where we have appropriate legitimate interests to use your personal data provided your interests and fundamental rights are not overridden by our interests, such as in order to maintain our accounts and records, enhance the security of our systems, identify, prevent and investigate fraud, safeguard the security of our people, premises and assets, improve our services/communications, defend, investigate or prosecute legal claims, receive professional advice, perform data analytics.
  • Where you have given us your consent in order to provide marketing information to you in relation to our products and services which we believe may be of interest and benefit to you. You may withdraw consent to such processing at any time.
  • To protect your vital interests or those of another person, such as where you or a third person is physically or legally incapable of giving consent and only provided that your life, or a third person’s life is in jeopardy.

We will only process your sensitive data under the following circumstances:

  • When we have your explicit consent to do so.
  • To protect your vital interests or those of a third party such as where you or a third person is physically or legally incapable of giving consent and only provided that your life or a third person’s life is in jeopardy.
  • Where necessary for the establishment, exercise or defence of legal claims which may be related to your activities with the Company and/or any claim submitted by you or a third person.
  • Where it is required for reasons of substantial public interest, such as for investigation fraudulent claims and carrying our fraud and anti-money laundering.
6. Automated Decision Making

When you wish to obtain a quotation or purchase through our website we will use systems to make automated decisions based on personal data you have provided us with. In such cases, you have the right to contact us to give you information about the processing of your personal data and/or request human intervention and challenge such a decision.

7. Who we share your personal data with

In the course of providing our services to you, we may share your personal data with various third parties, including service providers we have chosen to support us offering expertise, auditors and accountants, external legal consultants, records management companies, financial and business advisors, medical professionals, card payment processing companies, governmental regulatory bodies, our insurance brokers.

All recipients of your personal data are obligated to comply with the European data protection standards and to provide appropriate safeguards in relation to the transfer of our data in accordance with the EU General Data Protection Regulation (GDPR).

8. How long we keep your personal data

We will keep your personal data as long as we have a business relationship with you. Once our business relationship has ended, we may keep your personal data for a period of twelve (12) months from the date our business relationship ended. We may keep your data for longer if we cannot delete it for legal, regulatory or technical reasons. If we do, we will make sure that your privacy is protected.

9. Your data protection rights

You have the following rights in terms of the personal data we hold about you:

  • Access. You may request that we provide you with a copy of your personal data and to check that we are lawfully processing it.
  • Rectification. You may request that we correct any incomplete, inaccurate or out of date information we hold about you.
  • Erasure. You may request that we erase or remove your personal data where there is no good reason for us to continue processing it.
  • Object. Where we process your personal data on the basis of legitimate interest you can object to the processing on grounds relating to your particular situation unless we can demonstrate compelling legitimate grounds which override your right.

You also have the right to object where we are processing your personal data for direct marketing purposes. This also includes profiling because as it is related to direct marketing.

  • Restriction. You may request us to restrict processing if you feel your personal data is inaccurate, that we are processing it unlawfully, or that we no longer need it, or where you have exercised your right to Object.
  • Portability. You may request a copy of the personal data concerning you in a format that can be easily re-used or request the transfer of such data to other organisations.
  • Withdrawal of Consent. Where we process your personal data on the basis of consent, such as for the promotion of our products and services and/or process your sensitive data.

To exercise any of your rights please visit or contact our offices as detailed in Section 1.

10. Rights to complain

If you have exercised any or all of your data protection rights, or otherwise still feel that your concerns about use of your personal data have not been adequately addressed by us, you have the right to complain in writing to the address detailed in Section 1.

You also have the right to complain to the Office of the Commissioner for Personal Data Protection. You can visit their website to find out how to submit a complaint at www.dataprotection.gov.cy.

11. Changes to our Privacy Statement

We may modify or amend our Privacy Statement from time to time. For the latest version of our Privacy Statement you can request a copy, in writing, from the Data Protection Manager at 195 Franklin Roosevelt, 3048 Limassol, Cyprus or via email at: [email protected].



Revised: October 2024

*The reference to “personal data” means data which identifies or may identify a person or organisation and “sensitive data” means details about a person’s past or current physical or mental health status. Or, an organisation or business’ past or current status.

*Reference to “processing” means the handling of this personal data by the business, including collecting, protecting and storing your data.