Privacy Policy

01Who we are

EYI Consulting Limited (trading as "EYI", "we", "us", "our") is a company registered in Cyprus, operating a performance media-acquisition managed service for business clients. We act as a data controller for the personal information we collect about visitors to this website and prospective clients, and as a data processor for personal information that our clients route through our system as part of their campaigns.

Our contact details are at the end of this policy.

02What information we collect

From website visitors

Information you give us. When you contact us through the website (form, email, login portal), we collect what you provide — typically your name, email, company and the content of your message.
Information collected automatically. Standard server logs (IP address, browser, pages visited, timestamps) and, if you consent, cookies and similar technologies used for analytics.

From clients and prospective clients

Business contact details of the individuals we deal with at client companies.
Account, billing and reporting information needed to deliver the service.
Communications history (email, calls, meeting notes) related to the engagement.

Through the EYI system (in our role as processor)

When clients use our system to operate their advertising campaigns, the system processes campaign performance data — clicks, conversions, attribution signals and similar — that may include online identifiers. In these cases the client is the controller and we act on their documented instructions under a Data Processing Agreement.

03Why we use it (legal bases)

Contract. To negotiate, enter and perform service contracts with clients.
Legitimate interests. To respond to enquiries, secure our website, prevent fraud, develop the service and conduct B2B marketing of similar services to existing contacts.
Legal obligation. To comply with tax, accounting, anti-fraud and other applicable laws in Cyprus and the EU.
Consent. Where we ask for it — for example, optional analytics cookies or marketing emails to new contacts.

04Who we share it with

We do not sell personal information. We share it only with:

Service providers acting on our behalf (hosting, email, analytics, accounting, payment processing) under written contracts.
Clients, in the limited cases where reporting on a campaign legitimately includes information about individuals (typically aggregated or pseudonymised).
Authorities when required by law, court order or to protect legal rights.
Successors in the event of a corporate restructuring, sale or merger, subject to confidentiality obligations.

05International transfers

Some of our service providers are located outside the European Economic Area. Where this is the case, transfers are protected by appropriate safeguards under GDPR — typically the European Commission's Standard Contractual Clauses, or an adequacy decision where one exists.

06Your rights

Under GDPR you have the right to:

Access the personal information we hold about you.
Have inaccurate information corrected.
Have your information erased ("right to be forgotten"), subject to lawful exceptions.
Restrict or object to certain processing.
Receive your information in a portable format.
Withdraw consent at any time, where processing is based on consent.
Lodge a complaint with the Office of the Commissioner for Personal Data Protection in Cyprus, or your local data protection authority.

To exercise any of these rights, contact us using the details below. We respond within 30 days of a verified request.

07How long we keep it

We retain personal information for as long as needed to provide our services, comply with our legal obligations, and resolve disputes. Specifically:

Enquiry contacts — up to 24 months from last contact, unless converted to a client relationship.
Client records — for the duration of the engagement plus the retention periods required by Cypriot tax and accounting law (typically 6 years).
Server logs — typically 30 to 90 days.
Backups — rotated and overwritten on a defined cycle.

08Cookies

Our website uses a small number of cookies. Strictly necessary cookies (for example, to remember your cookie choices or to keep you signed in to the client portal) are set automatically. Analytics or marketing cookies, if any, are set only with your consent. You can review and change your choices at any time through the cookie banner.

09Security

We take appropriate technical and organisational measures to protect personal information, including access controls, encryption in transit, monitored infrastructure and staff training. No system is perfectly secure, but we work to keep yours safe and to notify you and the relevant authorities promptly if a breach occurs.

10Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top of the page shows when the current version took effect. Material changes will be notified to clients directly; for website visitors, a notice will appear on this page.

11Contact us

Data Controller

Entity EYI Consulting Limited

Address Cyprus

Email info@eyiholdings.com

For data protection enquiries, please put "Privacy" in the subject line so we can route your message correctly.

Not legal advice. This policy is provided as part of our website and reflects our current practices. It does not constitute legal advice for you. If you are a client incorporating our service into your own operations, please consult your own counsel about your obligations.