Privacy Policy
Effective Date: 2025-05-15
1. Scope And Applicability
This Privacy Policy (the "Policy") governs the processing of Personal Data collected through or in connection with the website (the "Site") and any related online services (collectively, the "Services"), which are owned and operated by CYTO FRANCE SAS, a société par actions simplifiée incorporated under the laws of France with its registered office in Paris ("CYTO," "we," "us," or "our").
BY ACCESSING OR USING THE SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO THE TERMS OF THIS POLICY.
2. Definitions
- "Personal Data" means any information relating to an identified or identifiable natural person, as defined under Regulation (EU) 2016/679 ("GDPR") and any other applicable data‑protection legislation (collectively, "Data Protection Laws").
- "Processing" means any operation performed on Personal Data, whether or not by automated means, including collection, storage, use, disclosure, or deletion.
- "Service Providers" means third‑party vendors who Process Personal Data on our behalf pursuant to written agreements containing data‑protection obligations no less stringent than those set out herein.
3. Categories Of Data Processed
3.1 Personal Data
- Identification Data: name and email address;
- Financial Data: payment card or bank details (collected and stored on our behalf by an authorized payment processor).
3.2 Non‑Personal Data
- Technical And Usage Data: web cookies, log files, browser type, device identifiers, timestamps, and TypeScript error logs.
We do not knowingly collect any data from children under the age of 13. If we become aware that such data has been inadvertently obtained, we will delete it without undue delay.
4. Purposes And Legal Bases For Processing
| # | Purpose | Legal Basis |
|---|---|---|
| 1 | Order Fulfilment & Account Administration | Art. 6(1)(b) GDPR – Contractual necessity |
| 2 | Payment Processing | Art. 6(1)(b) GDPR – Contractual necessity |
| 3 | Error Tracking, Security & Service Improvement | Art. 6(1)(f) GDPR – Legitimate interests (maintaining functionality and security) |
| 4 | Regulatory, Accounting, And Legal Compliance | Art. 6(1)(c) GDPR – Legal obligation |
Where consent is required by law, we will seek it separately and may rely on Art. 6(1)(a) GDPR as an additional legal basis.
5. Disclosures And International Transfers
We disclose Personal Data solely to:
- Service Providers that need such data to perform services for us (e.g., payment processing, cloud hosting, analytics). Each Service Provider is contractually bound to (i) Process Personal Data only on our documented instructions and (ii) implement appropriate technical and organisational measures.
- Competent Authorities when required to comply with subpoenas, court orders, or other legal obligations.
Whenever Personal Data is transferred outside the European Economic Area, we ensure an adequate level of protection through the use of (i) an adequacy decision by the European Commission, (ii) standard contractual clauses approved under Art. 46 GDPR, or (iii) any other transfer mechanism permitted by Data Protection Laws.
6. Data Retention
Personal Data is retained only for as long as is strictly necessary to fulfil the purposes outlined in this Policy, unless a longer retention period is mandated or permitted by law (e.g., tax or accounting regulations). Upon expiry of the applicable retention period, data will be securely deleted or anonymised.
7. Data Subject Rights
Subject to statutory limitations, you have the right to:
- Access your Personal Data and receive a copy;
- Rectify inaccurate or incomplete data;
- Erase your data ("right to be forgotten");
- Restrict processing;
- Object to processing carried out on the basis of legitimate interests;
- Data Portability to another controller; and
- Lodge A Complaint with a supervisory authority.
Requests may be submitted to . We will respond within the time frame required by applicable law.
8. Security Measures
We maintain appropriate administrative, technical, and physical safeguards designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
9. Cookies And Similar Technologies
We deploy cookies and similar technologies to:
- Authenticate users and maintain secure sessions;
- Remember language and other preferences;
- Compile aggregated statistics for performance analytics.
You may disable cookies via your browser settings; however, certain features of the Site may become unavailable.
10. Children's Privacy
The Services are not directed to children and we do not knowingly Process Personal Data of individuals under 13 years of age.
11. Amendments
CYTO reserves the right to amend this Policy at any time. Material changes will be communicated via email and reflected by an updated "Effective Date." Continued use of the Services after such amendments constitutes acceptance of the revised Policy.
12. Contact
For any questions regarding this Policy or CYTO's data‑protection practices, please write to or by postal mail to CYTO FRANCE SAS, 60 rue François 1er, 75008 Paris, France.
Start automating with CYTO
Automate your finances and grow your business in Angola. Get started with CYTO and launch your digital operations in no time.