Privacy Policy

Last updated: 18 September 2025

This Policy describes the processing of personal data in accordance with Regulation (EU) 2016/679 (GDPR) and Cyprus Law 125(I)/2018.

1. Controller & DPO

Controller: LionAurora, Δάλι, 2540 Λευκωσία, Κύπρος, E-mail: info@lion-solution.com, Tel: +357 99803185.

Data Protection Officer (DPO): info@lion-solution.com (if applicable).

2. Categories of Data

  • Identity & contact details: full name, e-mail, phone, address.
  • Account data: login details, settings, activity logs.
  • Transaction data: charges, invoicing, payment details (via providers).
  • Communications data: SMS/e-mail (sending metadata).
  • Technical data: IP address, device, browser, cookies, analytics.
  • (Optional) Special categories (e.g., health) only if required, with explicit consent and enhanced security measures.

3. Purposes & Legal Bases (GDPR Arts. 6 & 9)

  • Service provision & contract performance (Art. 6(1)(b)).
  • Legitimate interest for security, abuse prevention, service improvement (Art. 6(1)(f)).
  • Legal obligation for accounting/tax requirements (Art. 6(1)(c)).
  • Consent for marketing, analytics/ads cookies, special categories (Arts. 6(1)(a), 9(2)(a)).

4. Transfers & Processors

We share data only where required, under binding DPAs with processors (e.g., hosting, SMS/e-mail, payments). Where transfers outside the EEA occur, we apply appropriate safeguards (SCCs) under GDPR Arts. 44–49.

5. Data Retention

We retain data only as long as necessary for processing purposes and legal obligations. Indicatively: account data for the life of the account; invoices up to 7–10 years (tax obligations).

6. Data Subject Rights (Arts. 12–23)

  • Access, rectification, erasure (right to be forgotten), restriction.
  • Objection, withdrawal of consent (at any time without retroactive effect).
  • Data portability.
  • No automated decision-making/profiling unless a lawful basis and safeguards exist.

Requests at info@lion-solution.com or to the DPO: info@lion-solution.com. We respond without undue delay.

7. Cookies & Similar Technologies

We use strictly necessary cookies for login functionality and optional cookies (analytics/ads) only with consent. You can change preferences via the banner/browser settings.

Example Cookie Categories
  • Strictly necessary (session, csrf)
  • Functionality (language, preferences)
  • Performance/Analytics (e.g., anonymous stats)
  • Advertising (remarketing – consent only)

8. Security

We apply technical and organizational measures (SSL/TLS, encryption in transit/at rest where feasible, role-based access, access controls, event logging, least privilege). We regularly test effectiveness (Art. 32).

9. Data Breaches

For breaches likely to risk rights/freedoms, we notify the supervisory authority within 72 hours (Art. 33) and, where required, data subjects (Art. 34).

10. Supervisory Authority

Competent authority: Office of the Commissioner for Personal Data Protection (Cyprus). You have the right to lodge a complaint.

11. Children

Services are for individuals ≥16 years old or with parental consent where required (Art. 8 GDPR).

12. Policy Changes

We may update this Policy. Continued use after changes constitutes acceptance of the updated version.

Contact

Privacy e-mail: info@lion-solution.com · DPO: info@lion-solution.com