top of page

Privacy Policy

Privacy Policy for SeaWorld Diving Adventures

Legal Disclaimer
This document contains general guidance on data protection and privacy practices as required under GDPR and Cyprus law. It does not constitute legal advice. For full compliance — especially with respect to the nature of data you collect, data transfers, or specific local requirements — you should seek advice from a lawyer licensed in Cyprus.

Introduction & Scope
SeaWorld Diving Adventures respects your privacy and is committed to protecting the personal data of visitors and customers. This Privacy Policy applies to all personal data collected or processed when you use our website, book diving adventures, subscribe to newsletters, contact us, or otherwise interact with our services.

By using our website or services, you consent to the practices described in this Privacy Policy.

1. Legal Framework

We follow the data protection principles set out by GDPR and by Cyprus law 125(I)/2018. dataprotection.gov.cy+2Business In Cyprus+2
We will process personal data only for specified, explicit and legitimate purposes, and we will ensure that data collection is limited to what is strictly necessary. beautifulvillages.com.cy+2paraschou.com.cy+2

2. What Data We Collect & How

We may collect from you the following types of personal data when relevant to your interaction with us:

  • Identity and contact information — name, email address, phone number, postal address (if needed for bookings or communications).

  • Booking–related data — information necessary to organize diving trips, process payments, schedule services, etc.

  • Website / technical data — IP address, browser type, device type, cookies or analytics data, usage data, time zone, and other technical/usage information. (For example, when you browse our website, use contact forms, or interact with features.) This helps us to maintain and improve our website’s functionality and security. paraschou.com.cy+1

  • Communications / correspondence data — when you contact us (questions, feedback, bookings), we may store the content of that communication.

We do not — or will not — collect any “special categories” of sensitive personal data (e.g. race/ethnicity, health data, religious beliefs, etc.), unless you explicitly provide such data and we have distinct legal justification. paraschou.com.cy+1

3. Legal Bases for Processing

We process your personal data only when at least one of the following lawful bases applies:

  • You have given your explicit, informed consent. csrcyprus.org.cy+1

  • Processing is necessary to perform a contract (e.g. to fulfill a diving booking, reservation or associated services). Business In Cyprus+1

  • Processing is necessary for compliance with a legal obligation to which we are subject. Business In Cyprus+1

  • Processing is necessary for our legitimate interests — for example, improving our website, ensuring security of payment, preventing fraud, improving our services — provided those interests do not override your fundamental rights. paraschou.com.cy+1

We will always inform you — at or before the time of data collection — of the purposes for which your data is processed.

4. Purpose Limitation & Data Minimization

We collect and process only the personal data that is necessary and relevant for the purposes described above (e.g. booking, communication, website operation). beautifulvillages.com.cy+1

We will not retain your data longer than necessary. Once the data is no longer needed for its original purpose (for example, after a booking is completed and any legal or accounting obligations are fulfilled), we will securely delete or anonymize it — unless retention is required by law. Arkki Cyprus+1

5. Data Sharing & Third Parties

We do not sell your personal data. We may share necessary information with trusted third‑party service providers (e.g. payment processors, travel/dive partners, maybe third‑party software providers or analytics services) to the extent required to deliver our services.

Any such third party will be contractually obligated to implement appropriate data security measures and to process your data only for the purposes we specify — in compliance with GDPR and Cyprus law.

If data are transferred to entities outside the EU/EEA (e.g. international partners), we will ensure that such transfers are lawful — either because the destination country ensures adequate data protection or because we implement adequate safeguards (e.g. standard contractual clauses). European University Cyprus+1

6. Your Rights as a Data Subject

Under GDPR / Cyprus law, you have several rights with respect to your personal data that we hold: csrcyprus.org.cy+2Central Bank of Cyprus+2

  • Right to access your personal data — you may request to see what data we hold about you. cyi.ac.cy+1

  • Right to rectify inaccurate or incomplete data. cyi.ac.cy+1

  • Right to delete (erase) your data — when there is no longer a lawful basis to retain it. cyi.ac.cy+1

  • Right to restrict / limit processing, or to object to processing — in certain circumstances (e.g. direct marketing, or where processing is based on legitimate interests and you oppose that). csrcyprus.org.cy+1

  • Right to data portability — where applicable (i.e. receive your data in a structured, commonly used and machine‑readable format). csrcyprus.org.cy+1

  • If processing is based on consent — the right to withdraw consent at any time. csrcyprus.org.cy+1

If you wish to exercise any of these rights, please contact us (see “Contact Information” below).

7. Minors

We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that we collected such data, we will delete it without undue delay.

8. Data Security & Protection Measures

We commit to apply appropriate technical and organizational measures to secure your personal data and protect it against unauthorized access, disclosure, loss or destruction. For example: restricted access to data, encrypted transmission where appropriate, secure storage, access controls, confidentiality obligations for staff and third‑party processors. csrcyprus.org.cy+1

9. Data Retention / Storage Period

We will retain personal data only for as long as necessary to fulfil the purposes for which it was collected (e.g. to complete bookings, handle customer service, maintain records for accounting, legal compliance). When data are no longer needed, we will securely delete or anonymize them. Arkki Cyprus+1

If there is a legal or regulatory requirement (e.g. for tax records, accounting, safety regulations), we will retain data for as long as required by applicable laws.

10. Changes to This Policy

We reserve the right to modify or update this Privacy Policy from time to time, in order to reflect changes in legal requirements (e.g. GDPR or Cyprus law), our business practices, or the services we offer. We will publish the updated policy on our website, and — where appropriate — notify users when significant changes occur.

11. Contact / Supervisory Authority

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:

SeaWorld Diving Adventures — [contact email / postal address]

If you believe that we have not complied with data protection laws, you also have the right to lodge a complaint with the national supervisory authority: the Commissioner for the Protection of Personal Data in Cyprus. Business In Cyprus+1

bottom of page