Privacy Policy

The Cyprus Society of Vascular and Endovascular Surgery (CSVES / ΚΕΑΕΧ) is a scientific non-profit society registered in Nicosia, Cyprus. We operate this website at csves.org to serve our members and the wider public.

Data Controller: Cyprus Society of Vascular and Endovascular Surgery (ΚΕΑΕΧ), Nicosia, Cyprus. Contact: info@csves.org

Member Registration Data — When you apply for membership or create an account we collect your full name, email address, medical specialty and qualifications, hospital affiliation, and payment information.

Usage Data — We may collect information about how you interact with the website, including pages visited, download history for exclusive resources, and session metadata.

Contact & Form Submissions — When you submit the contact form, newsletter subscription, or any other web form we collect the information you provide.

Cookies — We use essential cookies required for site functionality (session management, language preferences). We do not use advertising or tracking cookies.

Membership administration — processing applications, managing membership status and subscription renewals.

Exclusive resources access — verifying active membership and granting access to members-only documents.

Communications — sending newsletters, event announcements, and official Society communications to members who have opted in.

Legal obligations — maintaining records as required under Cypriot law and EU regulations.

Legitimate interests — improving website functionality, ensuring site security, and preventing fraud.

Contract performance — processing necessary to fulfil our membership obligations (Article 6(1)(b) GDPR).

Legitimate interests — security, fraud prevention, and improving our services (Article 6(1)(f) GDPR).

Consent — for optional communications such as newsletters (Article 6(1)(a) GDPR). You may withdraw consent at any time.

Legal obligation — where processing is required by applicable law (Article 6(1)(c) GDPR).

Active member data is retained for the duration of your membership and for a period of 5 years after termination, in accordance with Cypriot legal retention requirements.

Contact form and newsletter data is retained for up to 2 years or until you withdraw consent.

Payment records are retained for 7 years in accordance with tax and accounting obligations.

Server logs and usage data are retained for up to 12 months.

We do not sell, rent or share your personal data with third parties for marketing purposes.

We may share data with trusted service providers who assist us in operating this website (hosting, email delivery, payment processing) under strict data processing agreements.

We may disclose data where required by law, court order, or competent regulatory authority.

In the event of a merger or transfer of Society activities, member data may be transferred subject to appropriate safeguards.

We implement appropriate technical and organisational measures to protect your personal data, including encrypted connections (HTTPS), access controls, and regular security reviews.

Member documents and exclusive resources are stored in a private, access-controlled storage environment.

Despite our best efforts, no internet transmission is completely secure. In the event of a data breach affecting your rights, we will notify you as required under GDPR.

Right of access — you may request a copy of the personal data we hold about you.

Right to rectification — you may request correction of inaccurate or incomplete data.

Right to erasure — you may request deletion of your data in certain circumstances ('right to be forgotten').

Right to restrict processing — you may request that we limit how we use your data.

Right to data portability — you may request your data in a structured, machine-readable format.

Right to object — you may object to processing based on legitimate interests or for direct marketing.

Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at info@csves.org. We will respond within 30 days.

We use only strictly necessary cookies required for the website to function correctly: session authentication tokens, language preference settings, and security tokens.

We do not use third-party advertising cookies, social media tracking pixels, or analytics cookies that identify individual users.

You can control cookies through your browser settings. Disabling essential cookies may affect site functionality.

Our website may contain links to external websites such as the European Society for Vascular Surgery (ESVS), medical journals, or partner organisations. We are not responsible for the privacy practices of these external sites.

We may update this Privacy Policy from time to time. The 'Last updated' date at the top of this page will reflect any changes. For material changes, we will notify members by email.

If you have questions or concerns about how we process your data, contact us at info@csves.org.

You also have the right to lodge a complaint with the Cyprus Commissioner for Personal Data Protection: www.dataprotection.gov.cy