Πολιτική Απορρήτου.

How Ermisway collects, uses, and protects your personal data

Innotevia Limited, trading as Ermisway

Last updated: 25/03/2026

This Privacy Policy explains how Innotevia Limited, trading as Ermisway (“Ermisway“, “we“, “us“, or “our“), collects, uses, stores, shares, and protects personal data when you visit or use the Ermisway website, platform, and related services.

Ermisway is based in the Republic of Cyprus and offers services in Cyprus and Greece. We process personal data in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

Contents

1. Who We Are

The data controller responsible for your personal data is:

CompanyInnotevia Limited
JurisdictionRepublic of Cyprus
E-mail[email protected]

2. Scope of This Privacy Policy

This Privacy Policy applies to personal data collected through the Ermisway website, platform, customer and vendor accounts, purchase and checkout processes, messaging tools, support channels, complaint or report submissions, AI chatbot interactions, and related communications.

Ermisway operates as an online marketplace platform connecting customers with independent vendors. This Privacy Policy applies to the personal data that Ermisway processes in connection with operating that platform.

It applies to:

  • website visitors;
  • customers who browse, purchase, or create an optional account;
  • vendors who register and create profiles on the platform;
  • users who contact us, submit a complaint or report, or otherwise interact with Ermisway through our communication channels.

3. Personal Data We Collect

3.1 Information you provide to us

We may collect personal data that you provide directly, including:

  • name;
  • email address;
  • telephone number;
  • billing and transaction-related details;
  • account registration details and login information;
  • order or purchase information;
  • vendor registration information and business/profile details;
  • content submitted to profiles, forms, messages, support requests, complaints, or reports;
  • communications sent to us or through the platform.

3.2 Information collected automatically

When you use Ermisway, we may automatically collect certain technical and usage information, including:

  • IP address;
  • browser type and version;
  • device type and operating system;
  • pages viewed and actions taken on the website;
  • date and time of visits;
  • referring URLs and website interaction data;
  • cookie and similar technology identifiers.

3.3 Vendor-related information

Vendors may provide additional information necessary for onboarding, account setup, profile creation, billing administration, promotion, and operation of their presence on the platform.

3.4 Customer-related information

Customers may make purchases as guests or through an optional registered account. We collect the information necessary to support those transactions, facilitate platform communications, provide support, and operate the platform.

4. How We Collect Personal Data

We collect personal data when:

  • you visit and browse the Ermisway website;
  • you create a customer or vendor account;
  • you place an order or make a purchase through the platform;
  • you complete vendor onboarding or create a vendor profile;
  • you contact us by email, form, support request, report, complaint, or chatbot;
  • you use the messaging system between customers and vendors;
  • you interact with cookies, analytics tools, pixels, and related technologies;
  • we receive information from service providers involved in payments or technical operations.

5. How We Use Personal Data

We use personal data for the following purposes:

  • to operate, maintain, and improve the Ermisway platform;
  • to create and manage customer and vendor accounts;
  • to facilitate purchases and related platform transactions;
  • to onboard vendors and manage vendor profiles;
  • to provide customer support and respond to enquiries;
  • to enable communication between customers and vendors;
  • to review relevant platform communications, complaints, reports, or submissions where necessary for dispute handling, fraud prevention, abuse prevention, policy enforcement, or legal compliance;
  • to send transactional, service-related, onboarding, and administrative communications;
  • to analyse usage and improve website performance and user experience;
  • to protect the platform, users, and business against fraud, misuse, security risks, and unlawful activity;
  • to comply with legal, accounting, tax, and regulatory obligations.

Under the GDPR, we process personal data only where we have a valid legal basis. Depending on the context, this may include:

  • Performance of a contract – where processing is necessary to provide our platform services, manage accounts, facilitate purchases, or support vendor participation on the platform;
  • Legal obligation – where processing is necessary to comply with applicable laws, regulations, tax rules, or lawful requests;
  • Legitimate interests – where processing is necessary to operate and improve the platform, secure our services, prevent fraud, handle disputes and complaints, review reports, and protect our legal interests;
  • Consent – where consent is required by law, including in certain cases involving cookies, tracking technologies, or optional communications.

Where processing is based on consent, you may withdraw your consent at any time.

7. Customer Accounts, Guest Purchases, and Vendor Profiles

7.1 Customer accounts and guest checkout

Customers may make purchases through Ermisway without creating an account where guest checkout is available. Customers may also choose to register an account for easier access to account-related features.

We process the data necessary to support platform transactions, provide support, maintain transaction-related records, and protect the platform from fraud or misuse.

7.2 Vendor accounts and profiles

Vendors are required to create accounts and profiles in order to use Ermisway’s vendor features. We process vendor information to manage onboarding, maintain vendor profiles, administer commercial arrangements, process subscription or promotion-related matters, and support the functioning of the platform.

7.3 Vendor CRM records

Ermisway currently stores vendor data only in its CRM system. Customer data is not stored there for CRM purposes.

8. Payments and Payment Providers

Payments on Ermisway are handled by third-party payment providers, including Ταινία. Vendors may also use or be onboarded through Stripe Connect Standard.

Payment card details and related financial information may be collected and processed directly by those payment providers, rather than by Ermisway itself. We may receive limited transaction, billing, account status, payout-related, and subscription-related information necessary for platform operation, payment administration, and record-keeping.

9. Customer–Vendor Messaging, Reports, and Dispute Review

Ermisway provides a messaging system that allows communication between customers and vendors. Messages exchanged through the platform may contain personal data.

Ermisway may also receive and process personal data submitted in reports, complaints, or dispute-related communications.

Ermisway may access, review, preserve, and use message content and related submissions where reasonably necessary for:

  • dispute resolution between customers and vendors;
  • fraud detection, prevention, or investigation;
  • abuse prevention and platform safety;
  • review of reports relating to listings, content, conduct, or suspected breaches of platform rules;
  • enforcement of our policies, terms, or legal rights;
  • compliance with legal obligations or lawful requests from authorities.

10. Marketing Communications and Social Media

We may send service-related and operational communications to users where necessary for platform use, account administration, transactions, onboarding, billing, support, or security.

Where permitted by law, we may also send communications relating to Ermisway services, vendor tools, promotions, updates, or other business-related information. Where consent is required, we will rely on consent.

Ermisway also maintains a presence on social media platforms such as Facebook και Ίνσταγκραμ. If you interact with our social media pages, your data may also be processed by the relevant platform in accordance with its own privacy policy.

11. Cookies and Tracking Technologies

Ermisway uses cookies and similar technologies, including tools related to analytics, tag management, advertising measurement, and consent management. We also use a consent management solution through Complianz.

Full details about the cookies and similar technologies used on Ermisway, including their purposes and how users can manage preferences, are provided in our separate Cookie Policy.

12. AI Chatbot and reCAPTCHA

12.1 AI chatbot

Ermisway uses an AI chatbot to assist users with support, navigation, and general enquiries. Information submitted through the chatbot may be processed in order to respond to requests, improve support quality, monitor misuse, and support platform operations.

12.2 reCAPTCHA

Ermisway uses reCAPTCHA or similar anti-abuse technologies to help protect forms, accounts, and platform functionality from spam, automated misuse, and fraudulent activity.

13. How We Share Personal Data

We may share personal data where necessary with:

  • payment service providers, including Stripe;
  • email and communications service providers;
  • hosting, website, analytics, tag management, chatbot, anti-spam, consent-management, and technical service providers;
  • CRM providers, in relation to vendor data;
  • vendors and customers where necessary to facilitate platform functions, communications, transactions, complaints, or dispute handling;
  • professional advisers, auditors, insurers, and legal advisers;
  • regulators, public authorities, courts, or law enforcement where required by law or reasonably necessary to protect legal rights, platform safety, or compliance interests.

We do not sell personal data in the ordinary commercial sense.

14. International Data Transfers

Some of our service providers may process personal data outside Cyprus or outside the European Economic Area (EEA). Where this occurs, we take reasonable steps to ensure that appropriate safeguards are in place in accordance with the GDPR.

15. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, including to provide our services, maintain records, resolve disputes, handle complaints or reports, prevent fraud, enforce agreements, and comply with legal, tax, accounting, and regulatory obligations.

16. Data Security

We take reasonable technical and organisational measures designed to protect personal data against unauthorised access, disclosure, alteration, loss, or destruction. However, no method of transmission over the internet or electronic storage can be guaranteed to be completely secure.

17. Your Rights Under GDPR

Subject to applicable law, you may have the following rights in relation to your personal data:

  • the right to access your personal data;
  • the right to request correction of inaccurate or incomplete data;
  • the right to request erasure in certain circumstances;
  • the right to request restriction of processing in certain circumstances;
  • the right to object to certain types of processing;
  • the right to data portability where applicable;
  • the right to withdraw consent where processing is based on consent;
  • the right to lodge a complaint with a competent supervisory authority.

To exercise your rights, please contact us at [email protected].

18. Children’s Privacy

Ermisway is not intended for children in breach of applicable law, and we do not knowingly collect personal data from children unlawfully. If you believe a child has provided personal data to us improperly, please contact us so we can review the matter.

Ermisway may contain links to third-party websites, platforms, or services. We are not responsible for the privacy practices of those third parties, and users should review their privacy policies separately.

20. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. Any changes will be posted on this page and the “Last updated” date will be revised accordingly.

21. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:

CompanyInnotevia Limited, trading as Ermisway
JurisdictionRepublic of Cyprus
E-mail[email protected]
Last updated: 25/03/2026  |  This policy is governed by the laws of the Republic of Cyprus.  |  Innotevia Limited, trading as Ermisway.