Skip to content
what's in cyprus.
← whatsincyprus.com Privacy

Plain-English

Privacy
policy.

What we collect, how we use it, and how to ask us to delete it. Written plainly because that's the only way a privacy policy is actually useful.

Last updated May 2026

Summary

The short version:

  • We collect minimal data — page-view analytics, newsletter signups if you give us your email, and form submissions when you write to us.
  • We use privacy-friendly analytics (Cloudflare Web Analytics or similar) that don't use tracking cookies.
  • We share your data only when legally required, or when you ask us to introduce you to an advisor.
  • You can ask us to delete everything we have on you at any time.

What we collect

Automatically, when you visit

When you load any page on this site, our analytics receive:

  • The URL you visited and the page you came from (referrer)
  • Approximate location based on IP (city level, not stored)
  • Browser and device type (Chrome on macOS, Safari on iPhone, etc.)
  • Whether you're a new or returning visitor

This data is aggregated and anonymised. We don't track individual users; we look at patterns across the audience.

When you actively give it

If you submit our contact form, sign up to the newsletter, or request an advisor introduction, we receive:

  • Your email address (and name if provided)
  • The content of your message
  • Time and date of submission

Cookies & analytics

We use minimal cookies. Specifically:

  • Essential cookies — none required for browsing; if you submit a form, a short-lived session token may be set.
  • Analytics — we use a privacy-friendly analytics provider (Cloudflare Web Analytics, or Plausible if we transition) which doesn't set tracking cookies and doesn't collect personally-identifiable information.
  • Affiliate tracking — when you click an outbound affiliate link (to GetYourGuide, Booking.com, etc.), those third parties set cookies on their domains as part of their referral attribution. We don't control those cookies; they're governed by the third party's privacy policy.

We do not run advertising-network tracking pixels. We do not run Facebook Pixel, Google Ads remarketing, or similar persistent identifier-based advertising tracking.

Newsletter

If you subscribe to our Sunday newsletter, we store:

  • Your email address
  • The date of subscription
  • Engagement metrics (whether you opened recent issues, clicked links)

We use a standard email service provider (Buttondown or similar) to deliver the newsletter. Their privacy policy applies to the storage and delivery layer; we control what data is sent to them.

You can unsubscribe at any time using the link at the bottom of every newsletter. Unsubscribed addresses are removed from our active list within 7 days; we retain a hash of the address for 30 days to honour the unsubscribe (so we don't accidentally re-subscribe you).

Affiliate tracking

When you click an affiliate link from our site (most commonly tour bookings, hotel bookings, restaurant reservations):

  • The third party (e.g., GetYourGuide) sets a cookie on their domain associating your visit with our referral code.
  • If you book something on that third party's site within their cookie window (typically 30 days), they pay us a small commission.
  • We don't see your specific booking, your name, or your payment details. We see only aggregated reports of "X bookings completed from Y referrals."

The price you pay is identical to going to the affiliate's site directly.

Who we share data with

We don't sell or trade your data. We share information only in these specific cases:

  • Service providers we use to operate the site — our hosting (Cloudflare Pages), analytics (Cloudflare Web Analytics), newsletter delivery, contact form processor. These providers have GDPR-compliant data processing agreements and use the data only to provide their service.
  • Advisor introductions — if you request an advisor introduction through our relocation desk, we share your name, email, country of origin, and the brief context of your request with the specific advisor we introduce you to. We share with one advisor at a time, with your knowledge.
  • Legal requirements — we comply with valid legal requests (court orders, regulatory enquiries) under Cyprus and EU law.

Your rights under GDPR and Cypriot law

You have specific rights regarding personal data we hold about you:

  • Right to access — request a copy of all data we hold about you
  • Right to correction — ask us to fix anything inaccurate
  • Right to deletion — ask us to delete everything (limited only by legal retention requirements)
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — to specific uses of your data
  • Right to lodge a complaint — with the Office of the Commissioner for Personal Data Protection in Cyprus

To exercise any of these rights, write to info@whatsincyprus.com. We respond within 30 days as required by GDPR.

Contact us about privacy

For any privacy-related question, request, or concern:

info@whatsincyprus.com

To complain to the supervisory authority:

Office of the Commissioner for Personal Data Protection
Iasonos 1, 1082 Nicosia, Cyprus
dataprotection.gov.cy

Updates to this policy

If we materially change how we handle data, we update this page and date the change at the top. We don't send notifications for purely textual revisions; we do notify newsletter subscribers if material change affects them.