Latest Update: September 2025
1. Privacy Policy Scope
The company named “NOPOINT LIMITED”, based at Nicosia, Cyprus, Kyriakou Matsi 56, 2368, (hereinafter as “Company”) through this Policy, aims to inform the users of this application (hereinafter as “Alerta”) regarding their personal data. The Company collects and processes user`s personal data, with absolute transparency, for certain legal purposes and in accordance with the applicable data protection legislation.
2. Definitions
For the purposes of this Policy, the following terms have the following meaning:
“Applicable legislation”:The national and EU data protection legislation, and particularly the General Data Protection Regulation (EU) 2016/679, as well as the Decisions, Guidelines and Opinions of the supervisory authority (Data Protection Authority).
“Personal Data”:Any information relating to an identified or identifiable natural person (‘data subject`); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing”:Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Data Controller”:The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
“Data Subject”:An identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. The users of Alerta are data subjects.
3. Collecting and Processing User`s personal data
| Purpose | Personal Data | Legal Basis |
|---|---|---|
| Purchase of subscription via app store & play store | Name, surname, country calling code, phone number, duration and price of subscription (per month/per year), receipt, transaction date, payment method (Credit/Debit Card, bank account deposit). | Article 6 para. 1(b) GDPR: Necessary for contract performance. Article 6 para. 1(c) GDPR: Necessary to comply with a legal obligation. |
| Submitting details to create a user profile | For the user: Name, surname, country calling code, phone number, language, timestamp. For each emergency contact: Name, surname, phone number, photo (optional) |
Article 6 para. 1(b) GDPR: Necessary for contract performance. |
| Sending an alert SMS to the user’s emergency contacts in case of danger | For the user: Name, surname, country calling code, phone number, language, timestamp of alert, geolocation data (optional). For each emergency contact: Name, surname, phone number, photo (optional) |
Article 6 para. 1(a) GDPR: User consent when triggering alert actions. Geolocation data: Explicit consent when creating a profile (can be withdrawn anytime). |
| History Register | For the user: Name, surname, country calling code, phone number, language, timestamp. For each emergency contact: phone number. For alerts: timestamp, Police/Ambulance called, SMS sent. |
Article 6 para. 1(f) GDPR: Legitimate interest of the Company to inform users about recorded actions. |
4. Data Retention Period
Your personal data is retained for a limited period depending on the purpose of the processing, after which it is deleted. When required by law, data is kept as long as legal obligations impose. Where processing is based on consent, data is kept until consent is withdrawn.
5. Data Security
The Company takes technical and organizational measures to protect your personal data, considering risks and current technology. No method is completely secure, but the Company applies security measures to protect your data.
6. Recipients
Company staff and administrative officers may access your data for the purposes described above. Data may also be shared with trusted third-party processors (e.g., cloud or app hosting providers).
| Recipient | Contact Details | Scope | Legal Terms |
|---|---|---|---|
| Encodica | https://encodica.com/ info@encodica.com +30 210 9578470 |
Technical support for the Alerta app | Privacy Policy Terms of Use |
| Firebase | https://firebase.google.com | Storing the user’s data in the cloud | Privacy Policy Terms of Use |
| Twilio | https://twilio.com privacy@twilio.com |
Sending SMS messages to users’ emergency contacts | Privacy Policy Terms of Use |
7. International Data Transfers
Your personal data is generally not transferred outside the EU/EEA. If such transfer occurs, the Company ensures GDPR-compliant safeguards.
| Recipient | Country | Safeguards for Data Transfers |
|---|---|---|
| Firebase | United States | EU-U.S. Data Privacy Framework (EU-U.S. DPF) |
| Twilio | Ireland, United States | UK Adequacy Decision, EU-U.S. DPF, UK Extension, Swiss-U.S. DPF |
8. Minors Data
The Company does not intentionally collect personal data from minors under 18. Parents/guardians should contact us if minors have provided data to request deletion.
9. Your Data Protection Rights
As a user, you have the right to:
- Request information about your stored personal data and how it`s processed
- Request access to your personal data (copy for legality check)
- Rectify inaccuracies or update incomplete data
- Request erasure of personal data when no longer needed
- Restrict processing under certain conditions
- Object to processing, especially for marketing or profiling
- Receive your data in portable format or transfer it to another controller
- Withdraw previously given consent
- Not be subject to a decision based solely on automated processing
Contact:admin@alerta-app.net. We reply within one (1) month. If you believe your rights are violated, you can complain to the Data Protection Authority (DPA).
10. Privacy Policy Updates
The Company may revise this Policy to comply with legal obligations and improve services.
