Privacy Policy

Our website

This policy is applicable to our website www.cola.com. Please read it carefully because they form a legal agreement between you and us in relation to access and use of our website, together with other policies and terms available at our website.

Application of this policy

This policy regulates the processing of your Personal Data by us. You are not permitted to use our website (including applications) if you do not accept this policy. 

What is Personal Data

Personal Data is any information that may enable direct or indirect identification of you, e.g. name, surname, address, email, gender, financial data etc. Protecting your Personal Data is one of our mail priorities.

Who controls and processes your Personal Data

We control and process your Personal Data in accordance with the applicable laws and our policies.

How do we get Personal Data

We receive your Personal Data in the course of use of our website (including applications), when you contact us with any inquiries by any means of communication, as well as by ourselves from the independent sources.

Categories of Personal Data

Data provided by you during the creation of the account. 

Website (including applications) activity data. For example: device data, source and destination data, account username and password, transactions, online payments data, data provided to customer services (e.g., chats, emails and phone calls).

Data that may be provided by government authorities or authorized third parties for us to deliver our services, fulfill the regulatory obligations and exercise our legal rights.

Data collected via cookies when using the website, including in log-out mode.

Data provided by third parties who have already obtained your permission to share the data with us for certain services e.g. social media or various mobile applications (where applicable).

How we use Personal Data

To administer the website (including applications), setting up and operating your account.

To ensure the accuracy of your data for the purposes of age verification, preventing fraud and money laundering, reducing business risks. 

To deliver the respective services.

To process online payments with third party payment providers and/or financial institutions.

To provide you with customer support by any means of communication. The conversations with you may be recorded for security reasons, due to regulatory obligations and to enhance our services.

To comply with laws, regulatory obligations or respond requests from government authorities. These are mainly set in financial and anti-money laundering laws. 

To improve the security, services and features provided by our website (including applications). This may include research, surveys, ask for your optional feedbacks and internal trainings.

Subject to your optional consent, to provide customized marketing communications fitting your interests and expectations. These are based on registration and activity data.

Legal basis to process Personal Data

Provision of services to you through our website (including applications).

Adherence to the mandatory legal requirements imposed on us.

Protection of our legitimate interests, e.g. business risk management and protection of our products integrity.

Provision of additional information services to you upon your request and consent.

Personal Data retention period

Personal Data related to the functionality of our website (including applications) shall be retained until the termination of our services provided to you.

Personal Data related to our legal obligations and protection of our legitimate interests shall be retained for the maximum period permitted by the law.

Personal Data security

We process the data with partially or fully automated electronic means and protect them with adequate security measures. The activities that may produce significant legal effects, such as decisions based on profiling, involve always a human intervention and/or final decision. We use appropriate legal, administrative, technical, personnel and physical measures to safeguard the data against loss, theft and unauthorized use, disclosure or modification.

Is Personal Data transferred abroad

Generally, we do not transfer Personal Data outside EEA and countries that provide adequate level of Personal Data protection in accordance with the decision of the European Commission.

If we will need to transfer Personal Data outside the aforesaid territories, we will ensure the appropriate safeguards are in place, in particular by implementing the standard clauses adopted by the European Commission.

Cookies

Cookies are small files downloaded on your device and saved in your browser when you visit a website. Cookies may contain your Personal Data. Please note that we use cookies on our website.

What types of cookies do we use?

Mandatory cookies. These cookies are essential and enable basic functionality of the website. Such cookies may not be switched off. Please note that such cookies do not gather any marketing information.

  • Analytics cookies. These cookies are necessary to understand your browsing activities (how you use the website) and make improvements, if necessary.
  • Functional cookies. These cookies are necessary to enhance your browsing experience and ensure personalized functionality.
  • Marketing cookies. These cookies are used to analyze your preferences while browsing and offer you tailor-made solutions that fit your needs. The information gained through these cookies may be used for the marketing campaigns.

Please note that all cookies may be deleted from your device. Further, the cookies may be disabled, however you should note that the website may function incorrectly or not function at all.

Security of cookies

The cookies use plain text formats. They are made up of code pieces so they cannot be executed and they cannot auto-run, therefore, they cannot be duplicated or replicated on other networks in order to be run or replicated again.

Cookies that have been set in the past

If you have disabled one or more Analytics Cookies, we may still use information collected from cookies prior to your disabled preference being set, however, we will stop using the disabled cookie to collect any further information.

How to control and delete cookies through the browser

It is possible to enable, disable or delete Analytics Cookies at browser level. You can follow the instructions provided by your browser. Disabling a cookie or category of cookie does not automatically delete the cookie from your browser, therefore you will need to do this by yourself. 

Contacting us regarding the Personal Data

We have a designated email address for the inquiries related to your Personal Data – personaldata@cola.com. Your requests shall be handled within one month of receipt. This may be extended by two further months based on the complexity and number of the requests.

Policy updates

We may update this policy from time to time in the course of business development or due to legal and regulatory changes. You will be notified in advance in case of significant changes.