PRIVACY AND DATA PROTECTION POLICY
The Company has prepared this Policy in order to provide information to our past, current and potential customers, associates, employees, website users and in general any individual for whom we require personal information in order to provide and/or promote our services. This Policy provides you with the necessary information regarding your rights and obligations, and explains how, why and when we collect and process your personal data. Your privacy is important to us and we are committed to protecting and safeguarding your personal data and rights.
If you have any questions regarding this Policy or any request regarding personal data please contact us either by post at P.O.Box 30021, 5340 Ayia Napa, Cyprus, or by email at email@example.com.
Who we are
We are a boutique Administrative Service Provider licensed and regulated by the Cyprus Securities and Exchange Commission (CySEC) with licence number 32/196 offering an extensive range of corporate and fiduciary services for companies who wish to operate in Cyprus and other jurisdictions. The Company is incorporated and registered under the laws of the Republic of Cyprus with registration number HE 117929. Its registered address and main office is located at 1 Yuri Gagarin Street, 5330 Ayia Napa, Cyprus.
Your Legal Protection
Subject to the provisions of the GDPR, you have certain rights regarding your personal data that we collect, process or disclose including the right:
- To receive access to your personal data (right to access).
- To rectify inaccurate personal data concerning you (right to data rectification).
- To request deletion/ erasure of your personal data (right to erasure/deletion and/or right to be forgotten).
- To receive the personal data provided by you in a structured, commonly used and machine-readable format and to transmit it to another data controller (right to data portability).
- To object to the use of your personal data where such use is based on our legitimate interests or on public interests (right to object).
- In some cases to request the restriction of processing your personal data (right to restriction of processing).
- To withdraw the consent that you might have given us regarding the processing of your personal data at any time. Please note that any withdrawal of consent will not affect the lawfulness of processing based on consent before it was withdrawn.
If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the relevant request. This is to ensure that your data is protected and kept secure. Please note, however, that we might be unable to comply with your request based on other lawful grounds, such as AML (anti-money laundering) legislation.
To exercise any of the above rights or for any questions regarding how we process your personal data please contact us either by post at P.O.Box 30021, 5340 Ayia Napa, Cyprus, or by email at firstname.lastname@example.org
Types of personal data processed by the Company
We collect and use several types of information, including information by which an individual may be personally identified and thus defined as personal data under the applicable law, concerning past, current and potential customers, associates, employees, website users and in general any individual for whom we require personal information in order to provide and/or to promote our services. Such personal data includes, but is not limited to, your first and last name, gender, marital status, address, contact details (e.g. telephone and email), identification data (e.g. passport, ID and your signature), date and place of birth, employment status, curriculum vitae, taxation and other related financial details and information, reference letters, information whether you hold or held a prominent public functions, correspondence (e.g. letters and emails) and any other personal information that you choose to provide us with.
How, why and when we collect and process your personal data?
Your personal data might be collected directly from you but also from third parties, such as representatives, agents and intermediaries, and publicly available sources.
We collect and process your personal data:
- For the purposes of establishing a business relationship with you in order to provide our services and products.
- Because it might be necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract.
- To manage and to provide you with the requested services and/or products.
- Because it is, or it might be, necessary for compliance with a legal obligation to which we are subject, including but not limited to, domestic and European Union laws and directives related to Money Laundering and Terrorist Financing.
- Because you have freely given us your consent to process your personal data.
- Because it might be necessary in order to protect your vital interests or of another individual.
- For the purposes of legitimate interests pursued by us except where such interests are overridden by your fundamental rights and freedoms which require protection of your personal data.
- To provide you with information about our services and products and/or with news which we have reasons to believe that you are interested in.
- For any other purpose we may describe when you provide the information.
Disclosure of Personal Data
In the course of performing our business we may disclose your personal data to our employees in various departments within our Company and/or to our affiliated companies and their employees and/or to our authorized service providers and their employees to whom we may have delegated part of the services that you have requested from us.
Furthermore, under certain circumstances, the following third parties may also be the recipients of your personal data:
- Supervisory and other regulatory and public authorities, whereby a statutory obligation exists.
- Credit and financial institutions, lawyers, accountants and any other third party provided that you have specifically instructed us to do so and/or have given us your consent.
- Any third party according to a court order.
Your personal data will be stored and processed in Cyprus and/or in the countries in which our online storage services are located for a period that will not exceed 5 years from the date of termination/completion of the purposes for which it was collected. Please note that personal data processed for the purposes of sending newsletters shall be kept with us until you notify us that you no longer wish your personal data to be used for this purpose
Notwithstanding the above, the above-mentioned period may be extended in certain cases to pursue our legitimate interests, to enable us to use the data for defending potential legal claims or to comply with Anti-Money Laundering, Anti-Bribery/Corruption and Tax laws and regulations.
In an effort to minimize the non-public personal data we collect which may identify you, we anonymize the data in the cases where it is no longer necessary to identify you from the data we hold.
We implement every reasonable measure and precaution to ensure the security of your personal data and to protect it from unauthorized access, loss, theft, copying, unauthorized disclosure, alteration or destruction. Such measures include the training of our staff to comply with the GDPR, password enabled computer terminals, storing data on secure servers and physical security of our premises.
No error performance
We do not guarantee error-free performance under this Policy. We will use all reasonable efforts to comply with this Policy and will take immediate rectification actions when we identify any breach, nevertheless, we shall not be liable for any incidental, consequential or punitive damages relating to a breach of this Policy.
We reserve the right to modify or update the contents of this Policy from time to time, therefore, please visit our website periodically to be updated about any changes.
We only process your personal data in compliance with this Policy and in accordance with the relevant data protection laws. If, however you wish to raise a complaint regarding the processing of your personal data or are unsatisfied with how we have handled your information, please contact us either by post at P.O.Box 30021, 5340 Ayia Napa, Cyprus, or by email at email@example.com.
Complaints may also be lodged with the supervisory authority in Cyprus by post at “Office of the Commissioner for Personal Data Protection, 1 Iasonos Street, 1082 Nicosia, Cyprus”. For more information, please visit their website (www.dataprotection.gov.cy).