When and how we share Personal Data and locations of processing
Personal Data collected and processed by us will not be sold, leased or rented to any person. We may however share your Personal Data with others, provided that we are legally permitted to do so. Appropriate contractual arrangements and security measures shall be applied in cases where your data is shared so as to protect your data and to maintain compliance with our data protection policy, confidentiality and security standards.
Personal Data held by us may be transferred to the following categories of recipients:
Third parties providing functionality services to us
Third parties are widely used by us for the purpose of providing support to us and to generally help us provide, run and manage our internal IT systems. This includes providers of information technology, cloud-based software, website hosting and management providers, data analysis, data back-up, security and storage services, payment providers including banking institutions. The servers powering and facilitating cloud infrastructure are located in secure data centres in Europe, and Personal Data may be stored in any one of them.
Further details of the majority of this category of service providers is included below. The below list is non-exhaustive:
|Name of Recipient /Purpose
|SOFT1 / Communication, document management
|IZIDOCS / Document storage and management, including a record of emails
|GOOGLE mail / Business applications, such as email, documents and calendar
Third party organisations that otherwise assist us in providing goods, services or information
This type of transfer may include or require transfers to countries outside the European Union and/or countries that do not comply to the standard of protection and safety of Personal Data provided by the GDPR. In such cases we shall take steps to ensure all Personal Data is provided to such parties with adequate protection and done lawfully in accordance with the requirements of the GDPR.
Auditors, insurers and professional advisers
Our auditors are Grant Thornton (Cyprus) Ltd. We have a number of business insurance policies in place and we may need to share Personal Data with the insurer, for example, in the event of a claim. We may use other professional advisers, for example, law firms, as necessary to establish, exercise or defend our legal rights and obtain advice in connection with business related operations. Personal Data may be shared with these advisers as necessary in connection with the products and services they have been engaged to provide.
Law enforcement agencies or other public authorities and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation
Occasionally, we may receive requests from law enforcement agencies, regulatory or other public authorities which relate to or require the disclosure of Personal Data and we may proceed with such disclosures in good faith where we deem such disclosure to be reasonably necessary in order to comply with a legal obligation, to detect, prevent, investigate or otherwise address security, alleged crime, fraud or technical issues, to protect our rights, the rights of our partners, employees or as required by law.
Employee personal data to clients / potential clients
Personal Data relating to employees may be transmitted to clients and or potential clients.
For the purposes of our engagement, we may be required to process Personal Data and such Personal Data may be included in our deliverables (e.g. in court documentation or due diligence reports).
Anonymised/ Pseudonymised Sharing
We are members to several legal and professional networks of legal firms. Anonymised or pseudonymised data regarding yourself may be transferred to such other legal or professional networks, or participant firms, in good faith, for statistical purposes.
Queries and Complaints
This does not interfere with your right to raise a complaint with the data protection supervisory authority:
Data Protection Commissioner
1 Iasonos street, 1082 Nicosia
P.O. Box 23378, 1682 Nicosia
Changes to Privacy Notice
This Privacy Notice was last updated in September 2018.