PRIVACY POLICY

This Privacy Policy (“Policy”) provides information on how E. Ioannides & Associates LLC and its affiliated service companies (“EI-LAW”, “we”, “our”, “us”) collects, uses, stores and otherwise processes personal data when we interact with persons outside of EI-LAW who provide personal data to us either as users/recipients of our services, suppliers, potential employees or visitors to our website www.ei-law.com (“Website”).

The purpose of this Policy is to explain important information about the security of your data, legal bases and the purposes for which EI-LAW processes your personal data as a client, potential client, potential employee, visitor to our website or otherwise (“your”, “you”, “data subject”). We are committed to protecting your privacy pursuant to the EU General Data Protection Regulation (the “GDPR”) and other applicable laws and regulations including safeguarding all confidential information entrusted to us in accordance with regulation applicable to us.

This Policy may be amended or updated by us from time to time to comply with changes in the law, regulations or otherwise. All such amendments or updates will be posted on the Website and/or contained in other communications between us and/or in our terms of business and engagement. Please check back periodically to review any amendments or updates to our Policy.

  1. WHEN WE COLLECT PERSONAL DATA FROM YOU

We may obtain or collect personal data in various circumstances, such as the following:

 

  • when you provide it to us directly, or your organisation or business associates provide it us, in the context of seeking initial advice or services from us or otherwise as part of our business commencement procedures;

  • when you, your organisation or business associates provide it to us during the course of our relationship and/or provision of services by us (legal advice or other legal, corporate, administrative or other services); 

  • when you make an enquiry or otherwise send us information through the Website, by email or by phone;

  • other information collected through the Website using cookies or otherwise (please see section 9 below);

  • information that you have made public and/or is otherwise publicly available about you in records or other sources;

  • when you or your organization offer to or provide goods and/or services to us;

  • from providers who assist us in complying with our legal, regulatory and other obligations (such as, in relation to anti-money laundering, sanctions screening and otherwise);

  • from law enforcement agencies or authorities.

  • when you apply for employment as a job applicant.

 

Where data is collected about you from third parties (this could include your organisation, business associates, banking institutions, service providers or otherwise) this shall be in accordance with the GDPR and other legal obligations.

Please be aware that it may not be possible for us to respond to your enquiry, provide the services requested, proceed with your job application, perform any other contract between us if you decide to withhold/do not provide any personal data requested or in the case of cookies, use certain functions of the Website.

 2.  THE DATA WE PROCESS ABOUT YOU

Personal data is any information about a physical person from which that person can be directly or indirectly identified. It does not include information that has been anonymised (where the identity of the physical person cannot be identified) nor information regarding legal persons.

Depending on the reasons we are processing the information, we may collect, use and/or otherwise process the following data:

  • Contact information: such as, telephone numbers, fax numbers, email addresses and postal addresses.

  • Personal Information: such as, names, dates of birth, gender, relationships to other persons, job titles/descriptions, details of employers and other associated organisations, nationality, citizenship, photographs, copies of passports, identity documents, utility bills, bank statements and references.

  • Payment/Financial Data: such as, bank account and payment card details (including numbers, names of banking institutions, billing details/addresses, payment methods, account details, payment records and invoices, IBAN and SWIFT/BIC numbers, cheque details) and other related billing information as well as other information in relation to personal wealth, sources of funds and assets required to comply with anti-money laundering or other compliance obligations.

  • Background and Identity Information: information that is collected to comply with anti-money laundering and/or other compliance obligations, information provided by third party screening providers regarding sanctions lists and other publicly available information about you in records or from other sources.

  • Attendance Information: such as, details of visits to our premises or information regarding meetings between us.

  • Consents: details of consents given to us by you and your preferences in relation to communications between us.

  • Other Information: provided in connection with a project, instruction given by you or other services provided to you that you voluntarily provide us with or we may be required to obtain in the course of our professional activities.

  • Special Categories of Personal data (sensitive data): such as data in relation to, health, religious and political beliefs, ethnic origin, trade union membership, or other personal data classified as a special category in Article 9 of GDPR if this is necessary for the provision of services to you and which will only be carried out in compliance with the GDPR.

  • Employment Data (principally in relation to job applicants): such as, contact details, professional background, qualifications and all other information contained in a curriculum vitae, enquiry letter, application form, interview notes and other material.

  • Supplier Data: contact information, job title and organisation and other information required in relation to services and/or goods you provide to us.

  • Technical Data: in relation to the various devices you use to access the Website, internet protocol (IP) address, cookies, browser type and version and other related technology.

 

Please let us know if any data we hold on you is no longer accurate and/or up-to-date by using the contact information at the end of this Policy. We shall not be responsible for any losses in relation to information provided by you that is inaccurate, incomplete, not authentic or otherwise inadequate.

3. PURPOSES AND LEGAL BASES FOR PROCESSING YOUR PERSONAL DATA

We will use your personal data for the following purposes:

  •  To manage our relationship with you or your organisation, communicating and interacting with you.

  • To respond to your enquiries, including requests for legal advice;

  • To provide legal advice and/or other legal, corporate and/or administrative and/or trust services and/or other services requested;

  • To ensure the security of our premises as well as the security and effectiveness of our IT systems and assets.

  • To ensure, and evidence where legally required, compliance with our legal and regulatory obligations including record keeping (for example, in relation to applicable anti-money laundering laws and regulations, compliance screening, compliance with sanctions and other regulatory and reporting requirements);

  • To exercise or defend our legal rights/claims and comply with court orders;

  • To process any application or enquiry you make for employment with us;

  • To manage payment of our invoices and sums due to us.

  • To manage services and/or goods provided to us by you;

  • In compliance with applicable laws and regulations including by giving us your express consent when necessary, to communicate with you, send emails and provide newsletters, briefings and other publications to keep you informed of legal developments, market insights, information as to our services and matters which may be of interest to you. You may withdraw your consent at any time by contacting our data protection department using the contact information at the end of this Policy.

  • For any purpose ancillary to the above or other reasons your personal data was provided to us.

We will process your personal data on the following bases:

  • the processing is necessary in connection with instructions you have given us or for the performance on our part of a contract concerning the provision of legal services, administration, corporate, trust or other services to you or to take steps at your request prior to entering into such contract, or the processing is necessary for the performance of any other contract or generally in the context of any other dealings we may have with you;

  • the processing is necessary to comply with legal or regulatory obligations to which we are subject (for example anti-money laundering, mandatory checks and disclosure to authorities or agencies);

  • the processing is necessary for our legitimate interests, provided that such interests are not overridden by your interests, fundamental rights or freedoms;

  • You have given us your consent to process your personal data.

  • We may process special categories of personal data (sensitive data): where you have provided your explicit consent; or such processing is necessary to comply with specific legislation, other regulations, and for the establishment, exercise or defence of legal claims.

 Where and when necessary, we will obtain all and any consents required by law.

4. HOW WE MAY SHARE YOUR PERSONAL DATA

Aside from when you give us your consent or direct us to do so, we may disclose your personal data to others as follows:

  • To companies (and individuals within those companies) affiliated to or connected with us in order to provide legal, corporate, administrative, trust or other services for business, billing or other administrative purposes.

  • To clients, companies or organisations affiliated to or connected with you in order to provide legal, corporate, administrative, trust or other services.

  • To third parties which provide services to us, such as those providing document management services, professional advisors, auditors, software providers and developers, IT service providers, other external processors and suppliers but always in accordance with applicable law.

  • To third parties and collaborators you instruct us or give consent to us to doing so, including those providing professional services to you or your organisation, including auditors, banks/financial institutions, accountants, other lawyers or counsel.

  • To government or regulatory authorities and law enforcement bodies, tax authorities, courts, tribunals, registrars of public records where we are required to do so by law or other regulations or where it is necessary for the purpose of, or in connection with, legal proceedings or in order to exercise or defend legal rights.  

  • Service providers providing screening services, authorised credit institutions/financial institutions and regulatory bodies so that we can comply with our legal and regulatory obligations in relation to anti-money laundering, screening in relation to sanctions, prevention of crimes and other requisite checks.

  • Insurance companies.

  • Third parties to which any of our rights or obligations are assigned.

 

5. PERSONAL DATA ABOUT OTHERS

 

When you provide us with personal data about another individual (for example, employees, directors, officers, customers, shareholders (legal and beneficial)) you must ensure that you are entitled to disclose such personal data to us and that, without taking any further steps, we are entitled to collect, use and disclose that personal data in accordance with the terms of this Policy. To this end, you must also ensure that the individual concerned is given all mandatory information pursuant to the GDPR and made aware of the matters set out in this Policy, as those matters relate to that individual including our identity, contact information, information as to the purposes of processing, to whom their data may be disclosed and their legal rights.

6. TRANSFER OF DATA

Aside from disclosures in accordance with section 4 above, we will not transfer personal data outside the European Economic Area. If required to do so, we will ensure that such transfer is in accordance with all legal transfer mechanisms required by applicable data protection laws.

7. HOW LONG WE WILL KEEP YOUR PERSONAL DATA

We will only retain personal data: for the period necessary to fulfil the purposes for which it was originally collected and thereafter as long as it is required to satisfy any legal, accounting or regulatory reporting requirements; or as is necessary for us to be able to assert or defend, respond to or conduct any legal claims or proceedings until the relevant claims have been settled or until the end of the relevant record retention period (provided by law or otherwise).

8. SECURITY

We have implemented appropriate technical and organisational measures to protect your personal data from being accidentally or unlawfully destroyed, lost, altered, disclosed, accessed or used in an unauthorised manner. Third parties processing your data in accordance with this Policy will be under the same duties.

 

9. COOKIES

Cookies are small files of electronic information that a website may send to your browser and be stored on your hard drive to help tailor your visit to that website and track usage/behaviour of the website.

Most browsers have settings for you to choose to accept or block (all or some) cookies by changing the settings in your browser. However, if you use your browser settings to block all cookies the Website may not function properly and you may not be able to access all or parts of it. By using this Website, you agree to the use of the cookies as described in this Policy.

10. YOUR LEGAL RIGHTS

In certain circumstances, you have rights pursuant to data protection laws. Subject to certain conditions and exceptions, such rights include the following which may apply to you depending on the circumstances:

•       Access: You are entitled to ask us if we are processing data in relation to you and request access to the personal data that we hold about you.

•       Rectification: You have the right to request correction of any inaccurate or incomplete personal data that we hold about you.

•       Erasure: You have the right to ask us to remove or delete personal data where the personal data in question is no longer necessary in relation to the purposes for which it was collected.

•       Restriction: You are entitled to restrict our processing of your personal data or to object to the processing of your personal data.

•       Portability: You have the right to request transfer of your personal data to another person (controller).

•       Objection/withdrawal of consent: where we are processing your data on the basis of consent given by you, you have the right to withdraw that consent at any time.

  1. THIRD-PARTY WEBSITES LINKS

While browsing the Website and when you receive or read emails, newsletters, briefings and other publications from us you may find links to third party websites. Personal data provided through these websites is not governed by the terms of this Policy and these third-party websites maintain their own privacy policies (which we do not control nor have responsibility for). Please be sure to review the privacy policies of these websites which will specify how your personal data is being collected and processed.

 

11. CHILDREN

Please do not use the Website or submit personal data to us if you are under 14 years of age.    

12. CONTACT US 

Should you like to exercise any of your legal rights or have any questions in relation to this Policy, please contact us by post or email at the addresses below:

13 Agiou Prokopiou

Engomi
Nicosia 2406, Cyprus.

Email: info@ei-law.com

 Supervisory Authority

In addition to the above, you also have the right to lodge a complaint with the Office of the Commissioner for Personal Data Protection:

1 Iasonos str., 1082 Nicosia
P.O. Box 23378, 1682 Nicosia
Tel: +357 22818456
Fax: +357 22304565
Email: commissioner@dataprotection.gov.cy

© 2020 E. Ioannides & Associates LLC