Cybits operates the www.cybits.org website, which provides the SERVICE.
This page is used to inform website visitors regarding our policies with the collection, use, and disclosure of Personal Information if anyone decided to use our Service.
- What personal data we collect?
Personal data or personal information under the GDPR and the Law, means any information about an individual from which that individual can be identified.
Depending on the reason for which you communicate with us, we may collect, use, store and transfer the following different kinds of personal data about you:
- Your name and contact information, such as your home and/or business address, email address and telephone number;
- Identity and biographical information including your nationality, date of birth, tax status, passport/national identity card details and country of domicile, your employment and employment history, job title and role, educational profile, interests and other information relevant to our provision of any Services;
- Information in relation to your financial situation such as income, expenditure, assets and liabilities, sources of wealth, as well as your bank account details and other information necessary for processing payments, for fraud prevention purposes and for the provision of any Services;
- Recruitment/Selection data, such as academic qualifications, professional background and any other information contained in your CV, application form, record of interview or interview notes and/or any other assessment material;
- An understanding of your goals and objectives and other information provided to us in connection with our provision of Services; and
- Information about our meetings with you.
- Special Categories of personal data: in connection with the provisions of Services to you, we may in some occasions need to ask for certain sensitive information about you (including data relating to racial or ethnic origin, political opinions, religious beliefs, trade union membership, health) and/or data relating to criminal convictions and offences. The processing of sensitive data will only be carried out by us in full compliance with the GDPR and applicable national legislation, on the basis of your explicit prior consent.
- How is your personal data collected?
We may collect your personal data or you may provide such data to us through various means including from information:
- You provide to us when you contact us to seek advice or Services from us;
- Provided to us by your organization, agents, advisers, intermediaries or custodians of your assets;
- Provided to us by our clients;
- You communicate to us by telephone, post, email, our website or other forms of electronic communication, in which respect, we may monitor, record and store any such communication;
- When you apply for employment (job applicants);
- When you offer to provide goods or services to us;
- Drawn from publicly available sources or from third parties, for example when we need to conduct background checks about you; and/or
- collected otherwise in the normal course of providing our Services.
- How we use your personal data?
How we use your personal data will depend on whether you are a client, a representative of a client, a business contact, someone whose personal data we necessarily process as part of our provision of Services, or otherwise. We may process your personal data for the following purposes:
- providing a proposal to you or your organization in relation to the Services we offer and for client engagement purposes (including the carrying out of background checks);
- responding to your requests for advice and/or other enquires;
- providing to you and/or our clients our Services;
- for the purpose of processing your application if you are a candidate for employment with the Firm and/or one of our Tenands;
- managing our relationship with you and/or our clients, for record-keeping purposes and more generally for the proper operation of the Firm and the Partnership;
- dealing with any complaints or feedback you may have;
- monitoring and improving the performance and effectiveness of our Services, including training of our staff;
- any other purpose for which you provide us with your personal data;
- safeguarding the security of our systems and communications; and/or
- for security purposes generally and to ensure the safety of our employees and visitors.
Our main legal bases for the processing of your personal data are the following:
- the processing is necessary for the performance on our part of the contract concerning the provision of our Services to you, or to take steps at your request before entering into a contract with you, or the processing is necessary for the performance of any other contract or generally in the context of any other dealings we may have with you;
- the processing is necessary for us to comply with our legal obligations;
- the processing is necessary for our legitimate interests (including the operation of the Firm, the Partnership and the provisions of our Services) or those of any client or relevant third party, unless those legitimate interests are overridden by your interests or fundamental rights or freedoms; and/or
- you have explicitly consented to the processing in question.
- Where we process sensitive personal data, other lawful processing grounds may apply, such as that the processing is necessary for the establishment, exercise or defence of legal claims (for example to protect and/or defend our property or rights, or those of our clients) or for reasons of substantial public interest; or where you have given us your explicit consent.
- Will your data be passed on to third parties?
Cybits does not share, sell, transfer or otherwise disseminate your personal data to third parties and will not do so in future, unless required by law, unless required for the purpose of a contract or unless you have given explicit consent to do so. For instance, we may share your personal data with:
- your organisation;
- governmental authorities and other organizations for the performance of our professional services;
- our client and/or project in the particular matter;
- third parties service providers who provide business services to us and we engage to assist in providing our professional services, such as our own professional legal advisors and or lawyers, service providers and insurers, other professional services firms, IT and other consultants, and couriers where appropriate;
All of the above third parties have access to your personal data only for processing in accordance with our instructions and are obliged not to disclose or use information for any other purpose.
PERSONAL DATA ABOUT OTHER INDIVIDUALS WHICH YOU PROVIDE TO US:
If you provide us with personal data about other individuals, you must ensure that you are entitled to disclose such personal data to us and that you have provided the relevant data subject of all mandatory data privacy notifications and information under the GDPR and applicable legislation and regulations, to include a notification as to their legal rights as data subjects. For that purpose, you must also ensure that the individual concerned is aware of the contents of the present Privacy Notice, as those matters relate to that individual, to include our identity, how to contact us, the purposes of collection of the data, how we may use and/or share the data and his/her relevant rights.
- What are my data subject’s rights?
Under GDPR you have the right to:
- obtain access to, and copies of, the personal data that we hold about you and information about how we process it;
- require us to correct any inaccuracies in the personal data we hold about you;
- require, in certain circumstances, erasure of your personal data;
- require us, in certain circumstances, to restrict our data processing activities;
- obtain from us the personal data you have provided to us in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller;
- object to our use of your personal data based on our legitimate interests, on grounds relating to your specific situation;
- withdraw your consent, where our use of your personal data is based on that consent; and
- to make a complaint at any time to the Office of Personal Data Protection Commissioner, the Cyprus supervisory authority for data protection issues (www.dataprotection.gov.cy), which can investigate compliance with data protection law and has enforcement powers, if you are not satisfied with how we are processing your personal data. We would, however, appreciate the chance to deal with your concerns before you approach the Commissioner so please contact us in the first instance.
Please contact us in writing using the contact details mentioned in Section 10 below if you would like to action any of your rights above. You should note that these rights are not absolute, and we may be entitled (or required) to refuse requests where exceptions apply.
NO FEE USUALLY REQUIRED
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
WHAT WE MAY NEED FROM YOU
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
TIME LIMIT TO RESPOND
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
- How about data security?
Your contact information and personal data are stored securely, using mixture of encryption, password protection and servers/cloud back-ups all kept with multiple lock protection.
Cybits takes all of the necessary, appropriate, technical and organizational security measures including physical, electronic and procedural measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, misuses, altered, disclosed or destruct. For instance, your data is saved in a secure operating environment which is not accessible to the public. We restrict access to your personal data at our offices so that only those officers and/or employees agents, contractors and other third parties who have a business need to know have access to your data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Please be aware that you should also take care with how you handle and disclose your personal data and should avoid sending personal data through insecure email.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
- For how long will we hold your personal data?
We will only retain your personal data for as long as is necessary to fulfill the purposes set out in this Privacy Notice and as long as we have a lawful reason to do so. This will mean that we shall retain your personal data for 6 (six) months following the end of our business relationship with you.
In many cases this will mean that we shall retain your personal data for the same period as we retain your files or a copy of your files. In addition, we shall retain information obtained to meet our obligations under the applicable laws (including but not limited to the data retention obligations inherent in Cyprus tax laws) as well as for any period required in order to protect our interests in the case of claims or disputes or for the purposes of court proceedings. Longer retention periods may be appropriate where, for example, specific legal or public interest archival reasons apply, such as the need to carry out conflict checks.
- Website and Cookies:
A “cookie” is an element of data that can be sent to your browser. Your browser may then store it on your system based on the preferences you have set on your browser. Cookies gather information about your operating system including, but not limited to, browser type, and Internet Protocol (IP) address. Cybits website uses this information to analyze the traffic on our website. It is not our intention to use such information to personally identify a user. You have the option to configure your Internet browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it. Further, you have the option to block all cookies. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers. Please note, however, that if you refuse or otherwise block cookies you may not be able to use all of the functionality available on our website.
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and we are not responsible for their content, privacy statements policies or practices. When you leave our website, we encourage you to read the privacy notice of every website you visit.
- Changes to Privacy Notice and Your duty to inform us of changes?
We keep our Privacy Notice under regular review, Cybits reserves the right to change its Privacy Notice at any time with or without prior notice. From time to time, we may need to change and/or updated this Privacy Notice in line with changes as to how we process personal data. We will publish any new version of the Privacy Notice on our Website and we will inform you on these changes and where appropriate, will provide you with a copy of our updated Privacy Notice.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during our relationship.
By using Cybits Website and/or Services you agree to this Privacy Notice.
- Contact us:
If you have any queries about this Privacy Notice or how we process your personal data, you may contact us at [email protected]