As of 25th of May 2018, the General Data Protection Regulation 2016/679 becomes enforceable with direct applicability on all EU members and members of the European Economic Area. Thus, all member states shall harmonize data privacy laws across Europe. The objective of this Regulation is the protection of natural persons with regards to the processing of personal data and on the free movement of such data.
Antonis Paschalides & Co LLC (The “Company”), strives to protect the privacy and the confidentiality of Personal Data that the company collects and processes in connection with the services it provides to clients. Thus, the Company undertakes to meet its obligation under the EU General Data Protection Regulation (GDPR).
Antonis Paschalides & Co LLC of Agias Elenis 36, Galaxias Building, 5th floor, office 502, 1061 Nicosia, Cyprus is the Controller in respect of the personal data it receives in connection with the services provided under the relevant engagement with its clients.
- What we need
- Contact details (including names, postal addresses, email addresses, telephone and fax numbers);
- Identification documents and details (including passports and IDs, social security and tax identification number);
- Verification of residential address;
- Professional information;
- Bank/Auditor reference letter;
- Personal financial information (including size and source of wealth, income and other financial information);
- Anti-fraud data (including information about fraud and criminal convictions, allegations of crimes and sanctions details received from various anti-fraud and sanctions databases, or regulators or law enforcement agencies);
- Website and communication usage (including details of your visits to our websites and information collected through cookies and other tracking technologies, including but not limited to, your IP address and domain name); where necessary and legally permitted, we may also collect more sensitive data.
- Why we need it
- To provide you with, and to improve, our services;
- To deal with your enquiries and requests;
- To contact you in the course of providing services to our clients;
- To provide you with any other information that you request from us;
- To comply with our legal and professional responsibilities; and
- When we have other legitimate reasons, such as for internal compliance and security purposes.
- Sharing your information
- With affiliates and subsidiaries of our Company;
- With third parties such as contractors, advisers, agents and third-party service providers that provide services to our company, such as companies that provide record and information management services;
- With law enforcement agencies, if our Company reasonably believes unlawful activities have occurred;
- As required by law or court order.
- Cross-Border Transfer of Personal Information Outside the EEA
- How long we keep it
- What are your rights?
Our Personal Data Protection Policy governs the use and storage of your data. We collect and process the following types of personal data from you:
When you are providing us with information about a person other than yourself, you agree to notify them of their use of personal data and to obtain such consent for us, if needed.
In this section, we set out the purposes for which we collect and process personal data of our clients:
The personal information you provide to our Company may be shared, consistent with applicable law and regulations, as follows:
Countries outside the European Economic Area (EEA) often do not offer the same level of protections and guarantees for personal data as the countries within the EEA. Thus, our Company does not transfer your personal information outside of the EEA unless the transfer is justified on specific legal ground/s, as mentioned in GDPR, such as model contractual clauses, individual’s consent or other legal grounds permitted by GDPR. In the event of a cross-border transfer of personal data outside the EEA, our Company will follow the GDPR guidelines to ensure the level of data protection is not undermined.
Under Cyprus law and EU regulations and directives regarding prevention and suppression of anti-money laundering and terrorist financing activities, we are required to keep your documents for 10 years as of the termination of the business relationship or one-off transaction, or where the business relationship or one-off transaction is not formally terminated, as of the completion of the last transaction made in the course of the business relationship. For more information, please do not hesitate to request our Data Retention Policy. After this period, your personal data will be irreversibly destroyed. Any personal data held by us for marketing and service update notifications will be kept by us until you notify us that you no longer wish to receive this information.