PRIVACY POLICY
Cyfield Group of Companies Ltd (hereinafter “we”, “us” or “our”) is committed to privacy and secure processing of the personal data it maintains for its customer, associates and collaborators, in an open and transparent manner. We have a number of businesses within the Cyfield Group of Companies and each may collect and use data about you in different ways. We believe strongly in protecting the privacy of your personal data you share with us and respecting the permission you give to us to use that information.
We are also committed to the collection and processing of personal data in full compliance with the General Regulation on the Protection of Personal Data of the European Union (Regulation 2016/679, GDPR) (hereafter referred to as “the Regulation“) and the legislation in force in Cyprus that governs the collection and processing of Personal Data of Individuals (L. 125 (I)/2018). Thus, we have developed this Privacy Policy that governs the collection, use, disclosure, transfer and storage of personal data.
Please read our privacy practices carefully to understand our policies regarding your data and how we treat it.
Under the Regulation, Cyfield Group of Companies may be operating as the Data Controller or Data Processor for all the personal data we maintain and process.
As a Data Controller, Cyfield Group of Companies is allowed to collect, maintain and process the personal data of all customers and collaborators.
As a Data Processor, Cyfield Group of Companies will process personal data as per the means and purposes defined by the Data Controller. We collect information under the direction of the Data Controller and have no direct relationship with the individuals whose personal data we process in connection with the use of our Services.
If you are an individual who interacts with a customer using our Services, that customer is the Data Controller of your personal data and you should contact them directly for assistance with any requests or inquires to your personal data.
This privacy policy applies to Data we collect:
We collect and use several types of personal data for the individuals we co-operate with, including Data by which subjects may be identified; Personal Data means any Data relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly.
A. For clients, visitors, members of the public, people that are next of kin to a client:
B. For employees and/or collaborators:
C. For candidates for recruitment
In general, we might process your personal data for the following purposes:
If it is necessary to share your information with other parties, it will be subject to strict controls and data processing agreements describing to what extend and how it may be used. We may share your information with:
We may also disclose your Personal Data to other third parties, including official authorities, courts, or other public bodies:
The Data that we collect about you, including Personal Data, is safely stored and processed in Cyprus and/or in remote cases in Countries within the European Union.
The period for which we keep your Personal Data that is necessary for compliance and legal enforcement purposes varies and depend on the nature of our legal obligations and claims in the individual case.
To the extent we have collected your Personal Data for purposes of provision of services, customer management, and customization of content as described above, we keep your Personal Data for as long as you are associated with us, as needed to provide you with our respective services and in compliance with relevant laws of Cyprus. For further Data regarding specific retention period please contact us at dpo@cyfieldgroup.com
There are different legal bases that we rely on to collect, use and disclose your Personal Data, namely:
We take appropriate security technical and organisational measures (including physical, electronic and procedural measures) to safeguard your Personal Data from unauthorized access, unlawful use, intervention, modification or disclosure under the requirements of the Regulation. For example, only authorized employees are permitted to access Personal Data, and they may do so only for permitted business functions. In addition, we have trained our employees on how to handle, manage and process personal data, applied upgraded technical measures and transformed our policies and procedures in a way that will comply with the General Data Protection Regulation.
We reserve the right to use automated decision-making in the following cases: When deemed necessary to provide services to you, with your written, expressed consent, and if the appropriate measures have been taken to safeguard your rights.
Profiling – from time to time we may use some elements of the data you supply to target the services we may offer to you. For example, and upon your consent, we my use your location to send you information about a property that may be of your interest. We do not use this information to make automated decisions.
We strive to provide you with choices regarding the Personal Data you provide to us. You can choose not to provide us with certain Personal Data, but that may result in you being unable to use certain services.
When you collaborate with us, you may be given a choice as to whether you want to receive email messages, newsletters or informational material about our services, improvements, performance, special offers, or containing special distributions of content by us. If consented yet later on you decide you no longer want to receive commercial or promotional emails or newsletters from us, you will need to avail yourself of the unsubscribe mechanism set out in the applicable communication or submit to us your request through email. It may take up to thirty days for us to process an opt-out request.
If you provided Personal Data, you may terminate your relationship with us at any time as per the provision of the between us agreement or engagement. If you choose to do so, your Personal Data will be deleted in accordance with our retention policy.
Subject to the provisions of the General Data Protection Regulation, you have the following rights in regard to your Personal Data: (Please note, these rights are not absolute, and in some cases, they are subjected to conditions as defined by law):
If you have any questions in regard to the kind of personal data we hold for you, or if you want to exercise any of your personal data rights, please send a written request to the email dpo@cyfieldgroup.com or to the postal address provided at the bottom of this Privacy Policy. However, we reserve the right to reject any requests for access or for imposing restrictions or other claims if required or permitted by the law.
We may modify or revise our privacy policy from time to time. Although we may attempt to notify you when major changes are made to this Privacy Policy, you are expected to periodically review the most up-to-date version found at our website https://www.cyfieldgroup.com/ so you are aware of any changes, as they are binding on you.
If we change anything in our Privacy Policy, the date of change will be reflected in the “last modified date”. You agree that you will periodically review this Privacy Policy and refresh the page when doing so. You agree to note the date of the last revision to our Privacy Policy. If the “last modified” date is unchanged from the last time you reviewed our privacy policy, then it is unchanged. On the other hand, if the date has changed, then there have been changes, and you agree to re-review our privacy policy, and you agree to the new ones. By continuing to use the Website subsequent to us making available an amended version of our privacy policy in a way that you can easily take notice of it, you thereby consent to such amendment.
This Privacy Policy does not create rights enforceable by third parties or require disclosure of any Personal Data relating to users of the Website.
We do not guarantee error-free performance under this Privacy Policy. We will use reasonable efforts to comply with this Privacy Policy and will take prompt corrective action when we learn of any failure to comply with our Privacy Policy. We shall not be liable for any incidental, consequential or punitive damages relating to this Privacy Policy.
If you have any questions about this Privacy Policy or our Data-handling practices, please contact us at dpo@cyfieldgroup.com. You may also contact us at 132 Limassol Avenue, 2015 Nicosia, Cyprus, telephone +357-22427230.
Submission of a Complain: If you feel that your concerns in regard to the use of your personal data or any of your data protection rights have not been addressed by us, you have the right to contact us at dpo@cyfieldgroup.com and submit a complain. You also have the right to submit a complaint with the Personal Data Protection Commissioner’s Office at http://www.dataprotection.gov.cy.
Last Modified date: 29/12/21