This Data Protection Policy (“Policy”) sets out the basis which H.PriorityTrust Services Ltd, a limited liability company established in Cyprus with registration number HE 330815 (also referred to herein as ‘we’, ‘us’, our’, the ‘Company’’) being a Data Controller, may collect, use, disclose or otherwise process Personal Data of Data Subject in accordance with the law. This Policy applies to all Personal Data in Company’s possession or under Company’s control.
H.PriorityTrust Services Ltd respects your privacy and is committed to handing your personal data with transparency and integrity. When processing personal data provided by you, the Company is subject to the provisions of the General Data Protection Regulation (EU) 2016/679 (GDPR) and any applicable data protection laws or regulations of the Republic of Cyprus. The Company acts as a controller of your personal data under GDPR, which means that it determines solely or jointly with others, the purposes and means of the processing of your personal data.
To whom this notice is addressed to:
This privacy notice is addressed to natural persons who may be one or more of the following:
– current and potential customers of our Company or persons who have had a business relationship with our Company in the past;
-Authorized representatives or agents of beneficial owners of legal entities administered by the Company;
-Officers or employees of legal entities to whom we provide services
Aims of this notice
Therefore, this privacy notice aims:
What constitutes ‘personal data’?
Personal data means any information relating to an identified or identifiable natural person. Examples of such personal data are your name, address and identification number, photo, passport, contact details etc and the form of such data may be hard copy, electronic, or other form.
What constitutes ‘processing’ of personal data?
By ‘processing’ of personal data, we refer to any operation which is performed upon them by us, for example their collection, recording, organization, storage, disclosure, transmission, erasure or destruction of such personal data.
What personal data we process and where we collect it from
We collect and process different types of personal data, depending on the type of service that you requested to receive, be it legal, corporate administration or other relevant or ancillary services and our legal and regulatory obligations in the field of anti-money laundering legislation and tax legislation and other applicable national or international legislation.
Personal data may be collected either from the client directly, or from their representatives, employees or agents. We may also collect and process personal data from publicly available sources, such as governmental agencies, the internet, or the press. Also we may collect personal data when you or your organization browse, make an enquiry or otherwise interact on our website.
For the above purposes, the types of personal data that we collect customarily include, but are not limited to the following:
Data of minors (children)
We acknowledge that safeguarding the privacy children/minors is of particular importance. Any personal data concerning children will be collected only to the extent necessary depending on the type of service that you requested to receive and provided that we obtained the consent of the parents/guardians of such children or otherwise permitted by applicable law.
Personal data about other people which you provide to us
If you provide personal data to us about someone else (such as one of your directors or employees, or someone with whom you have business dealings) you must ensure that you are entitled to disclose that personal data to us and that, without our taking any further steps, we may collect, use and disclose that personal data as described in this Privacy Policy. In particular, you must ensure the individual concerned is aware of the various matters detailed in this Privacy Policy, as those matters relate to that individual, including our identity, how to contact us, our purposes of collection, our personal data disclosure practices (including disclosure to overseas recipients), the individual’s right to obtain access to the personal data and make complaints about the handling of the personal data, and the consequences if the personal data is not provided (such as our inability to provide services).
Consent
By becoming a client of our Company, you thereby consent to the collection, use, processing, transmission and storage of your personal data, in compliance with this Policy, other related internal circulars of our Company which may be issued, from time to time, and of which you may request a copy, and in accordance with applicable Legislation, Directives, Regulations and Circulars issued by responsible and regulatory authorities.
Why your personal data is collected (Permitted Purposes) and the legal grounds for doing so
It follows from the above, that in order that we may be in a position to provide any of our services to you, you must provide us with such personal data which are necessary in order to enable us to do so, but also in order to abide by the legal obligations which we are bound by, as mentioned above.
Specifically, the legal grounds based on which we may collect and process personal data are determined by the EU General Data Protection Regulation and Cypriot data protection law and may be based on one or more of the following reasons:
Who may be recipients of your data/ transfers of data outside European Union
We may transmit your personal data in the context of us providing the agreed services to you or in accordance with statutory obligations imposed on ourselves and/or the third-party recipients.
For example, we may transmit your data to certain service providers and vendors or government authorities such as:
-Credit institutions in Cyprus and abroad where you requested the opening of bank accounts/provision of banking facilities or that need to be provided with information in the context of a transaction relating to yourselves personally or companies owned legally and/or beneficially by you;
Additionally, we may transmit your data as necessary to abide by any court order or as otherwise legally required.
In the context of the above, we may transfer your personal data to countries outside the European Union for the purposes mentioned above, if required by law, or if you have given us your consent to do so. Recipients located in countries which are deemed not to afford an adequate level of protection of personal data are obligated to maintain appropriate safeguards in relation to the transfer of your data to them as per the relevant provisions of the EU General Data Protection Regulation.
Data Security
We will take appropriate technical and organisational measures to keep your personal data confidential and secure in accordance with our internal procedures covering the storage, disclosure of and access to personal data. Personal data may be kept on our personal data technology systems or in paper files.
Retention of Personal Data
We will keep your personal data for as long as we maintain a business relationship with you and we provide you with services.
Once our business relationship stops and we cease to provide you with any services, then the data shall be kept for a period of 5 years from such cessation, as per the relevant anti-money laundering legislation.
Your rights
You have certain rights (which may be subject to limitations or restrictions) under the applicable legal framework such as:
Where the Company is legally required by law to process such data then such legal obligation imposed upon the Company will override your rights, and the Company hereby reserves all its rights under applicable law.
If you wish to do any of the above please send an email to [email protected]. We may request that you prove your identity by certain acts (e.g. by providing us with a copy of a valid means of identification) in order for us to comply with our security obligations and to prevent unauthorised disclosure of data. We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your data, and for any additional copies of the personal data you request from us.
We will consider any requests or complaints which we receive and provide you with a response in a timely manner. If you feel that your personal data has been processed in a way that does not meet the General Data Protection Regulation (GDPR), you have a specific right to lodge a complaint with the relevant supervisory authority, the Data Protection Commissioner Office, the Republic of Cyprus’ supervisory authority at:
1 Iasonos Street,1082 Nicosia, Cyprus
Tel.: +357 22 818 456, Fax: +357 22 304565
E-mail: [email protected]
Amendments to this Notice
This Privacy Policy was last updated on 24th of May 2018. We reserve the right to update and change this Privacy Policy from time to time in order to reflect any changes to the way in which we process your personal data or changing legal requirements. In case of any such changes, we will post the changed Privacy Policy on our website or publish it otherwise. The changes will take effect as soon as they are posted on this website.
Enquiries/ Concerns
Any enquiries, requests or concerns regarding this Notice or relating to the processing of your personal data should be addressed to [email protected] (telephone: +357 25388999).
We are proud to provide investors and businesses a safe pathway into Cyprus and Europe. The firm’s mission is to offer solutions on an extensive range of legal and financial matters, with high priority to professionalism and client satisfaction together with an interactive service and friendly approach.
104 Agias Fylaxeos, Panayiotopoulos Court, Office 301, 3087 Limassol, Cyprus
+357 25388999