Purpose of this Policy
The Internet is an amazing tool. With only a few mouse-clicks, you can follow the news, look up facts, buy goods and services, and communicate with others from around the world. It’s important to Fidescorp Limited to help our customers retain their privacy when they take advantage of all our Website has to offer.
Your privacy is important to you and to us. We have structured our Website so that you can visit us on the Internet without identifying yourself or revealing any personal information.
Once you choose to provide us with personal information, we will protect such information and use it only in the ways as described below.
We are committed to respecting and protecting your privacy at all times. Any information about any person visiting our Website will not be sold, rented, transferred, or otherwise made available to others, except as expressly provided for in this Policy.
This Policy explains how we look after your personal data (in all situations where we collect your data) and sets out your privacy rights and also explains how the law and our approach to privacy and personal data protect you.
We process your personal data in an appropriate and lawful manner, in accordance with applicable data protection regulations and the General Data Protection Regulation EU 2016/679 (the “GDPR”) which is in force as of 25 May 2018.
We will comply with local data protection laws in jurisdictions we operate in and to do so the personal information we hold about you must be:
This Policy supplements any other privacy notice that we may provide to you at the point that we collect data from you and should be read in conjunction with those notices.
Personal Data We Collect From You
We will collect and process the following personal data about you:
These are personal details and include your first name, last name, email address and phone number (“Identity & Contact Data”). They will also include information on which services you are interested in or details about your enquiry. The information you give us may also include data about any marketing preference.
Such information may be provided by you in the following circumstances: (i) by filling in an enquiry form on the Website; (ii) by corresponding with us by post, phone, e-mail or otherwise when you apply for our services; (iii) subscribe to our services or publications; (iv) request marketing to be sent to you; (v) give us some feedback; (vi) to conduct business relationship with us in relation to our activities (rent, buy/sell, etc) or (vi) to start negotiations for or entering into a contract to supply services to us.
To the extent you engage our services you may be required to provide further information. Where you are a business user, we may also require further information before we enter into a commercial relationship with you.
Such further information may include payment details such as banking information, VAT number in order for us to process payments in relation to our services (“Financial Data”). We may also require you to provide us with information that might be needed to establish and serve as proof of your identification such as copies of your passport or national ID (“Identity Data”).
Where we are collecting or processing further information we will provide you with separate Privacy Notices which further describe how and why we are using your personal data.
Where we are required to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the services as agreed or we may not be able to enter into a contract with you but we will notify you if this is the case at the time. We may have to terminate that contract with you as a result.
Whenever you visit our Website we will automatically collect the following:
We may receive personal data about you from various third parties and publicly available sources as set out below:
It is important that the data that we hold about you is accurate and up to date. In the event that your data changes please notify us so that we can update our records.
How We Use Your Information
We may hold and process personal data that you provide to us in accordance with the GDPR.
We shall use this information:
We shall use this information:
We will combine information we receive from other sources with information you provide to us and information which we collect from you. We will use your information only for purposes as described in the paragraphs above.
Legal Basis For Processing
We shall only process your personal data insofar as this is necessary for us to be able to provide the services we offer and/or for the purposes indicated in this Policy.
Generally we do not rely on consent as a legal basis for processing your personal data. However, where your consent is required we will provide you with a consent form requesting explicit consent to do so.
Where we collect your data for marketing purposes we will always request your consent, at the point the data is collected, to use your data for that purpose.
We will always obtain your prior consent to sharing your personal data with any third party for their marketing purposes. This may be to enable relevant third parties to advise you of products or services that may be of interest to you.
We will only use your personal data for a reason other than the purpose for which it was originally obtained if we consider that we need to use it for that other purpose and have a legitimate interest in doing so, and your interests and fundamental rights do not override those interests.
We may also process your personal data on the basis of any legitimate interest or in order to comply with any legal obligations at law. This may include the exercise or defense of legal claims or in order to comply with an order of any court, tribunal or authority or disclosure to a government or regulatory entity.
You will receive marketing communication if you have requested such marketing information from us by providing us with your details through this Website and have consented and opted-in to receiving such information. Where we have entered into a contract or other business relationship with you we may further inform you about our activities, offers or other information which we believe would be useful to you in accordance with our legitimate interest.
We will not share your personal data with any third party for marketing purposes without your explicit consent.
Withdrawal Of Consent
You have the right to withdraw or vary consent or to object to receive marketing information as well as to withdraw or vary any consent provided by you in relation to your personal data/information (i.e. collection, processing, transfer) or even withdraw your consent to this Policy at any time by contacting firstname.lastname@example.org.
If you choose not to consent or to object to any one of the purposes listed herein or withdraw your consent at any time, we will still be able to provide our services, however, we would not be able to provide you with the full range of services which we offer and it may affect the efficiency with which we provide the services you request.
The withdrawal of any consent will not affect the lawfulness of processing which we carried out on the basis of such consent before its withdrawal. Once we have received notification that you have withdrawn your consent, we will no longer process your information for that purpose unless we have another legitimate basis for doing so in law.
Withdrawal of consent to this Policy will result in us having to terminate our services immediately.
Disclosure Of Your Information
There are a range of circumstances where we may disclose your data to third parties. These include:
(b) Our Service Providers/Suppliers: We may disclose your data to third parties that are involved in the fulfillment of our services to you.
(c) Data Controllers or Data Processors: We may disclose your personal data to any third party that may act as joint data controllers or data processors to Fidescorp Limited which will be the data controller for your data when you obtain our services and/or may provide administration, controls and reporting services. For a full list of the parties who may receive this information, please click here. All parties that act as joint data controllers or data processors to Fidescorp Limited respect and protect the security of your personal data in accordance with the applicable law (including the GDPR) and apply the security measures and safeguards as described below.
We may require to share your data with service providers in their capacity as data processors, which is necessary for us to provide the services you request, who will store and process your data on the basis of strict confidentiality and subject to the appropriate security measures and safeguards in place as described below.
We may share your data with other third parties in their capacity as data controllers such as notaries, auditors and other advisors and service providers or third parties providing services or goods to you such as real estate agencies/owners/developers who you might wish to engage with under separate terms and conditions between you and such third parties. These third parties will be processing your data in their own right as data controllers and their data protection policies and processes shall be become applicable
(d) Third party marketing. Where you have consented for us to do so, we may provide your data to selected third parties who may contact you about their goods or services that you may be interested in.
Please be advised that we do not reveal information about identifiable individuals to our advertisers, but we may, on occasion, provide them with non-personal data such as Aggregated Data which is data that may be obtained from your personal data, but which does not directly or indirectly identify you. This may include data detailing how you use our Website and the features and areas that you have interacted with Aggregated Data about our Website visitors and customers.
If you do not want us to share your data with third parties you will have the opportunity to withhold your consent to this when you provide your details to us on the form on which we collect your data, or you can do so by writing to us at the address detailed above or sending us an email to email@example.com at any time.
Transfers Of Data To Third Parties
Where we share your personal data with internal or external third parties, this may involve transferring your data outside the European Economic Area (EEA). We will transfer your personal data in accordance with standard contractual clauses (European Commission: Model contracts for the transfer of personal data to third countries) to ensure your personal data is protected and transferred securely in compliance with applicable law, including the GDPR.
Third Party Access To Your Personal Data
We work closely with third parties in order to provide you the services you request on our Website. These third parties include cloud storage providers, analytics providers and search engine information providers. We will only work with third party providers that comply with applicable laws in the jurisdictions which we operate and abide by the GDPR and, if applicable, agree to be bound by the standard contractual clauses to adequately protect and safeguard your personal data.
We have put in place appropriate security measures to prevent your data from unlawful or unauthorised processing or accidental loss or damage or disclosure. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
The transfer of information between our Website and your device is protected with TLS (Transport Layer Security) certificates. When the Website is accessed using compatible browsers, that technology protects personal information using both server authentication and data encryption to ensure that personal information is safe and secure while in transit. The mainstream browser versions compatible with that technology are the Internet Explorer from version 11, the Mozilla Firefox from version 27, the Google Chrome from version 32 and the Apple Safari from version 7.
All personal data is stored in a secure server environment that uses a firewall and other advanced technology to protect against interference or unauthorized access. Servers are located in Cyprus Usernames and Passwords are issued to persons authorized to access the personal data, such as our employees, who are bound by confidentiality not to disclose any personal data.
No method of transmission of data is one hundred percent (100%) secure and absolute security cannot be guaranteed.
In the event of a data breach we will notify the competent authorities and we will also notify you in the event that the breach results in any likelihood of loss or damage to you.
Data Storage And Minimisation
The length of time that we retain and store your data depends on the purpose for which it was collected. We will only store data for as long as is required to fulfill that purpose or for the purpose of satisfying legal, accounting or reporting requirements.
In any case, retention of data shall not exceed 10 years from the date of termination or completion of the services. This period of retention enables us to use the data for defending potential legal claims, taking into account the applicable limitation periods under relevant laws, as well as, if applicable, to comply with Anti-Money Laundering/KYC laws and regulations, Anti-Bribery/Corruption law provisions and regulations, accounting and tax laws, applicable to certain jurisdictions which we operate in.
Whenever and to the extent possible, we anonymize the data which we hold about you when it is no longer necessary to identify you from the data which we hold about you.
The GDPR gives you a range of rights in relation to the personal data that we collect from. You have the right to:
(a) Access your personal data/information: This right is commonly known as the “Data Subject Access Request” and enables you to receive a copy of the personal data/information we hold about you, as well as information on if, how, why and by whom your data is processed. You will not need to pay a fee to access your personal data (you shall receive one electronic copy via e-mail) unless we can justifiably demonstrate that the request is unfounded, repetitive or excessive in which case we may also refuse to comply with your request in these circumstances. We will respond to all legitimate data access requests within one month, but we may need to obtain further information from you in order to confirm your identity and the legitimacy of the request.
(b) Request update of the personal data: This enables you to obtain correction of any inaccurate to update your data, to have any inaccurate data corrected and to have incomplete personal data completed, including by means of providing a supplementary statement.
(c) Object to processing of your personal data: You may object to processing of your personal data where we are relying on consent or our legitimate interests (or those of a third party) as the justification for processing the data. Unless we have a legitimate interest that overrides your interest, we will stop processing your personal data.
In the case of processing your data for marketing purposes, we will stop processing the personal data for such purposes, if requested by you.
(d) Erasure of your personal data (right to be forgotten): This enables you to ask us to delete personal data in the following circumstances:
– where there is no justifiable and/or lawful reason for us continuing to retain and process it (i.e. where the processing of the data is no longer necessary for any of the reasons the data was collected or the deletion is required by the law);
– where you have successfully objected to the processing of the data by the Website
– where your personal data have been unlawfully processed.
We may not always be able to delete the data such as if there is an ongoing contractual relationship between us or if we are legally required to retain the data, etc.
(e) Restrict the processing of your personal data: you shall have the right to obtain from us restriction of processing where one of the following applies:
(f) Request the transfer of your personal data to you or to a third party (Right of Data Portability): We will provide to you, or a third party you have chosen, your personal data in a structured, machine-readable format.
(g) Withdraw consent: Where we are relying on consent to process your personal data you may withdraw that consent. For more details in relation to this right, please see above in “Withdrawal Of Consent”.
You can exercise these rights at any time by writing to us at the address detailed above, or by email to firstname.lastname@example.org
Third party links
You might find links to third party websites on our website. If you click a link to a third-party website and visit that site, you may be allowing that site to collect and share certain data about you. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
Quality Of Website And Overall Experience
So as to improve the quality and overall user experience of the Website as well as facilitate event bookings and client event registrations, we are using Google Analytics Advertising Features, including Amiando and Microsoft Dynamics.
If you would like to opt-out of Google Analytics for display advertising, you may do so by using the Ads Preference Manager.
In addition, there is also a Google Analytics Opt-Out browser add-on that you can download at https://tools.google.com/dlpage/gaoptout.
You may withdraw your consent given for any of the purposes listed above at any time. This does not affect the lawfulness of your personal data for these purposes prior to your withdrawal. You may send us an email at email@example.com indicating your withdrawal of consent and specify which processing activities such withdrawal relates to.
We welcome any comments, complaints and queries in relation to data protection. As indicated above you may contact our Data Protection Officer at firstname.lastname@example.org and we shall try our best to deal with any issue or concern you may have.
If we fail to address your concerns, you have the right to lodge a complaint with the Office of the Commissioner for Personal Data Protection at email@example.com, as the relevant national supervisory authority on all data protection matters (www.dataprotection .gov.cy).