Privacy policy

Introduction

We, at ANDREAS DEMETRIADES & CO LLC, (hereinafter “the Company”, “We”, “Us”, “Our”), fully respect your rights, and we are committed to protect your privacy, always in accordance with the General Data Protection Regulation (hereinafter “the GDPR”) and the relevant domestic legislation, as amended from time to time. This Privacy Policy (hereinafter the “Policy”) describes in detail how our Company collects and/or uses, and/or processes certain personal information which may be held by the Company. Please read carefully and if you need further clarifications, please do not hesitate to contact us by using the contact details as described below, to the present Policy.

Who we are?

ANDREAS DEMETRIADES & CO LLC is a Law Firm, originally established in 1970. We are a limited liability company, incorporated under the companies Law of the Republic of Cyprus Cap 113, with Registration number 244076 having our office at Tryfonos Court, Nikolaou I. Nikolaidi Ave 16-3rd Floor, Paphos 8010, Cyprus

Main areas of practice: Legal industry

Information collection and use.

How do We collect your information?

• Directly from you, when for example you contact us or when you request us to provide you with our services.
• From third parties, for example when you authorise a third person to contact us on your behalf.
• Through publicly available sources.

Categories of data we collect and process:

We may collect and process certain data such us:

• Data which provided by you when you contact us including General data information, for example name and surname, your contact details.
• Information you provide to us in thew standard course of our business relationship including Financial information, for example your occupation, your account details or Special categories of data, such as your nationality. 

Purposes for the collection and processing of the Personal Information: 

• Service provision – to provide you with the services requested by you we may collect and use your personal information. 
• Customer management purposes – to provide you with customer support including any notice such as changes about a service we may offer to you, or you might be interested in.  
• Compliance – to comply with our legal obligations, such as AML Regulation.   
• Security Purposes – to prevent any actual or potential fraud, illegal activities, or any intellectual property infringement.
• Legal interest – to protect our legitimate interest.

Legal basis for the collection and processing of the personal data:

• To perform a contract between you and the Company;
• To verify your identity in accordance with our legal obligations for the prevention of fraud, money laundering and terrorism financing activities;
• To protect the vital interests of any individual (for example in the event of emergency such as an earthquake);
• To establish, exercise and defend legal claims;
• Based on your consent. 

Data sharing

By providing us your personal information/data, we will not in any way transfer or share this information to any third party, and we ensure you that your personal information will remain confidential. We may share this information only in specific circumstances, as detailed below:

• To respond to any of your requests; 
• To respond to authorities if it is required by the law or by a court order;
• As necessary in connection with the sale of all or part of our business.

List of the recipient to whom we may share information:

• Affiliate companies – for example service providers such as financial firms for bookkeeping purposes or audits and the Law Firm S. DEMETRIADES&PARTNERS LLC
• Third parties including Authorities, agents, and administrative personnel (Tax Authorities, Bank Institutions etc.)
• Legal successors – in the event of a merger, restructuring, transfer, or sale of all our aspects.

Transfer of data to a third country:

We may transfer data out of European Economic Area if one of the below situations applies:

• Transfer of data to a third country or an international organization to which the European Commission has announced a decision that this country or the specific organization ensure an adequate level of protection in accordance with the GDPR, or;
• where the transfer of data is subject to adequate safeguards such as approved Binding Corporate Rules or 
• where the transfer of data is subject to adequate safeguards such as Standard Data Protection Clauses adopted by the European Commission or; 
• where one of the GDPR derogations applies. 

Measures ensuring the data protection and the protection of the rights and the freedoms of individuals:

We have established several technical and organizational measures to prevent any unauthorized access and to ensure the security and the confidentiality of the information we hold, including and not limited to data minimization, data pseudonymization, limitation of access, encryption of data, data loss prevention, cloud data protection etc. Moreover, further technical measures have been adopted. 

Retention of data

The period for which we may hold information is determined by the purpose for which each information has been collected. We had established a data retention policy based to which we delete the data that is no longer required for legal, regulatory or commercial purposes. In general, as a Law Firm regulated by the Cyprus Bar Association, we are obliged to keep personal data up to 5 years after the ceasing of our relationship, following the AML Directive and the relevant legislation. Upon completion of this period, we will destroy this information from our system since the purpose for which has been collected will not be valid anymore. 

Your rights: 

Under the GDPR Regulation you have the following rights:

• the right of access – to request access to the information we hold about you. 
• the right to rectification – to request the rectification of inaccurate personal data. 
• the right to erasure, – under specific circumstances, to request from us to erase your personal data. 
• the right to restrict processing – to request and to obtain (under specific circumstances) restriction of processing.
• the right to data portability – to request and receive a set of all information we hold or to request this information to be transmitted to a recipient you wish to.
• the right to object certain types of processing and 
• the right not to be subject to a decision based solely on automated processing.
• The right to withdraw your consent at any time. 

If you wish to exercise your rights, you may proceed by contacting our DPO by using the contact details described below. 

Should be stated that in some circumstances, we may not be able to fulfill or fully fulfill your request., for example when your request may affect the rights and the freedoms of another person/ In this scenario, our DPO will inform you of the reasons for such a decision.

Revision of the Privacy Policy

Our Company reserves the right to update or revise this Policy from time to time. We strongly recommend you review our Privacy Policy before submission of any of your personal data.  We display the effective date of the Policy to the top of the present.

Social Media/Networks

Our Company may use its own social media accounts such as LinkedIn. For this reason, we remind you that Social Media are publicly accessible platforms and we strongly recommend you avoid providing your personal information through these platforms if you do not wish for them to be published. If you would like to learn more about how your personal information may be processed, should visit each specific Social Media and read their  Privacy Policies.

Contact our DPO:

If you have any questions or if you wish to exercise your rights, you may contact directly our DPO by using the following contact details:

Email:  dpo@demetriadeslaw.com

Telephone number: +35726811668

Address: Tryfonos Court, Nikolaou I. Nikolaidi Ave 16-3rd Floor, Paphos 8010 Cyprus

Contact the Authority:

We, at ANDREAS DEMETRIADES & CO LLC, understand and commit to be in compliance with the principles of the GDPR Regulation, with full respect to your rights and freedoms as raised by the Regulation. However, in the unlikely event you wish to submit a complaint to the relevant Authority, please be noted that Cyprus Supervision is the Data Protection Commissioner, and the contact details are: 

Office of the Commissioner for Personal Data Protection 

Office address: Kypranoros 15, Nicosia 1061 , Cyprus
Tel: +357 22818456 , Fax: +357 22304565
Email: commissionerdataprotection.gov.cy