Privacy Policy

1. GENERAL INFORMATION

1.1 OLGA PIVOVAROVA & ASSOCIATES LLC is incorporated as a limited liability company in the Republic of Cyprus with registration number ΗΕ 436373, having its head office address at No.21, Ayias Elenis Tower, 6 Agias Elenis Street, 1060 Nicosia, duly regulated by the Cyprus Bar Association with license number 8516 and all its associates companies (hereinafter referred to as the “Company”).

  • 1.2 This Data Privacy Policy (hereinafter referred to as the “Policy”) is issued pursuant to and reflects compliance with the requirements and/or obligations and/or duties introduced by the EU General Data Protection Regulation 2016/679 (hereinafter referred to as the “GDPR”), as amended and replaced from time to time, as well as the relevant implementing legislation L.125(I)/2018 of the Republic of Cyprus (hereinafter referred to as the “Law”),  in relation to all processing activities carried out by the Company in respect of your personal data.

    • 1.3 References in this policy to “we”, “us” and “our” are references to the Company. References to “you” and “your” are to the individual/s who is/are providing personal data to us.

     

    2. SCOPE AND OBJECTIVE OF THE PRIVACY STATEMENT

    2.1 The Company respects individuals’ rights to privacy and the protection of personal data. The scope of this Policy is to explain and elaborate on how we collect, use, process and store your personal data during our course of business.

    3. THE PERSONAL DATA WE PROCESS

    3.1 We collect, use and process various categories of personal data at the start of, and for the duration of your business relationship with us as well as after the termination of our business relationship. The Company will minimize the collection and processing of personal data to the necessary data to meet the purpose and legal basis as described in the Sections 6 and 7 of this Privacy Policy.

    3.2 In any case in which a data subject chooses not to provide any personal data or where any of the rights set out in Section 8 of this Policy are exercised to limit the processing of personal data the Company may be unable to provide relevant services, or there may be a restriction on the services which can be provided.

    3.3 Personal Data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person may inter alia, include:

    • - Name and surname;
    • - Passport/ID number;
    • - Date of birth;
    • - Place of birth;
    • - Residential address;
    • - Email address;
    • - Telephone number;

     3.4 The Company may also process certain special categories of personal data for specific and limited purposes and only on the basis of an explicit consent granted by you or on any other legal basis, as described in the Section 6 of this Policy.

     3.5 These special categories of personal data include:

    • - Health  details/Information about racial or ethnic origin;
    • - Biometric and genetic information, relating to the physical or physiological characteristics;
    • - Religious or philosophical beliefs;

    4. CONTROLLER OF PERSONAL DATA.

     4.1 For the purposes of the GDPR and the Law the Company in most of the cases is deemed the data controller of the personal data provided by you and is also subject to applicable EU and national data protection laws.

    4.2 The Company is responsible for deciding the purposes of the processing, how to hold and retain the data provided and is under an obligation to inform you about the categories of the personal data it holds, your rights as well as how it will use the personal data.

    4.3 The Company as data controller complies with the following principles in respect with the collection of personal data:

    • - Lawfulness, Fairness and Transparency: Personal Data is processed lawfully, fairly and in a transparent manner in relation to the data subject..
    • - Purpose limitation: Personal Data collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes. No further processing incompatible with these purposes occurs. The processing is limited to only what is necessary to meet the specified purpose.
    • - Data minimisation: Personal data is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
    • - Accuracy principle: accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.
    • - Storage Limitation: Personal data kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed. Data wherever possible, is stored in a way that prevents or limits identification of the data subject. Also it may be stored for longer periods insofar as the personal data will be processed solely for archiving legitimate purposes such as public interest.
    • - Integrity and Confidentiality: the Company undertakes that data is processed in a manner that ensures appropriate security of the personal data and that the data is properly protected against unauthorised or unlawful processing, accidental destruction or loss and destruction or damage through the use of appropriate technical and organisational measures.
    • - Accountability: the Company is responsible for and is able to demonstrate compliance with this policy, GDPR and the law.

    5. COLLECTION OF PERSONAL DATA

     5.1 Your Personal Data may be collected:

    • - During our contractual relationship with you;
    • - From you via email and/or telephone and/or in person;
    • - When you make an enquiry via the Website;
    • - When you apply for employment (job applicants);
    • - From third parties, established or located within and/or outside the European Economic Area (“EEA”);
    • - Information collected, via the Website, using cookies, unless you have blocked cookies (see Section 14 below).

     5.2 It is your obligation and responsibility to provide us with updates as to the personal data provided in order for such data to remain current, accurate and correct and you acknowledge that we rely on the personal data provided to us in carrying out our obligations under our contractual relationship with you and under the GDPR and Law.

     5.3 Where you are a legal person providing to us personal data of any individual or where you are an individual providing us with personal data of any individual other than yourself, you hereby undertake and represent that such individual, whose personal data is collected, used, processed and stored in accordance with this Policy, has been fully informed of and clearly consented in writing to such collection, use, processing and store of his/her personal data under this Policy and that he/she has been informed of his/her rights in relation to the collection of personal data which are going to be used, processed and stored,  according to this Policy.

    6. PURPOSE OF PROCESSING OF YOUR PERSONAL DATA

     6.1 The Company only collects, use, process, store, share or transfer your personal data where it is necessary for us to carry out our lawful business activities and provide our services pursuant our contractual relationship. We will process your personal data for the purpose of or in connection with the provision of our services to you, for performance of our security, and for compliance with our legal obligations.

     6.2 When you establish a business relationship with us in order to provide you with our services, throughout your relationship with us and after the termination of your business relationship with us, we are required by the law to collect, use, process and store certain personal data about you.

     6.3 It is noted that if you don’t agree to provide us with the data required on the basis of contractual necessity or to meet our legal and/or regulatory obligations we may have to suspend or terminate the services provided to you.

     6.4 This may include personal data necessary, inter alia:

    • - To comply with any and all legal and/or regulatory obligations whatsoever under the laws and regulations, in any jurisdiction within or outside the EEA;
    • - To be used in the courts, law enforcement agencies, regulatory agencies, and other public or competent or tax authorities or other authorities, governmental or not, in any jurisdiction within or outside the EEA;
    • - To be used for the prevention, detection or investigation of crimes whatsoever.
    • - To protect our rights, privacy, safety or property whatsoever;
    • - The Company may collect, use, process and store personal data such as your name, date of birth to comply with the legal and/or regulatory obligations.

    7. LEGAL BASIS OF PROCESSING OF YOUR PERSONAL DATA

    7.1 We may collect, process, use, and store your personal data where it is in our legitimate interests and without prejudicing your interests or fundamental rights and freedoms.

     7.2 We may process your personal data to manage our business, financial affairs as well as to protect our employees, clients and property. It is in our interests to ensure that our processes and systems operate effectively and that we can continue operating as a business.

     7.3 This may include processing of your data to:

    • - Monitor, maintain and improve internal business processes, information and data, technology and communications solutions and services;
    • - Ensure business continuity and disaster recovery responding to information technology and business emergencies;
    • - Ensure network and information security, including but not limited to monitoring authorised users’ access to our information technology for the purpose of preventing cyber-attacks, unauthorised use of our telecommunications, trading or other systems and websites, prevention or detection of crime and protection of your personal data;
    • - Provide assurance on the management of the Company’s material risks;
    • - Protect our legal rights and legitimate interests.

     7.4 It is in the Company’s interest to ensure that it provides you with the most appropriate services.

     7.5 This may require processing of your Data to enable us to:

    • - Understand your actions, behaviour, preferences, expectations, feedback in order to improve our services and develop new services;
    • - Monitor and improve the performance and effectiveness of services.

    7.6 On the basis of legitimate interest we may collect, use, process and store Data such as your telephone number or email address. 

     7.7 Please note that if you don’t agree to provide us with the Data collected, used, processed and stored on the basis of the legitimate interest we may have to suspend or terminate the services provided to you.

     7.8 For special category of data and marketing purposes we may only collect, use, process and store personal data where an explicit consent has been granted.

    8. YOUR RIGHTS

     8.1 The Company takes all the appropriate measures to make sure that you are fully informed about your rights in regards with all Personal Data we collect, process, use and store.

     8.2 Data subjects in the European Union (or any jurisdiction with equivalent legislation to the European Union General Data Protection Regulation) have certain rights in respect of their personal data.

     8.3 Your rights:

    • - Right to be informed: on what data of theirs is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties.
    • - Right of access: individuals have the right to request a copy of the information that an organisation holds on them.
    • - Right of rectification: individuals have the right to correct data that’s inaccurate or incomplete.
    • - Right to be forgotten: in certain circumstances, individuals can ask organisations to erase any personal data that’s stored on them.
    • - Right of portability: individuals can request that an organisation transfers any data that it holds on them to another company.
    • - Right to restrict processing: individuals can request that an organisation limits the way it uses personal data.
    • - Right to object: individuals have the right to challenge certain types of processing, such as direct marketing.
    • - Rights related to automated decision making including profiling: individuals can ask organisations to provide a copy of its automated processing activities if they believe the data is being processed unlawfully. You should also remind individuals that they are free to exercise their rights and explain how they can do this.

     8.4 In the event you wish to exercise any of the rights described below or if you have any queries about how we collect, use, process or store your personal data that are not answered in this Policy, or if you wish to complain to our Data Protection Officer, you may contact us at the details given in Section 16 of this Policy.

     

    9. NOTIFICATION  ABOUT YOUR PERSONAL DATA

     9.1 We may directly contact you to provide you with information regarding the status, operation and maintenance of your personal data including updated information about how we collect, use, process and store your personal data by email.

     9.2 We may also directly contact you to provide you with information including but not limited to any outstanding bills and/or invoices whatsoever.

     

    10. USE AND DATA SHARING

     10.1 We will only use and share your personal data where it is necessary for us to lawfully carry out our business activities and/or provide our services. Your personal data may be shared with and used, processed and stored by our associates companies. We may also in limited circumstances share personal date with government authorities or others in order to carry out our duties pursuant to our business relationship or when is required to protect the interests of the Company or others, as necessary in connection with the sale or transfer of all or a portion of the business, or as required by applicable laws or any court order.

     10.2 We may share or transfer your personal data with recipients in non-EU countries where:

    • - the European Commission has decided that the country or the organisation we are sharing your Personal Data with will protect your Data adequately;
    • - the transfer has been authorised by the relevant data protection authority;
    • - we have entered into a contract with the organisation with which we are sharing your Personal Data (on terms approved by the European Commission or the Data Protection Commissioner of the Republic of Cyprus) to ensure your Personal Data is adequately protected.

     10.3 This website is hosted in USA, Arizona. Notably your provision of personal data or other access to our website constitutes your transfer of such data to USA a jurisdiction that may not provide a level of data protection equivalent to the laws in your home country.

    11. PERIOD OF STORING YOUR PERSONAL DATA

     11.1 We retain the personal data processed by us for as long as we consider necessary for the purpose for which it was collected, as required and/or as required under any legal provision to which we are subject and/or for such other periods as can be lawfully justified in each case.  

     11.2 Personal data may be held for longer periods where extended retention periods are required by the Law or regulations and/or in order to establish, exercise or defend our legal rights before a Court or tribunal or Arbitral tribunal whatsoever.

    12. CHANGES TO THE WAY WE USE YOUR PERSONAL DATA

    12.1 The Company reserves the right to change the way and/or the purpose of processing and use of your personal data. As a result, where the Company decides to process or use your personal data for purpose other than the purpose for which such personal data were initially collected, processed and used and stored, it shall provide you with all relevant information of such change including the new purpose under which such personal data will be used and/or processed as well as all of your rights as described in the Section 7 of this Privacy Notice.

    13. SECURITY INFORMATION

    13.1 We are committed to ensuring that your personal data is secure. For more information about the steps we are taking to protect your personal data, you may contact us at the details given in Section 16 of this Policy.

    13.2 In the event of any loss or destruction or other form of personal data breach in respect of your personal data which is likely to result in a high risk to your rights and freedoms, we will contact you on add the email provided to the client during the establishment of the business relationship unless you provide us with other contact details in respect of such notifications.

    14. COOKIES POLICY

    14.1 A “cookie” is an element of data that can be sent to your browser. Your browser may then store it on your system based on the preferences you have set on your browser. Cookies gather information about your operating system including, but not limited to, browser type, and Internet Protocol (IP) address. The Company’s website uses this information to analyse the traffic on our website, and better serve you when you return to our web site. It is not our intention to use such information to personally identify a user. You have the option to configure your Internet browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it.

    14.2 Additionally, you have the option to block all cookies. Notably, however, that if you refuse or otherwise block cookies you may not be able to use all of the functionality available on the website.

    15. CONTACT INFORMATION

     15.1 If you have any queries about how we collect, use, process or store your Personal Data that are not answered in this Policy, or if you wish to complain to our Data Protection Officer, you may contact us at:

    • AddressNo.21, Ayias Elenis Tower, 6 Agias Elenis Street, 1060 Nicosia
    • Telephone:  +357 96 3838 63
    • Email: olga@pivovarovalaw.com

    16. LODGING A COMPLAINT

     16.1 The Company only processes your personal information in compliance with this privacy policy and in accordance with the relevant data protection law. If, however you wish to raise a complaint regarding the processing of your personal data or are unsatisfied with how we have handled your information, you have the right to lodge a complaint with the supervisory authority, Office of the Commissioner for the Protection of Personal Data of Cyprus. (www.dataprotection.gov.cy)

     

    17. Amendment or Update:

    17.1 The Company may amend or update this Policy from time to time. When we make any amendments or updates, we will communicate such updates to you and publish the amended or updated Policy on our website www.pivovarovalaw.com.

    17.2 We suggest for you to visit our website regularly to stay informed about the purposes of processing of your personal data and your rights to control how we collect, use or process your personal data.