Privacy Policy

Chrysostomides Advocates and Legal Consultants (the “Firm”) is committed to protecting privacy and making sure that any personal data it collects are processed in accordance with the EU General Data Protection Regulation 2016/679  (the “GDPR”),  the Cyprus Data Protection Law No. 125(I)/2018 (as amended) as well as any secondary legislation, directives, and all other legislation and regulatory requirements in force from time to time applicable to the use of personal data. This Privacy Policy describes how the Firm may collect, use, store and/or otherwise process personal data of clients, applicants for employment with the Firm, suppliers or other service providers and website visitors.

The Firm acts as its own data controller responsible for processing your personal information in relation to the provision of its services, unless otherwise stipulated.

References in this policy to “we”, “us” and “our” are references to the Firm. References to “you” and “your” are to the individual/s who is/are providing personal data to us and/or whose personal data we process.

We may amend or update this Privacy Policy from time to time. All amendments or updates will be posted on the Firm’s website at: chrysostomides.com (the “Website”) and/or in our standard terms of business and/or in any other appropriate communication or document exchanged between us. We encourage you to periodically review our Privacy Policy to be informed of how we are committed to protecting personal data.

When we Collect Personal Data

Personal data means any information about an individual from which that person can be identified.

Personal data may be collected by the Firm in a number of circumstances, including:

  • when you contact us to seek legal advice or services from us;
  • when you make an enquiry via the Website or by email;
  • when you apply for employment (job applicants);
  • when you offer to provide or provide goods or services to us;
  • information collected, via the Website, using cookies, unless you have disabled cookies (see relevant section below).
 

If you choose to withhold any personal data requested by us on any of the above-mentioned circumstances, it may not be possible for us to respond to your legal or other query, process your application for employment, offer the legal services requested, or in the case of cookies, use certain functionalities of the Website.

In some circumstances, we may collect personal data about you from a third-party source. For example, we may collect personal data from your organisation, other organisations with whom you have dealings, to include banks and other professional service providers or other organisations in the context of the provision of our services to you or generally in the context of any other dealings we may have with you. In any case, such collection from third parties is always carried out in line with our legal obligations.

Types of Personal Data We Collect

Depending on the reason why you communicate with us and/or the purpose of the processing, we may collect the following data:

  • Personal Details, such as your name, date of birth, personal contact details (postal address, email address, telephone number, fax), job title/profession and/or job description;
  • Identification Information, such as ID number and/or passport number;
  • Recruitment/Selection Data, such as academic qualifications, professional background and any other information contained in your CV, application form, record of interview or interview notes and/or any other assessment material;
  • Payment Data, such as data necessary for processing payments to include bank account details, details of beneficiaries and other related billing information;
  • Further information necessarily processed in a project or client contractual relationship with the Firm or voluntarily provided by you, such as instructions given, payments made, requests that you address to us.
  • Special categories of personal data (sensitive data): In connection with the provision of legal services to you, we may on some occasions need to ask for certain sensitive information (e.g. information about your health etc.). The processing of sensitive data will only be carried out by us in full compliance with the GDPR and applicable national legislation, on the basis of your explicit prior consent.
  • Visits. Details of your visits to our premises.
  • Technical Data processed when accessing our website through cookies, such as IP addresses, device and browser information, session ID, user behaviour (pages visited, interactions), referrer URL, and approximate location. Besides strictly necessary cookies, the processing of technical data will only be carried out on the basis of your consent. 
 

Purposes and Legal Bases for the Processing of Personal Data

The Firm uses your personal data for the purposes for which it has been supplied to us, to include:

  • for responding to your requests for legal advice and/or other enquiries;
  • for providing legal advice and/or other corporate and/or administrative services you may have requested;
  • for ensuring compliance with our legal obligations (e.g. for compliance with our obligations under applicable anti-money laundering laws);
  • for complying with court orders and/or defending our legal rights, where applicable;
  • for the purposes of processing your application if you are a candidate for employment with the Firm;
  • for any purpose related and/or ancillary to any of the above or any other purpose for which your personal data were provided to us;
  • where you have provided us with your explicit prior consent, we may also use the information to provide you with newsletters, briefings and other publications about legal developments and matters which we believe may be of interest to you.
 

Our main legal bases for the processing of your personal data are the following:

  • the processing is necessary for the performance on our part of the contract concerning the provision of legal services to you or to take steps at your request prior to entering into such contract, or the processing is necessary for the performance of any other contract or generally in the context of any other dealings we may have with you;
  • the processing is necessary for us to comply with a legal obligation (for example under applicable Anti-Money Laundering laws);
  • the processing is in our legitimate interests and our interests are not overridden by your interests, fundamental rights or freedoms; some of these interests include, for example to prevent fraud, to enable us to give you the best and most secure customer experience or to send you marketing emails regarding services similar to those for which your personal data were originally obtained;
  • We rely on consent only where we have obtained your active agreement to use your personal data for a specified purpose, for example to send you marketing emails for an unrelated service or for the use of cookies on our website.
 

Our legal bases for the processing of special categories of personal data (sensitive data) are the following:

  • you have provided your explicit consent to the processing of such sensitive personal data for specified purposes;
  • processing of such data may be necessary for the establishment, exercise or defence of legal claims.
 

Sharing Your Personal Data

We will not disclose your personal data, except:

  • to third parties who provide services on our behalf, e.g. third parties providing document management services or software developers;
  • to collaborators, to include instructing counsel, banks, accountants and auditors;
  • where we are required to do so by law or where it is necessary for the purpose of, or in connection with, legal proceedings or in order to exercise or defend legal rights;
  • upon your instructions or your express consent.
  • We may also share your personal data with any third party to whom we assign or novate any of our rights or obligations.
 

We require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions.

Any third parties that we may share your information with are located within the EU/EEA area and are obliged by written contract to keep your details confidentially and securely and to use them only to fulfil the service they provide on our behalf. When they no longer need your information to fulfil this service, they will dispose of the details in line with our policies/procedures.

Personal data about other individuals which you provide to us

If you provide us with personal data about another individual, you must ensure that you are entitled to disclose such personal data to us and that you have provided the relevant data subjects of all mandatory data privacy notifications and information under the GDPR and applicable legislation and regulations, to include a notification as to their legal rights as data subjects. For that purpose, you must also ensure that the individual concerned is aware of the contents of the present Privacy Policy, as those matters relate to that individual, to include our identity, how to contact us, the purposes of collection of the data, how we may use and/or share the data and his/her relevant rights.

Cookies

Cookies are small text files that are stored on your device (such as your computer or mobile phone), used by the Website to identify you, to improve the site and to deliver a personalised service. To do so, these cookies may process your Technical Data. 

Please note that third parties, such as Google, use cookies to collect information about your activity on our Website. They may use this information, together with other information they hold, to analyse your behaviour, build a profile of your interests, and display content or advertising that is more relevant to you. Please note that third-party cookies are subject to the privacy policies of their respective providers, and we encourage you to review their policies for more information on how your data is used, since we have no control over them.

Except for strictly necessary cookies, you are not required to consent to the use of other types of cookies and may decline them through our Cookie Banner located at the bottom left corner of our Website. 

You may also configure your browser to refuse or restrict the use of cookies. 

Please note that the Website relies on certain cookies to function properly. If you disable cookies via your browser settings, some parts of the Website may not operate correctly or may not be accessible.

For more information regarding the Cookies used on our Website, and the relevant retention periods of your Technical Data, please refer to our Cookie Policy.   

Retention of Personal Data

The Firm will generally retain personal data for the period necessary to fulfil the purposes for which it was originally collected and thereafter as required or permitted by law or as is necessary in order for the Firm to be able to defend, respond to or conduct prospective or actual legal claims or proceedings.

In light of the above general rule:

  • Client data shall generally be retained for the duration of their business relationship with the Firm and thereafter for a further period of 6 years.
  • With regard to candidates’ data, these shall be kept for the whole of the duration of the recruitment process and where their relevant application has been unsuccessful the data will be deleted immediately, except where the candidate has provided his/her explicit consent for holding the date for a longer period.
  • Personal data in the context of other contractual relations or dealings with you shall be retained for the duration of our contractual relationship or dealings and thereafter for a further period of 6 years.
  • With regard to Technical Data processed by cookies on our Website, please refer to our Cookie Policy. 
 

Security and Confidentiality of your Personal Data

The Firm strives to maintains appropriate technical and organisation security measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage. Whenever any third party service provider handles or processes your data on our behalf, we require them to do the same.

We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.  

We have additionally put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Your Rights

You may find below a list of your legal rights insofar as your personal data are concerned. Please note that some of these rights may not be applicable to your situation.

  • You have the right to gain access to the personal data that we hold about you.
  • You have the right of rectification, that is, to request the correction, without undue delay, of any personal data that we hold about you and are either inaccurate or incomplete.
  • You have the right to erase your personal data, without undue delay, provided, amongst others, the personal data in question are no longer necessary in relation to the purposes for which they were collected.
  • You have the right to restrict our processing activities or to object to the processing of your personal data.
  • You have the right to data portability, that is, to request from us that we send your personal data in a structured, commonly used and machine-readable format, and to transmit those data to another controller.
  • If we rely on your consent as our legal basis for the processing of your personal data, you have the right to withdraw that consent at any time.
 

If you wish to exercise any of your above-mentioned rights or have any questions or comments with regard to this Privacy Policy, you may contact our Data Protection Officer either by email at dpo@chrysostomides.com.cy or by post at Chrysostomides Advocates and Legal Consultants, 1 Lampousas Street, 1095 Nicosia, Cyprus for the attention of the DPO.

In addition to the above, you also have the right to lodge a complaint to the Office of the Commissioner for Personal Data Protection in Cyprus, at the following postal and email address:

15 Kypranoros, 1061 Nicosia
P.O.Box 23378, 1682 Nicosia
Tel: +357 22818456
Fax: +357 22304565
Email: commissioner@dataprotection.gov.cy

Menu

Areas of Practice

Banking & Secured Financing

Blockchain & Cryptoassets

Capital Markets

Competition Law

Constitutional, Public & Administrative Law

Corporate & Commercial Law

Cross Border Transactions, M&A & Restructures

Data Protection Law

Distribution, Commercial & Franchise Agreements

Employment, Immigration & Citizenship Law

Energy Law

European Union Law

Family Law

Human Rights Law

Intellectual Property Law

Investment Services & Funds

Litigation, Arbitration & Mediation

Public & Private International Law

Shipping & Maritime Law

Taxation Law

Telecommunications, Media & Technology Law

Trusts, Wills & Succession

Sectors

Aviation, Automotive & Transport

Banks, Insurance & Financial Services

Food & Beverage

Healthcare & Pharmaceuticals

Luxury Goods & Retail

Mining & Metals

Private Equity

Private Wealth

Real Estate

Start-Ups

Video Games & Interactive Entertainment

People

Founder

Co-Managing Partners

Senior Partners

Partners

Associate Partners

Senior Associates

Legal Consultants

Associates

Junior Associates

Director

Chrysostomides

Menu

CONTACT US