Declaration for Privacy and Protection of Personal Data
Last updated on 27/3/2019
Eurofast [Chytron 5, Agioi Omologites, Nicosia, Cyprus, tel.: +357 22 699 222, firstname.lastname@example.org], acting as a Data Controller, is dedicated to protecting your personal data made available to us and we try our best to process your information in a transparent manner, compliant to the provisions of the General Data Protection Regulation (EU/2016/679) and in conformity with the applicable legislation.
What Information we collect
This policy applies to data from which any living individual is identified or identifiable whether directly or indirectly. Specifically, we collect and process the following categories of personal data concerning you:
- Information provided by you through our website, https://eurofast.eu/. This information includes your first and last name, your email address, preferred language; and any other information you voluntarily disclose in your message about you.
- Your CV or resume and any information contained in the cover letter you send to us using the career form provided for in our website.
- Information deriving from your electronic signature or business cards, such as name, title, telephone number, email, postal address, fax etc.
- We do not purposely collect sensitive or special category personal information (i.e., data relating to race or ethnic origin, medical or health conditions etc.) from users. However, in case you voluntarily disclose such information, you will need to provide Eurofast Global Ltd with your explicit consent to use that information for its legitimate business purposes and consent to the transfer and storage of such information to our computerized database;
- When you visit our website, we may automatically collect your Internet Protocol (IP) address, as well as information from cookies, provided that you accept cookies to be stored on your device. For more details, read our Cookies Policy below.
Before providing us with personal data relating to a third party, you have the responsibility and the obligation to inform that person about the content of this Policy.
Our methods of collecting & storing your data
We collect the above described personal data:
- Directly by our website users via our website and social media applications linked to our website;
- Through cookies that may collect personal data;
We store your data in a physical structured filing system as well as in our digital archive (DMS, email accounts and server), where limited access is granted to authorised people within our Group, depending on the nature of the communication and the correspondent processing. These two methods of keeping may not exist simultaneously, in the sense that some personal data are kept in our computerized database whereas others may be stored in hard copies.
The purposes of using your data
We process the personal data that we collect when you engage with us in order to:
- respond to requests/inquiries that you submit via our website;
- enter into an agreement for the provision of services to you;
- manage newsletter subscriptions and marketing requests;
- stay connected with our subscribers and clientele;
- evaluate your CV or resume when you apply for a specific job position with Eurofast or any of the companies of the Group within or outside the EU and recruit personnel if the application is successful;
- protect our rights and that of our users;
- improve our website and our content and services;
- abide by our corporate policy on anti-money laundering.
The legal basis for processing your personal data and data disclosure
- Consent: By registering online or submitting your personal information to Eurofast, you are also agreeing to the use of that information according to this statement. Your information is not used for other purposes, unless we have your explicit consent or it is permitted by law or there is other basis for processing of personal data as following. You have the right to withdraw your consent at any time (for instance, with regards to our newsletters and promotional material), unless it is provided for otherwise by applicable law or authority.
- The process of carrying out a contract with you: We process your personal data because it is mandatory for the performance of a contract to which you are a party, or in order to take measures at your request prior to entering into a contract. In such case we use your personal data for the following purposes:
- To prepare a proposal for you in connection with the services we offer.
- To provide you with the services as agreed upon in our Terms of Engagement or as otherwise set out with your compliance from time to time.
- To deal with any complaints or feedback you may have.
- For any other purpose for which you have provided us with your personal data.
In such case we may share your personal data with or to transfer it to:
- Your advisors intermediaries, agents or custodians of your assets who you have informed us about.
- Third parties who are engaged by us to assist in delivering the service to you (including other companies).
- Our professional advisors where it is essential for us to acquire their advice or assistance this may include lawyers, accountants, IT or public relations advisors.
- Other third parties such as intermediaries introduced to you by us. These parties will be made known to you (wherever possible) before they are introduced to you.
- Our data storage providers.
- To other companies of Eurofast Global Ltd for a job vacancy in a jurisdiction for which you apply or for which your profile would suit
iii) Legitimate interests: Your personal data is also processed by us because it is mandatory for our legitimate interests or those of another person. In such case we use your personal data as follows:
- for marketing to you (see separate section of marketing below)
- for training our staff to monitor their performance.
- for administration and management purposes of our business including recovering money owed to us by you and archiving or statistical analysis.
- For seeking advice concerning our rights and obligations such as when we require our own legal advice.
In this respect we will share your personal data with the following:
- Our agents or advisors where this is essential for us to acquire their assistance or advice.
- With third parties and their advisors where those third parties and their advisors are acquiring or are considering acquiring all or part of our business.
- iv) Legal obligations: We also process your personal data in order to comply with the legal obligations which we are under. In this respect we will use your personal data as follows:
- to meet with our compliance and regulatory obligations such as complying with anti-money laundering laws.
- As required by tax authorities, social security contribution authorities or any other competent judicial or public authority, according to the applicable law.
In this circumstances we will share your personal data as follows:
- With our advisors where it is essential for us to obtain their advice or assistance.
- With our auditors where this is required as part of their auditing functions.
- With third parties who assist us in carrying out background check
- With relevant regulators or law enforcement agencies where this is required of us.
Eurofast Global Ltd. website enables sharing material via social media applications, such as Twitter, Facebook, LinkedIn and Instagram. These social media applications may collect and use information regarding your use of our website. Any personal information that you provide via such social media applications may be collected and used by other members of that social media application and such interactions are governed by the privacy policies of the companies that provide the application. Hence, we do not have control over, therefore no responsibility for those companies or their use of your personal information.
Marketing & newsletters
Through our website you have the option to subscribe to our newsroom, by providing us with your full name, email address and your consent on provided options. In this way, you will be sent marketing material about similar services provided by us, as well as other information in the form of newsletters and invitations to functions or events, which, in our opinion, may interest you. This information will be communicated to you on your email address. You have the right to access and correct the information that we collect about you by sending your email to email@example.com or your request in written at Chytron 5, Agioi Omologites, Nicosia, Cyprus. At any given time, you can withdraw your consent and automatically unsubscribe from our mailing list by clicking on the unsubscribe option provided for on our website (link).
In case we have obtained your business card for instance in a networking event, we consider that we have your oral consent to engage in marketing communications with you via newsletter or other marketing material as long as the purpose and terms of our communication fall under the agreed framework. We will not process your data for purposes other than the ones agreed, not before obtaining your explicit and unambiguous consent to use this data. In any case, you will be given the opportunity to unsubscribe in every newsletter communication that will be directed to you.
Cookies & Web Beacons
We will request your consent to place cookies on your computer or device through which you access our website. In this way you can control the cookies in use. Please note that by blocking specific cookies, you may impact your user experience and parts of this Website may no longer be fully accessible.
For more information about the cookies we use, please follow the link to our cookie notice which is part of this Privacy Statement.
We occasionally advertise on third party websites. As part of our effort to monitor the success of our advertising campaigns, we may use a visitor identification technology such as “web beacons” that counts visitors who have come to our website after being exposed to a Eurofast banner ad on a third party site. We do not use this technology to access your personal data; it is only used for statistics about visitors who come to Eurofast.eu and to check the effectiveness of our ads.
Transfer and processing of your personal data to third parties in the EU or outside the EU
In the framework of the effective delivery of our services, we may disclose or transfer your personal data to third parties that provide services to our network; and to authorities (such as tax authorities and courts) that reasonably require access to your personal data. In general, we disclose your information to our authorized employees and agents, who are responsible for managing and fulfilling obligations related to your application or in the event that your case requires information that fall under another jurisdiction that another Eurofast office/branch may be more competent. We also disclose information for recruitment purposes, should you apply for a position in the specific office of our network. We also share your information with our associates or external partners, who provide and administer services related to recruitment procedures e.g. the collection, sorting and evaluation of applications received and CVs.
When sharing your personal data with parties outside the European Union, your personal data will only be transferred based on any of the following:
- that the country where we send your personal data is approved by the European Commission as providing an adequate level of protection for such personal data
- that the transfer is to a recipient in the USA who is registered under the EU/US privacy shield.
- That the recipient has entered into European Commission standard contractual clause with us.
- That we have explicitly consented to the same.
In any case, our employees, affiliates and third parties are bound by written contracts of data protection, pursuant to the data protection legislation.
- You may obtain access to and copies of your personal data from our archive.
- You may demand that we cease processing your personal data.
- You may demand that we cease sending you marketing communications.
- You may demand that we erase your personal data.
- You may demand that we minimise or restrict our data processing activities.
- You may demand that we correct your personal data which we have in our possession if it is incorrect or complete it.
The above rights are not restrictive or absolute. We are obliged to answer to the relevant request(s) within one month from the submission of the said request, however, we may have the right to refuse any request if the law permits/obliges us so. If the request does not meet the requirements of applicable law, we reserve the right either to: (a) impose a reasonable fee, taking into account the administrative costs of providing the information or communicating or executing the requested action, or (b) reject your request.
If you wish to exercise any of your rights or if you have any concerns relating to the protection of your personal data please contact us at: firstname.lastname@example.org.
If you are not satisfied with our methods of processing your personal data you may submit a complaint before the Office of the Commissioner for Personal Data Protection of Cyprus by using its website www.dataprotection.gov.cy, following the procedure stated on its website.
Measures for the protection of your personal information
Taking into account the state of the art, the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing, we implement and use a range of technical and organizational measures that ensure a level of data security appropriate for the level of risk presented by processing personal data. These measures include:
- Briefing, orientation and training of staff and decision makers to ensure they are aware of our privacy obligations when processing personal data;
- Binding confidentiality and data protection clauses in employment and collaboration contacts;
- Technical security measures, including firewalls and anti-virus software and PC passwords;
- Limited access to HR documents on a role basis, including anonymization of physical folders and strong password lock of files on server.
- Staff security passwords to access our premises;
- Restoration of availability and access to personal data in a timely manner in the event of a physical or technical incident;
- Process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
- Security breach notification process at the Data Protection Authority; if necessary, notification process to the affected data subjects.
- Appointment of Data Protection Officer (DPO) who can be reached at email@example.com.
Retention of your data
Your information will be retained for communication purposes for as long as the relevant activity or offered service dictates. If there is a client agreement for the provision of services by Eurofast Global Ltd, we will maintain your data as long as we provide to you services, or after termination of the contract, for as long as the applicable law provides so or a legitimate interest (claims etc.) of ours exist. In case you do not wish us to use your data anymore or update it, please send to us a relevant request to delete or update your data at the email address: firstname.lastname@example.org.
Regarding the Information we receive for recruitment purposes, if the application is not successful or if the employment proposal is not accepted, we will delete your personal data and any other relevant information, from our physical and/or electronic records, within 6 months from the date of the applicable closing event.
If your application for employment is successful, we will be obliged to use your information as long as the employment agreement is in force and the law provides for after its termination, or for as long as eventual court or extra judicial proceedings last to defend against legal claims. We can delete your data earlier from our records, upon your request, only to the extent allowed.
Especially when personal data has been collected by us as required by the anti-money laundering legislation, including for screening and reporting and identification, we will keep that personal data in our possession for five years following the termination of our client relationship, unless we obliged to retain this information by another law, or for the purposes of court procedures (see article 30 and 31 of Law 4557/2018 as it stands for your reference).
Update of Privacy Notice
Please check this page periodically if you wish to monitor changes that may be implemented, as we try to keep our privacy policies updated.