Personal Data Protection Policy

 

Contents Definitions - Abbreviations

 

1. Purpose and Scope.

2. What is Personal Data?

3. Who is affected by the processing of Personal Data?

4. What Personal Data does AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD collects?

5. Why does AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD collect Personal Data?

6. How AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD processes the Personal Data it collects?

8. How long does AFXENTIS ZEMENIDES FINANCIAL SERVICES Ltd keeps the Personal Data? 

9. How secured is the Personal Data processed by AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD?

10. To whom does AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD disclose Personal Data and when?

11. What are the rights of the Data Subject?

12. How does AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD handle any Personal Data leaks?

14. Who is the Data Protection Officer of AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD?

15. Corrections and Changes in the Privacy Policy.

 

Definitions - Abbreviations

 

Personal Data is any information relating to an identified or identifiable natural person in life.

 

Controller is any natural or legal person, public authority, service, or other body that, alone or in conjunction with others, determines the purposes and manner of processing personal data.

 

Processor is any natural or legal person, public authority, service, or other entity that processes personal data on behalf of the controller.

 

Data Subject is the natural person to whom the data refers and whose identity is known or can be verified, directly or indirectly, on the basis of an identity number or on the basis of specific data that characterize his condition, in terms of physical, biological, mental, economic, cultural, political or social.

 

Processing is any action or sequence of actions performed automatically or not, on Personal Data or Personal Data Sets. Such actions may be: collection, registration, organization, structuring, storage, adaptation / modification, retrieval, search for information, use, transmission, dissemination / disposal, correlation / combination, restriction, deletion / destruction of Personal Data.

 

The Data Subject Consent is the free, specific, explicit and fully informed statement / acceptance of the Data Subject, with which it agrees as AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD processes its personal data.

 

1. Purpose and Scope

 

This Personal Data Protection Policy concerns the processing of Personal Data by AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD which faithfully applies the provisions of the applicable national Legislation, as amended from time to time, as well as the provisions of Regulation (EU) 2016/679 of 27 April 2016, on the protection of individuals with regard to the processing of personal data and on the free flow of such data (General Data Protection Regulation).

 

The protection of Personal Data is the responsibility of both the Board of Directors and the Management of AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD.

 

Compliance with this Policy applies to all personnel of the company including the Executives and the members of the Board of Directors.

 

The members of the Board of Directors and all the Executives act as standards of conduct in terms of compliance with this Policy.

All Directors of the Organization ensure that the staff under their responsibility comply with this Policy.

 

2. What is Personal Data?

 

Personal Data is any information relating to an identified or identifiable natural person in life.

 

An identified natural person is one whose identity has already been verified.

 

An identifiable natural person is one whose identity can be verified, directly or indirectly, through information such as:

 

name, identity number, passport number, social security number, telephone number, geographical location (GPS) data, photographs, fingerprints or other data relating to the physical, physiological, genetic, psychological, economic, cultural or social identity of the natural person found in life.

 

Aggregate statistical data, from which data subjects can no longer be identified, are not considered as personal data.

 

3. Who is affected by the processing of Personal Data?

 

 AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD processes Personal Data of individuals, such as customers, partners, prospective staff, existing staff, for legal purposes.

 

The processing of Personal Data under this Policy does not apply to legal entities such as companies, organizations, unions, institutions, government agencies and other legal entities.

 

4. What Personal Data does AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD collect?

 

AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD collects the following Personal Data or part thereof, on a case-by-case basis:

 

1. Customers: name, identity number and / or passport number and / or number of a foreign citizen and their copy, telephone, postal address, e-mail address etc.

 

2. Partners: name, ID number and / or passport number, telephone, fax, postal address, e-mail address, VAT number, CV, etc.

 

3. Personnel: name, ID number and / or passport number, Social Security number, birth certificate, telephone, postal address, e-mail address, criminal record certificate, military diploma, photographs, copies of academic and professional qualifications, salary data and development data, evaluations, IBAN and others.

 

4. Candidates for recruitment: name, identity number and / or passport number, Social Security number, birth certificate, telephone, postal address, e-mail address and business address, profession or occupation, military diploma, copies of academic and professional qualifications and others.

 

 

5. Why AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD collects Personal Data?

 

AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD collects Personal Data for the following categories of individuals for the following purposes:

 

1. Customers: For the provision of services and goods.

 

2. Partners: To achieve the goal of cooperation.

 

3. Staff: To achieve the goal of employment.

 

4. Candidates for recruitment: For the purposes of examining the application for recruitment based on the criteria of the respective position.

 

6. How does AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD process the Personal Data it collects?

 

AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD processes the Personal Data:

 

(a) To the extent necessary for the performance of the contract or for taking action upon request, before concluding a contract.

 

(b) To the extent necessary to pursue its legitimate interests.

 

(c) For the purposes of complying with the Legislation or

 

(d) Where the Personal Data Processing Consent Form is signed.

 

 

7. In what ways does AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD collect Personal Data?

 

The above natural persons or otherwise "data subjects", provide the Personal Data to AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD, either themselves, or through their authorized representatives, or through the transmission of Personal Data by a competent body, with the following ways:

 

• By letter or application in printed form.

 

• By electronic means (email, website, Wi-Fi, Software Applications, GPS, camcorders and more).

 

• Orally and by telephone.

 

 

8. How long does AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD keep the Personal Data?

 

AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD retains personal data for as long as is required for their legal processing, namely:

 

For as long as the cooperation and / or employment with the data subjects continues and is necessary for the fulfillment of the purposes that have been collected or for the period of time during which responsibility could arise from the processing, in accordance with the current legislation, or if these purposes disappear, they are not required to be kept within the law, for example for tax reasons. In addition, they are retained until their deletion is requested, or what is retained and processed under consent, until it is revoked, or until the right to object to their processing is exercised.

In order to determine the retention time of your personal data, the nature of the data, the quantity, the purpose of their processing, their security, etc. are taken into account.

 

There is also the right to request the deletion of data.

 

9. How secure is the Personal Data processed by AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD?

 

AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD faithfully applies the provisions of Regulation 2016/679 and takes the appropriate technical, organizational and administrative measures to ensure the protection of personal data processed, from accidental or unlawful destruction, accidental loss, alteration, prohibited dissemination or access or any other form of unfair treatment.

 

All personal data in electronic form is securely stored and additionally protected, through the use of appropriate access controls.

 

Documents in printed and electronic form containing personal data are destroyed in non-recoverable form, where required.

 

10. To whom does AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD disclose Personal Data and when?

 

AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD discloses Personal Data in the following cases:

 

 To a natural or legal person, public authority, service, or other body that AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD has:

 

• entrust the execution of the processing of personal data on its behalf.

 

• To a natural or legal person, public authority, service, or other body if required by any Legislation or court decision or decision of a competent authority.

 

Except as stated above AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD does not disclose or disclose personal data to any third party, without informing the data subject and, if required, securing his prior consent.

 

11. What are the rights of the Data Subject?

 

The Data Controller must inform the Data Subject of his rights.

 

The Regulation gives several rights to the Data Subject such as:

 

Right to Information (Article 12): Has the right to brief, transparent, understandable, and easily accessible information without delay and in any case a response within one month of receipt of the request.

If the data subject 's requests are manifestly unfounded or excessive, in particular because of their repetitive nature AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD may refuse to grant the request.

 

Right to information upon receipt of consent (Articles 13 & 14): AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD, upon receipt of the consent, informs the Data Subject for the purposes of the collection of Personal Data, the processing time, its rights, the categories of data and the source from which the data have not been collected by AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD.

 

Right of access (Article 15): Has the right to obtain a copy of his data and to be fully informed of his data, for the purposes of processing, the categories of data, the storage time, and the criteria for determining the storage time, to whom they have notified and their origin if not collected by AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD.

Right to rectification (Article 16): Has the right to request correction, completion of inaccurate personal data and his request to be satisfied without undue delay.

 

Right to erasure (Article 17): Has the right to request the erasure of the data and his request to be satisfied without delay unless the Controller has a superior legal interest.

 

Right to restriction of processing (Article 18): Has the right to request limitation of processing when the accuracy of the data is disputed, or the processing is illegal or is no longer necessary.

 

Right of disclosure (Article 19): The Controller notifies any data correction or deletion or restriction of processing to each recipient to whom the data was disclosed and informs the Data Subject.

 

Right to data portability (Article 20): Has the right to receive his Data in digital form and transmit it to another organization or to request their direct transmission to another organization.

 

Right to object (Article 21): The processing ceases after the objection, unless the Controller has a superior legal interest.

 

Right to non-automated individual decision-making (Article 22): The data subject has the right not to be subject to a decision taken solely on the basis of automated processing, including profiling, which produces legal effects that affect or significantly affect it in a similar way. 

 

The Data Subject has the right to complain to the Data Protection Commissioner at any time if it believes that any of its rights have been violated.

 

Also, the Data Subject has the right to revoke his statement of consent at any time. The revocation of his consent does not affect the legality of the processing based on it prior to its revocation. In case AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD, as the Head of Personal Data Processing, has a legal interest in maintaining the Personal Data that concerns him, his request for their revocation and / or deletion may not be accepted.

 

12. How does AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD handle any Personal Data leaks?

 

Report in detail, any leaks and / or breaches to the Personal Data Protection Commissioner within 72 hours from the moment he acquires knowledge of the leak / breach.

 

Informs the Data Subject when there is a high risk to his rights and freedoms.

 

13. Who is the Controller and the Executor of the Processing?

 

The Controller is AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD.

 

The Executor is any natural or legal person, public authority, service or other entity that processes personal data under the direction of the company.

 

 

14. Who is the Data Protection Officer of AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD?

 

According to Regulation 2016/679, AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD has appointed a Data Protection Officer (DPO) who is involved, duly and in a timely manner, in all matters related to the protection of personal data. Data subjects can contact the Data Protection Officer for any issue related to the processing of their personal data and the exercise of their rights, in accordance with Regulation 2016/679.

 

The contact details of the DPO are also posted on the website of AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD.

 

The Data Protection Officer is Ms Catalina Mirea .

 

You can contact the DPO at: Omerou 61, Joanna Court, 3rd Floor, 3091 Limassol, P.O.Box 70630, 3801 or at cmirea@zemenides.com.cy .

 

15. Corrections and Changes in the Privacy Policy

 

AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD reserves the right to revise this Personal Data Protection Policy when it deems it necessary. You are therefore encouraged to consult her at regular intervals. The latest version of this Policy is always posted on the website of AFXENTIS ZEMENIDES FINANCIAL SERVICES LTD.

 

 

 This Policy was updated on 14th of June, 2021