Privacy policy

This Privacy Notice contains information with regards to the rights you have in the Processing of your Personal Data, how you may reach us or get in touch with the relevant authority for submitting a claim, if needed, and also informs you how the Company collects, uses and/or transfers your Personal Data. 

 

 

Important Definitions

Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.

Processing means any operation or set of operations which is performed on Personal Data, by automated means or otherwise, including: collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Personal Data means any information relating to an identified or identifiable natural person (‘Data Subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Company: Hogerum Limited
Adress: Menandrou, 4 GALA Tower, 2nd floor, flat/office 201, 1066 Nicosia, 82, Cyprus
Email: office@hogerum.cy

Profiling means any form of automated Processing of Personal Data consisting of the use of Personal Data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, personal preferences, interests, reliability, behaviour, location or movements.

General Data Protection Regulation (GDPR)

As of 25th of May 2018, the General Data Protection Regulation (the “GDPR” and/or “Regulation”) 2016/679 became enforceable with direct applicability on all EU members and members of the European Economic Area. Thus, all member states shall harmonize data privacy loss across Europe.

The objective of this Regulation is the protection of natural persons with regards to the Processing of Personal Data and on the free movement of such data and this is addressed to all persons with whom the Company (as this is defined below) will be engaged into a business relationship with.

The Company strives to protect the privacy and the confidentiality of Personal Data that the Company collects and processes in connection with the services it provides to clients. Thus, the Company undertakes to meet its obligation under the EU General Data Protection Regulation (GDPR).

The Company is the Controller as well as Processor of Personal Data it receives in connection with its services provided under relevant engagement with its clients.

 

The Company does not use your Personal Data for Profiling.

1. What we need
Our Data Protection Policy governs the use and storage of your data.
We collect and process the following types of Personal Data from you:
 Contact details (including names, postal addresses, email addresses, telephone and fax numbers);
 Identification documents and details (including passports and IDs, social security and tax identification number);
 Verification of residential address;
 Professional information;
 Bank/Lawyer/Auditor reference letter;
 Personal financial information (including size and source of wealth, income and other financial information);
 Anti-fraud data (including information about fraud and criminal convictions, allegations of crimes and sanctions details received from various anti-fraud and sanctions databases, or regulators or law enforcement agencies);
 Website and communication usage (including details of your visits to our websites and information collected through cookies and other tracking technologies, including but not limited to, your IP address and domain name);
 Where necessary and legally permitted, we may also collect more sensitive data.
Where you are providing us with information about a person other than yourself, you agree to notify them of their use of Personal Data and to obtain such consent for us, if needed.

2. Why we need it
We collect and use this Personal Data to provide our services to you. If you do not provide personal data we as for, it may prevent us from providing our services to you.
In this section, we set out the purposes for which we collect and process Personal Data of our clients:
 To provide you with, and to improve, our services;
 To deal with your inquiries and requests;
 To contact you in the course of providing services to our clients;
 To provide you with any other information that you request from us;
 To comply with our legal and professional responsibilities; and
 Where we have other legitimate reasons, such as for internal compliance and security purposes.

3. Sharing your information
The personal data you provide to our Company may be shared, consistent with applicable law and regulations, as follows:
 With affiliates and subsidiaries of our Company;
 With third parties such as contractors, advisers, agents, banks, regulators and third-party service providers that provide services to our Company, such as companies that provide record and information management services;
 With law enforcement agencies if our Company reasonably believes unlawful activities have occurred;
 As required by law or court order.
Cross-Border Transfer of Personal Information Outside the EEA
Countries outside the European Economic Area (EEA) often do not offer the same level of protections and guarantees for Personal Data as the countries within the EEA. Thus, our Company does not transfer your personal information outside of the EEA unless the transfer is justified on specific legal ground/s as mentioned in GDPR such as model contractual clauses, individual’s consent or other legal grounds permitted by GDPR.
In the event of a cross-border transfer of Personal Data outside the EEA, our Company will follow the GDPR guidelines to ensure the level of data protection is not undermined.

4. How long we keep it
Under Cyprus law and EU regulations and directives regarding prevention and suppression of anti-money laundering and terrorist financing activities, we are required to keep your documents up to 7 years (ie 5 years for compliance purposes and 7 years for tax purposes) as of the termination of the business relationship or one-off transaction, or where the business relationship or one-off transaction is not formally terminated, as of the completion of the last transaction made in the course of the business relationship. After this period, your Personal Data will be irreversibly destroyed. For more information, please do not hesitate to request our Data Protection Policy.

Any Personal Data held by us for marketing and service update notifications will be kept by us until such time that you notify us that you no longer wish to receive this information.

5. What are your rights?
Should you believe that any Personal Data we hold on you is incorrect or incomplete, you have the ability to request to see this information, rectify it or have it deleted (Article 16 of the Regulation) by sending a request with subject “Data Subject Access Request Form” to email office@hogerum.cy.
You, as an individual, have a number of rights when it comes to the processing and privacy of your Personal Data:
(a) Right of access: you have the right of access and modification of your Personal Data;
(b) Right of rectifications and erasure: you have the right to request the rectification of your Personal Data in case these are inaccurate as well as the right to request the erasure of such Personal Data (the right to be forgotten);
(c) Right to object to or restrict the processing of personal data;
(d) Right to data portability: you have the right to receive the personal data collected from us in a structured, commonly used and machine-readable format as well as the right to request the transmission of those data to another controller;
(e) The right to object to automated decision-making, including profiling: you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you;
(f) The right to lodge a complaint with a supervisory authority: you have the right to submit a complaint with the supervisory authority in the particular Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes the provisions of the GDPR and/or applicable legislation.
If you still feel that your Personal Data has not been handled appropriately according to the law, you can contact the Office of the Commissioner for Personal Data Protection in Cyprus and file a complaint with them at:

Company: Hogerum Limited
Adress: Menandrou, 4 GALA Tower, 2nd floor, flat/office 201, 1066 Nicosia, 82, Cyprus
Email: office@hogerum.cy

Changes to our Privacy Policy
Any changes we make to our Privacy Policy in the future will be posted on this page. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data and any updates to our data processing practices.