Privacy Notice

GENERAL

Solon Christou Legal Practice (“SCLP”) is committed to protecting your privacy and any personal information you share with us.

As part of this effort we process personal information in accordance with the EU’s General Data Protection Regulation (“GDPR”) and other data protection regulations applicable to SCLP (“Data Protection Laws”).

This Privacy Notice sets out how SCLP (“we” or “us”) processes personal data of individuals who are clients or other third parties that we interact with, or any individual who is connected to those parties and their rights in respect of that personal data.

WHO WE ARE

We are a legal practice based in Cyprus providing local and international clients with proactive and efficient legal solutions to their business needs.

In respect of privacy related matters we:

  • strive to protect personal data and apply high standards of conduct concerning privacy issues;
  • provide our employees with the appropriate training to handle personal data in accordance with the Data Protection Laws;
  • strive to ensure that any parties with whom we co-operate apply the same high standards concerning data protection matters.
 

WHAT PERSONAL INFORMATION DO WE USE?

We may collect, use, store and transfer different kinds of personal information in the context of providing our services to our clients.

We have grouped the categories of personal information we process as follows:

  • Identity information includes first and last name;
  • contact information (includes email, address, telephone numbers and country of residence);
  • information required to meet legal and regulatory requirements, i.e. in respect of anti-money laundering legislation, including information on source of funds and source of wealth;
  • information provided in the course of the provision of our services (includes information on professional relationships and background, financial wealth and assets held, transactions entered into, tax status, pending disputes or litigation);
  • financial information, such as payment related information;
  • meetings attended;
  • any other information you may provide to us.
 

IMPORTANT NOTICE ON SPECIAL CATEGORY DATA

In certain instances, the personal data that we process may include “Special Category Data” (which includes information on a person’s race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data processed for the purpose of uniquely identifying a natural person, health data, data on a person’s sex life or sexual orientation or data relating to a person’s criminal record or alleged criminal activity). In such instances, legal bases for processing that data may include explicit consent (where the Special Category Data has been provided to us by the data subject for any of the above-listed purposes) or the processing is being necessary for compliance with a legal obligation.

WHY DO WE NEED YOUR PERSONAL INFORMATION?

Purpose

Lawful basis of processing

To provide our services to clients.

In cases where an individual has been provided with this Privacy Notice and provides personal data thereafter, the processing may be carried out on the basis of consent.

It is in our legitimate interest as a provider of legal services to collect and process certain personal data in the context of providing our services to clients.

The processing is necessary to provide legal advice and to perform the engagement contract with the individual for the provision of legal services.

For identity verification and record and for maintaining lists for correspondence.

Processing is necessary for compliance with a legal obligation.

To meet all our legal and regulatory obligations.

Processing is necessary for compliance with a legal obligation.

It is in our legitimate interests as a provider of legal services to process data to the extent necessary to ensure that we meet all our legal and regulatory obligations.

For training purposes.

It is in our legitimate interests as a provider of legal services to process data for training purposes.

To follow up on comments and complaints and improve the services provided to our clients.

In cases where an individual has been provided with this Privacy Notice and provides personal data thereafter, the processing may be carried out on the basis of consent.

It is in our legitimate interest as a provider of legal services to collect and process certain personal data to enable us to follow up on comments and complaints and improve the services provided to our clients.

To perform the engagement contract with the individual for the provision of legal services.

Any other purpose(s) which has been agreed by or notified to you.

We shall not carry out any automated decision-making activities, including profiling, using your personal information.

SOURCES AND RECIPIENTS OF DATA

The sources of data may include clients, intermediaries, data subjects directly, third parties connected to the data subject (for example, their employer or another service provider who provides services to the data subject) or open-source material.

Reasonable endeavours are made to ensure that data is only accessible by those with a need for access to fulfill the purposes set out above.

The following is a list of potential recipients of data:

  • our employees, directors and officers;
  • any sub-contractors, agents or other service providers we work with;
  • law enforcement authorities or court order requesting us to disclose the personal information;
  • regulators or other governmental or supervisory bodies;
  • any registrar of a public register where the data is to be included in a public registry.
 

Unless expressly declared in this Privacy Notice or with the prior consent of the individual, personal data collected from an individual will not be disclosed to any third party other than the above-named parties.

Where we need to engage a third party who may process your personal data, we will set out the respective obligations of each party in an agreement and we will seek to be reasonably satisfied that such third party has measures in place to protect personal information against unauthorised or accidental use, access, disclosure, damage, loss or destruction.

In case we need to share personal data with a third party based outside of the European Union we will review the requirements under the Data Protection Laws to ensure any obligations are met prior to carrying out any such transfer. This may include only transferring the data where we are satisfied that:

  • the non-European Union country has Data Protection Laws similar to the laws in the European Union;
  • the recipient has agreed through contract to protect the information in accordance with the Data Protection Laws;
  • we have obtained consent from relevant data subjects regarding the transfer;
 

HOW DO WE PROTECT YOUR INFORMATION? 

We take our security obligations seriously and take appropriate security measures to protect your personal information from unlawful or unauthorised processing and accidental loss, destruction or damage.

WHAT ARE YOUR RIGHTS?

Request access to your personal data. You may receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of your personal data. You may have any incomplete or inaccurate data we hold about you corrected provided that we verify the accuracy of the new data you provide.

Request erasure of your personal data. You may ask us to delete or remove personal data where there is no justified reason for us continuing to process it. This may not always be possible for specific legal reasons. If this is the case, you will be notified, if applicable, at the time of your request.

Object to processing of your personal data in case you feel it has an impact on your fundamental rights and freedoms.

Requesting restriction of processing of your personal data. You may ask us to suspend the processing of your personal data or request the transfer of your personal data to you or a third party.

Lodge a complaint with your local data protection regulator. Please note that we take complaints seriously and we will openly address any privacy concern you may have so please contact us before taking the matter to the regulator. We are required to respond to any requests within 40 days and will endeavour to do so wherever possible.

How long do we store your information?

We will only retain personal information for as long as necessary to fulfil the purposes for which it was collected. The only exception is when we must comply with applicable legislation, regulatory requests and relevant orders from competent courts.

COOKIES

Our website uses cookies which are tiny text files that are downloaded to your computer by websites you visit to improve your experience. The types of cookies used can be classified into one of three categories:

  1. Strictly Necessary Cookies. These are required for the operation of our website to enable you to use certain features.
  2. Functionality Cookies. These are used to recognize you and remember your preferences when you return to our website.
  3. Analytical / Customization Cookies. These cookies collect information about how users access and move through the website.  Our website uses Google Analytics cookies which may track things such as how long you spend on the website and the pages that you visit.   

The cookies used on our website do not collect information that personally identifies a visitor. You can prevent cookies by adjusting the settings on your browser. By continuing to use our website you agree to the use of cookies as described in this Privacy Notice.

CHANGES TO THIS PRIVACY NOTICE

We reserve the right to update or change this Privacy Notice to ensure that it is in line with any changes to applicable Data Protection Laws. The latest version of this Privacy Notice will always be available on our website.  

This Privacy Notice was last updated in October 2020.

QUESTIONS, COMMENTS OR REQUESTS

For questions, comments and requests regarding this Privacy Notice and to exercise your rights, contact info@solonchristoulaw.com.