Privacy Notice
This site is owned and operated by GP Global Ltd (“company”, "us", "our", "we"). This Privacy Notice will apply when you access https://www.gpglobalcy.com/ (“Website”).
Before proceeding to use this website, you must read the following terms carefully. If for any reason you are dissatisfied with the Privacy Notice of https://www.gpglobalcy.com/, you have the right to stop browsing this website without submitting any personal information.
Users of this website acknowledge that they will not send GP Global Ltd any personal data, if they do not want this information to be processed by GP Global Ltd in the ways described by this Privacy Notice.
1 POLICY STATEMENT
GP Global Ltd (hereinafter the "Company", "we", "our", "us") intends to fully comply with all requirements of the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter the “Regulation”) and of the Law 125(I) of 2018 Providing for the protection of natural persons with regard to the processing of personal data and for the free movement of such data (hereinafter the “Law"), in so far as they affect its activities.
GP Global Ltd is located at 7, Alkaios Str., Alkaios Court, Flat 103, 3090 Limassol – Cyprus. You can contact the Company Tel: 00357-25755911, Fax: 00357-25755660 and email: gpinfo@cytanet.com.cy.
2 INTRODUCTION
GP Global Ltd needs to collect and use the personal data of its employees, visitors, potential clients, active clients and other individuals who are accessing or using the Company’s website(s) and come into contact with the Company.
In collecting and using personal data, the Company is committed to protecting an individual’s right to privacy with regard to the processing of personal data, therefore this Privacy Policy Notice (hereinafter the “Privacy Notice”) is hereby adopted in compliance with the Regulation and with the Law to support this commitment.
The Privacy Notice ensures that GP Global Ltd:
• Complies with the REGULATION (EU) 2016/679
• Complies with the Law 125(I) of 2018
• Protects the rights of individuals related to the Company
• Is open about how the Company collects, uses, stores, accesses, discloses, transfers and destructs individual’s data
• Protects the Company from the risks of a data breach
The Company respects and values your data privacy rights, and makes sure that all personal data collected from you are processed in adherence to the general principles of data protection as set out in the Regulation EU 2016/679. In accordance these principles, the personal data shall be:
• processed lawfully, fairly and in a transparent manner;
• collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
• adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
• accurate and, where necessary, kept up to date;
• kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
• processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against
accidental loss, destruction or damage.
The Policy applies to all personal data that the Company holds relating to identifiable individuals.
3 PROCESSING OF PERSONAL DATA
3.1 Collection
The lawfulness of collection and processing of personal data by the Company is based on:
• the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
• the necessity to comply with its legal obligations;
• the performance of a contract to which the Company is a party or in order to take steps at the reqUest of a prospect client prior to entering into a contract;
• the Company's legitimate interests, such as providing consulting services and managing our business;
3.1.1 Collection of personal data of clients and other individuals
In order to receive more information for your specific request or for any other business relationship, you are requested to complete the “Contact Form” on our website or to send us an email to gpinfo@cytanet.com.cy. By completing the “Contact Form” or contact us through an email providing your personal information, you enable the Company to evaluate your request. The same information will be used by the Company to contact you regarding the offered services.
The Company collects sufficient information of potential clients and other individuals for the evaluation of their specific request for our services.
This information includes:
• Personal information you provide to the Company on the “Contact Form”, such as your name, surname, telephone number and email address,
• Personal information that may be included in the “Message” section of the “Contact Form”,
The Company may ask to collect additional personal data for its clients, update the personal data that processes and collect other additional personal data under any new legal requirement the Company is subject, as well as, personal data information not obtained from the data subject.
The Company will retain the information for no longer than it is necessary for the purposes for which it was collected or for which is to be further processed. In some cases there are legal requirements to keep data for a minimum period.
3.2 Use
The Company applies security measures for the protection of the personal data in use. The Security measures include technical and organizational procedures.
The Company gives access to personal information to employees who need the specific information in order to operate, develop or improve our services. These individuals are bound by confidentiality and will be subject to penalties if they fail to meet these obligations.
3.2.1 Use of personal data of clients and other individuals
Personal data collected shall be used by the Company for providing its services requested by the client.
The personal data collected by other individuals is in use by the Company for a specific purpose. Examples of such specific purposes are among others:
• The use of personal data of an individual who has contacted the Company for a specific request (e.g. request for a business relationship) for providing more
information to this individual on the specific request,
• The use of personal data of individual who have applied for an open job position of the Company.
The Company may use your personal information for one or more of the following purposes:
• to provide the services you have requested;
• to inform you about products and/or services that may be of interest to you;
• to keep you updated on the issues that are relevant to your business relationship with us;
• to analyse statistical data to enable us to provide you with better products and/or services;
• to enhance the security controls of the Company’s networks and systems;
• to identify, assess, mitigate, prevent and investigate fraudulent activity of any kind that is forbidden by the relevant legislation;
• to defend possible legal claims;
3.3 Storage of personal data
The Company applies relevant measures to protect the personal data that processes against any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access as well as against any other unlawful processing.
The Company keeps personal data physically/on Paper and electronically.
3.4 Disclosure
Personal data under the custody of the company shall be disclosed only pursuant to a lawful purpose and to authorized recipients of such data. Authorized recipients may include third parties with whom the Company has a contractual agreement for the provision of a service and shall refer as partners of the Company. The Company shall take all the necessary efforts in order the Company’s partners maintain the privacy of your information in accordance with the Regulation and Law.
Where the Company uses the services of third parties that assist the Company in providing services to you and they are not partners as defined in the above paragraph, these third parties are required to maintain the confidentiality of such information and to use your personal information only in the course of providing such services for the purposes that the Company dictates and within the ambit of the Regulation and Law.
Authorized recipients of Personal Data may be for example:
• technological experts who are appointed by the Company to support the smooth operation of Company’s systems;
• companies providing accounting services;
• companies providing legal services;
• external consultant’s;
• Data Protection Officer in case the Company decides to be outsourced;
• Governmental authorities and regulatory bodies.
3.5 Transfer
Where the Company will transfer personal data to a third country or international organization, the Company will ensure that:
a) there is a decision by the Commission that the third country, the territory or one or more specified sectors within that third country, or the international organization in
question, ensures an adequate level of protection; or
b) appropriate safeguards in accordance with the Regulation are in place and on condition that enforceable data subject rights and effective legal remedies for data
subjects are available; or
c) when there is an absence of a decision by the Commission as described above and appropriate safeguards are not in place, the transfer shall take place in
accordance with the relevant provisions of the Regulation
Where the Company cannot ensure that the transfer is based on any of the provisions under point a) and b) above and none of the specific conditions referred under point c) above is applicable, the Company may transfer personal data to a third country or to an international organization only if the transfer complies with the provisions of relevant article of the Regulation.
3.6 Impact Assessment
The Company shall conduct a Privacy Impact Assessment (PIA) relative to all activities, projects and systems involving the processing of personal data prior to a type of processing that in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of data subjects.
3.7 Destruction
After the storage period, as defined below under the paragraph “4. For how long the Company keeps your personal data", is ended, the Company will destroy hard copies of personal data and personal data that are kept electronically.
4 FOR HOW LONG THE COMPANY KEEPS YOUR PERSONAL DATA
The Company will retain the information for no longer than it is necessary for the purposes for which it was collected or for which is to be further processed. The Company will keep personal data of clients during the time of business relationship.
In some cases there are legal requirements to keep data for a minimum period, e.g. for accounting and tax purposes requirements.
5 SUBJECT TO CONSENT
By continuing to use https://www.gpglobalcy.com/ and by accepting this Privacy Notice and the Cookies Policy, you consent to the collection and processing of your personal data as described in this Privacy Notice and the Cookies Policy.
You can withdraw your consent at any time by contacting us at gpinfo@cytanet.com.cy. Please note that the processing of your personal data is necessary in order to provide you with our services.
6 PROCESSING FOR OTHER REASON
The Company will ask to receive data subject’s consent in any case it will process data subject’s personal data for a purpose other than that for which personal data has been collected.
7 DATA SUBJECTS RIGHTS
All individuals who are the data subject of personal data held by the Company are entitled to the below rights as these are defined in Regulation and in the Law, unless these rights are subject to a restriction under the same Regulation and Law:
• Right of access. You have the right to request a copy of your personal data which the Company holds about you. The Company will provide a copy of your personal
data that is undergoing processing. For any further copies requested by you, the Company may charge a reasonable fee based on administrative costs.
You can send an email to gpinfo@cytanet.com.cy asking for a copy of your personal data that is undergoing processing.
• Right to rectification. You have the right to request from the Company to rectify any inaccurate personal data concerning you.
• Right to erasure. You have the right, under certain circumstances as these are defined in the Regulation,to obtain from the Company the erasure of your personal
data.
• Right to restriction of processing. Where there is a dispute in relation to the accuracy or processing your personal data, you have the right to request a restriction
on further processing, in accordance the Regulation.
• Right to data portability. Where the processing is based on consent or on a contract and the processing is carried out by automated means, you have the right to
receive the personal data and to transmit this data to another controller.
• Right to object. Where applicable under the Regulation, you have the right to object to the processing of your personal data.
• Right not to be subject to a decision based solely on automated processing, including profiling.
The Company does not use automated decision-making, including profiling.
• Right to withdraw your consent. Where the processing is based on your consent, you have the right to withdraw your consent at any time.
To withdraw your consent, send an email to gpinfo@cytanet.com.cy asking for the withdrawal of your consent.
• Right to lodge a complaint with a competent authority.
In such case, the company asks the data subject in the first instance to contact the Company at the email gpinfo@cytanet.com.cy.
The Client can exercise any of the above rights by contacting the Company through email at gpinfo@cytanet.com.cy.
The requested information will be provided free of charge. The Company reserves the right to charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested; or refuse to act on the request, if in case your request is manifestly unfounded or excessive.
8 IP ADDRESSES
www.gpglobalcy.com may collect information about your computer, including, where available, your IP address, operating system browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns. This information is used by www.gpglobalcy.com for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the www.gpglobalcy.com.
9 COOKIES
Cookies are bits of electronic information that a Website can transfer to your hard drive to help tailor and keep records of your visit to that Website. If you visit www.gpglobalcy.com ("Website"), cookies are used to allow us to recognize a user’s device so that we can provide our service to you. Cookies are not programs that come onto your system and damage files. Cookies don't tell us who you are or give us any personal details about you. Generally, cookies work by assigning a unique number to you that has no meaning outside the assigning site.
The Company uses cookies to continually improve your experience with our Website, products and services, for example making the Website quicker and in order to remember your previous interactions with the Website.
For more details about the use of Cookies by our Company, please refer to our “Cookies Policy”.
10 BREACH OF SECURITY AND SECURITY INCIDENTS
Breach of security leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. The Company is responsible for ensuring immediate action in the event of a security incident or personal data breach.
The Company has in place procedures to deal with any suspected personal data breach and will notify you and the relevant competent regulator (http://www.dataprotection.gov.cy) for the breach where the Company is legally required to do so. If you require further information on how the Company deals with a Data Breach, please contact us at gpinfo@cytanet.com.cy.
11 MARKETING INFORMATION
GP Global Ltd may periodically send promotional emails about new services, special offers, newsletters or other information which we think you may find interesting. From time to time, we may also use your information to contact you for market research purposes, although you do not have to respond to them. We may contact you by email, phone, fax or mail when available. We may use the information to customize the website according to your interests.
In this respect, when we send you a marketing email, you will have automatically the opportunity to object to the use of your electronic contact details, free of charge and in an easy manner and you may automatically opt out of further promotional offers.
12 SECURITY AND CONFIDENTIALITY
We recognize the importance of guarding the security of your personal information and on-line communications. We have measures in place to protect against accidental loss and destruction. We give access to personal data that is collected about you only to those who actually need this information for the purpose of providing to you our services. We employ individuals, who are suitably qualified, possess the necessary technical knowledge and personal integrity for maintaining confidentiality. Additionally, we maintain physical, electronic, and procedural safeguards to guard your personal data.
The transmission of information via the Internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data as it is transmitted and stored.
13 LINKS TO OTHER WEBSITES
This Privacy Notice applies only to www.gpglobalcy.com, excluding third party websites as we may provide links to other websites which we believe may be of interest to our visitors. We want to believe that these websites are of the highest standard. However, due to the nature of the World Wide Web, we cannot guarantee the standards of every linked website or be responsible for their content. We undertake no liability regarding the contents of the said Links and third party websites in general, since they should have their own privacy policy. Please check these policies before you submit any data to these third party websites. For any problems arising during the use of the Links, users must directly refer to the relevant websites which are responsible for the provision of their services.
14 INQUIRIES AND COMPLAINTS
The Company has assigned a Data Protection Officer. For any type of inquiry relevant to the processing of personal data, the data subject may contact the Company at:
Tel: +357 25755911
Fax: +357 25755660
In case of a complaint, the Company asks the data subject to contact GP Global Ltd at first instance at the email consultancy@cytanet.com.cy.
For any type of inquiry or complaint, the Company may request the provision of additional information necessary to confirm the identity of the data subject who makes the request or complaint.
15 VALIDITY
This Privacy Notice is effective this 26 day of May, 2020, until revoked or amended by the Company.
The Company reserves the right to change or amend the Privacy Notice without further notice to you, provided that the changes do not significantly reduce your rights under the Privacy Notice. If the Company makes material changes to the Privacy Notice, the Company will notify you by email or by means of a notice on our home page or by changing the version of the document including the date of the update which will be visible to the first page of this document. The latest and prevailing version of the Privacy Notice will at all times be available at www.gpglobalcy.com. Any revised Privacy Notice will be effective immediately upon posting on our Web Site.
16 LEGAL DISCLAIMER
The Company reserves the right to disclose your personal data as required by the Regulation and the Law and when the Company believes that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process served. The Company will not be liable for misuse or loss of personal data resulting from cookies on the Company’s site(s) that the Company does not have access to or control over. The Company will not be liable for unlawful or unauthorized use of your personal data due to misuse or misplacement of your passwords, negligence or maliciousness.
17 APPLICABLE LAW
This Privacy Policy Notice is subject to the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 and Laws of Cyprus.
This policy was last updated on 26/05/2020