Privacy Notice
- Details
- Category: Content
- Published: Friday, 01 June 2018 13:13
- Written by Super User
- Hits: 20308
PRIVACY NOTICE
About this Privacy Notice
This Privacy Notice is addressed to all natural persons in contractual, or intended contractual relationship with AAA Regent Consultants Limited. For this purpose it is written in the second person to emphasize the importance of how it is related to "you".
Therefore, please read this Privacy Notice carefully as it contains important information on:
• The personal data that we collect about you.
• Why we collect and What we do with your data.
• Who your data might be shared with.
• Your rights and our obligations.
• How the data we collect is maintained.
1. Introduction
Relevant Laws
The relevant laws to the present Notice are "the Processing of Personal Data (Protection of Individuals) Law of 2001" (as amended from time to time) of the Republic of Cyprus, the "EU General Data Protection Regulation (Regulation [EU] 2016/679) ("GDPR") and other applicable data protection legislation that may be enacted from time to time (collectively the "Law") and which impose a number of obligations on data controllers and data processors in relation to the processing of personal data and grant rights to physical persons on how their personal data is collected, stored, processed, maintained or otherwise handled.
Law 196(I)/2012 regulating Companies providing Administrative Services and Related Matters of 2012 as amended from time to time, being the law under which AAA Regent Consultants Limited is licensed to provide relevant services.
The Prevention and Suppression of Money Laundering and Terrorist Financing Laws (2007-2013) has also a significant impact on the present notice as it directly relates to the collection and processing of data in order to assess and monitor risk.
(Collectively the "Law")
The entity responsible for data processing
AAA Regent Consultants Limited
Registration No.: HE 138286
Registered office and address of operations: Demosthenis Severis Avenue 11,1st Floor, Office 1, 1080 Nicosia, Cyprus
Tel.: +35722879702
Fax: +35722355551
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Website: www.aaaregent.com
The entity is duly registered with The Office of the Commissioner for Personal Data Protection in Cyprus.
2. Definitions
Words in the singular shall include the plural and vice versa. Also, words representing the masculine gender shall be deemed to include the feminine gender.
AAA Regent Consultants Limited is the entity responsible for data control and processing and is herein referred to interchangeably as AAA, we, us, our (s) or the Company.
Client is, in the context of the present Privacy Notice, any natural person with whom AAA Regent Consultants Limited has a contractual relationship to provide service(s) directly or indirectly.
Data Processing covers a wide range of operations performed on personal data, by manual or automated means or a combination thereof. It includes the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.
Data Controller means the natural or legal person, or any other body which alone or jointly determines the purposes and means of the processing of personal data.
Data Processor means a natural or legal person, or any other body which processes personal data on behalf of the Data Controller.
Data Subject means an identifiable natural person to whom the data relate and whose identity is known or may be ascertained directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural and social identity.
Data Subject Rights means the rights recognized to the Data Subject pursuant to the relevant applicable data protection legislation and the GDPR and of the EU Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data.
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
Services means the all types of services required to be provided by AAA Regent Consultants Limited as listed on our website and other specialised services that may be agreed upon with clients.
Special Categories of Personal Data means Personal Data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation, including data relating to criminal convictions and offences or related security measures.
Supervisory Authority, in the context of the present Privacy Notice, means The Office of the Commissioner for Personal Data Protection in Cyprus (the "Commissioner"), the authority which has the competence of monitoring and enforcing the application of the relevant data protection laws with respect to the processing of the Client personal data.
3. Purpose for which AAA Regent Consultants Limited collects and the way we intend to process personal data
Framework for Collecting Information
We collect information on the basis of the requirements of the Laws and if you choose not to provide us with any personal information that would contravene our necessity to abide to the provisions of the Laws, we are obliged to deny and/or interrupt our services to you without any further liability on our behalf.
We collect personal information about you only if you so wish and choose to provide it to us in order to apply for the provision of any of our services. There may have been cases whereby you may have previously provided your personal information to us as a former customer and the data retention period has not yet lapsed. By submitting personal information to AAA you are also acknowledging that AAA may use this information in accordance with this Privacy Notice.
Following from the previous paragraph your personal information is not used for any purposes other than those listed in this document and by providing your information to us you are also giving us your permission to process it for the purpose of providing you with our services and in accordance with the requirements of the Laws.
What Information we collect
In general, we collect and generate the following information:
1. Individual personal information (e.g. name, previous names, date and place of birth).
2. Individual personal contact details (e.g. residential address, business addreass and/or correspondence address, email address, fixed and mobile telephony numbers).
3. Personal Identity information like photo-bearing National Identity Card, International Passport, personal utility bills, CV (curriculum vitae), national tax residence numbers and other personal identification documentation.
4. Personal Financial information including value and type of assets, sources of income, how wealth was accumulated.
5. Third party confirmation for your business conduct such as a bank reference or a reference from other professional firms or bodies or from professional firms or bodies duly licensed to keep authoritative registers and offer at a fee information that is generally publicly available and required for compliance purposes, for risk rating information like credit risk rating and transactional behavior and investigative data like due diligence checks, sanctions and anti-money laundering checks.
6. Data and/or records of correspondence related to relevant exchanges of information – primarily email(s) obtained through a such formal exchange.
7. Information to fulfill regulatory obligations.
We may collect "sensitive" personal data when the relevant individuals have explicitly provided us with their consent or where such information is otherwise required or permitted to be collected by Law.
What we do not Collect
We neither collect, nor process:
1. information captured in customer documentation or data exchange such as application forms or advice documents or via telephone (e.g. records of advice).
2. marketing and promotional information (e.g. details of the services and your preferences).
3. information from any social media provider.
4. information through the use of technologies used to remember your preferences and tailor content.
4. Why we Collect Personal Information and the Legal Grounds
AAA Regent Consultants generally collect only the personal information necessary to fulfill your requests and to provide you with the requested and/or agreed services. Where additional, optional information is sought, you will be notified of this at the point of collection. The applicable Law allows us to process personal data, so long as we have a ground under the Law to do so. At the time you as a client requested and/or instructed us to provide you with our services, you gave us your consent to process your personal data for the purposes listed above.
As a result, when we process personal data, we will rely on one of the following processing conditions:
• Performance of a contract: this is when the processing of personal data is necessary in order to perform our obligations under a contract but also to be able to complete our acceptance procedure so as to enter into a contract;
• Legal obligation or for public interest: this is when we are required to process your personal data in order to comply with a legal obligation such as keeping records for complying with any tax obligations and anti-money laundering requirements, other regulatory purposes, or providing information to a public body or law enforcement organization;
• Legitimate interests: where necessary, we may process data where there is a legitimate interest for us or a third party in pursuing commercial and business interests, except where such interests are overridden by your interests, fundamental rights and freedoms; or
• Your consent: we may occasionally ask you for specific permission to process some of your personal information for some or more specific purposes, and we will only process your personal information in this way if you agree to us doing so. You may withdraw your consent at a ny time by contacting us through the channels given above.
It is a requirement of our engagement and contract with you that you provide us with the personal data that we request in order for us to provide the Services. If such information is not provided, we will not be able to commence with the provision of the service or will need to cease to act.
In general, we process personal data for the following purposes:
1. to enable us to supply professional services to our clients;
2. to process financial transactions on our clients' behalf and/or as instructed by them.
3. to invoice our clients for our services
4. to maintain appropriate client records as may be required under the applicable law.
5. to make proper client risk assessment.
5. Persons and organizations to whom we may give personal data
Throughout the course of providing our Services to you and in order to fulfill our legal obligations, we may be required to share your personal data with the following persons, organizations and public authorities:
• The Cyprus Securities and Exchange Commission.
• The Registrar of Companies.
• The Unit for Combating Money Laundering (MOKAS).
• The Department of Taxation.
• Banks for opening relevant bank accounts and in accordance with your instructions.
• Auditors in order for them to comply with the laws governing their own legal and AML requirements.
• Where there is a court order obliging us to so, we may share your personal data with the Police or other law enforcement agencies.
Also, in case you request us to provide you with services that may extend outside the EU jusrisdiction we may need to provide data to a partner and or public authority operating in such other jurisdiction and your consent to this shall be specifically requested.
6. Retention of Information
In the event that you cease to be a client of ours, according to our Data Retention Policy, and in compliance with instructions given to us by the Commissioner, we shall retain your data for a period of of five (5) years in the current archives. For a further two (2) years we shall retain your personal data in a restricted archive in order to comply with the provisions of the Department of Taxation, where this is applicable and or deemed necessary. Following the expiration of the seven-year period and provided no legal proceedings or other investigations from a public office of the Republic of Cyprus or other have commenced, the data shall be permanently deleted from our records and archives.
If we have communicated to you that your application to become a client of ours has been rejected and/or in the event that you have withdrawn your application, we shall retain your data for three (3) months from any such communication and/or withdrawal.
7. Data Subject Rights
Subject to the provisions of the GDPR, you have certain rights regarding the Personal Information we collect, use or disclose and that is related to you, including the right
• to receive information on the Personal Information concerning we hold about you and how such Personal Information is used (right to access);
• to rectify inaccurate Personal Information concerning you (right to data rectification);
• to delete/erase your Personal Information (right to erasure/deletion, "right to be forgotten");
• to receive the Personal Information provided by you in a structured, commonly used and machine-readable format and to transmit those Personal Information to another data controller (right to data portability)
• to object to the use of your Personal Information where such use is based on our legitimate interests or on public interests (right to object); and
• in some cases, to restrict our use of your Personal Information (right to restriction of processing).
8. Confidentiality
AAA Regent Consultants Limited ensure that all personal data provided to us by Clients or collected throughout the provision of the Services is kept confidential. This stipulation on confidentiality shall not apply to personal data which is publicly known or available or which may have been disclosed pursuant to a legal requirement or a court order.
9. Storage of Information
The data that we collect from you may be transferred for back-up/safe keeping purposes to a different location than the Data Controller's address; but always in The Republic of Cyprus. The data is only processed by AAA staff only at the Company's operational premises. We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice. We maintain security standards and procedures with a view to preventing unauthorized access to data by anyone.
10. Amendment to this Privacy Notice
AAA Regent Consultants Limited reserve the right to amend this Privacy Notice from time to time. In case of such amendment, we will inform the Client accordingly in writing and further supply the Client and/or otherwise make available a copy of such amended privacy notice.
Clients are prompted however to review the present Notice on their own accord from time to time to become duly familiarised with it.
11. Complaints
If you have requested details of the personal data that we hold about you and you were not satisfied with the response or think that we may have not complied with the GDPR or the Cyprus relevant legislation you can send a complaint to us in writing via email on This email address is being protected from spambots. You need JavaScript enabled to view it.
Also, as a data subject, you have the right to submit a complaint to the Commissioner, if you believe that your rights as indicated under the GDPR have been breached or have not been complied with. For any issues or further information the Commissioner's website address is: www.dataprotection.gov.cy.