Introduction

This Privacy Policy has been updated on 16/06/2020.

The Tryfon Tseriotis Ltd (hereinafter “we”, “us” or “our”) is committed to protecting the privacy and handling the personal data that it maintains for its employees and collaborators, in an open and transparent manner. It is also committed to the collection and processing of this personal data in full compliance with the General Regulation on the Protection of Personal Data of the European Union (Regulation 2016/679) (hereafter referred to as “the Regulation”) and the legislation in force in Cyprus that governs the collection and processing of Personal Data of Individuals. Thus, we have developed this Privacy Policy that governs the collection, use, disclosure, transfer and storage of personal information. Please read our privacy practices carefully to understand our policies and practices regarding your information and how we will treat it and do not hesitate to contact us if you have any questions.

Our role under the Regulation

Under the Regulation, the Tryfon Tseriotis Ltd is the Data Controller for all the personal data it maintains and processes. As a Data Controller, Tryfon Tseriotis Ltd is allowed to collect, maintain and process the personal data of all employees and collaborators.

How is Personal Data Collected

This privacy policy applies to information we collect:

  • directly from you or
  • through third parties in the standard course of the business we do in order to provide you with the service you requested.

 

Types of Personal Data Collected

We collect and use several types of information for the individuals we co-operate with, including information by which subjects may be personally (“Personal Data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person), such as your first and last name, identity number, e-mail address, address and province, telephone number, education details and training records, employment information, financial and / or banking information, as well as other information related to demographics,  other (online) contact information and possibly health-related information, etc.

 

Further to other media of collection, we collect and use on or through our Website including:

  • Information that you provide by filling in forms, in particular at the time of the first contact with us.
  • Information when you enter a contest or promotion sponsored by us, and when you report a problem with our Website.
  • Records and copies of your correspondence (including e-mail addresses), if you contact us.
  • Details of transactions you carry out, if any, and of the fulfillment of your orders.

 

Purposes for Which We Use Your Personal Information

In general, we might process your personal data for the following purposes:

  • Provision of services: to provide you with information, products, or services that you request from us;
  • Customer management: to manage your account, to provide you with customer support and with notices about your account and about changes to any products or services we offer to you;
  • Advertising: following explicit consent to communicate with you about products or services that may be of interest to you;
  • Functionality and security: to detect, prevent, and respond to actual or potential fraud, illegal activities, or intellectual property infringement;
  • Compliance: to enforce our terms and conditions and to comply with our legal obligations as these derive from the applicable laws or our regulators;
  • for any other purpose with your consent provided separately from this privacy policy.

 

Disclosure of Your Personal Information

We do not share your Personal Information with third parties except as indicated below:

  • Affiliates. We share the above categories of Personal Information with our subsidiaries and affiliates to the extent this is necessary for the purposes of provision of services, customer management, customization of content, advertising (if you have consented) security and compliance, or to the extent, you have provided your consent provided separately from this privacy policy.
  • Service providers. To our authorized service providers that perform certain services on our behalf, including for purposes of provision of the services you requested from us, customer management, and security. These services may include fulfilling orders, processing credit card payments, risk and fraud detection and mitigation, providing customer service and marketing assistance. These service providers may have access to Personal Information needed to perform their functions but are not permitted to share or use such information for any other purposes. We have taken all reasonable steps to ensure that they comply with the current data protection regulations.
  • Legal successors. To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by us among the assets transferred. Should such a sale or transfer occur, we will use reasonable efforts to try to ensure that the entity to which we transfer your personal information uses it in a manner that is consistent with this privacy policy.

We also disclose your Personal Information to other third parties, including official authorities, courts, or other public bodies:

  • In response to a subpoena or similar investigative demand, a court order or other judicial or administrative order, or a request for cooperation from law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; to comply with applicable law or cooperate with law enforcement, government or regulatory agencies; or to enforce our Website terms and conditions or other agreements or policies; or as otherwise required by law (including responding to any government or regulatory request). In such cases, we may raise or waive any legal objection or right available to us, at our sole discretion.
  • To the extent disclosure is necessary for connection with efforts to investigate, prevent, report, or take other action regarding illegal activity, suspected fraud, or other wrongdoing; to protect and defend the rights, property, or safety of our company, our users, our employees, or others; to maintain and protect the security and integrity of our Website or infrastructure.

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. In particular, we may transfer non-Personal Information and process it outside your country of residence. We may combine non-Personal Information we collect with additional non-Personal Information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers, and investors, for the purpose of conducting general business analysis.

 

How We Store Your Personal Information

The information that we collect about you, including Personal Information, is safely stored and processed in Cyprus and/or in remote cases in the Countries within the European Union.

 

Retention of Personal Information

The period for which we keep your Personal Information that is necessary for compliance and legal enforcement purposes varies and depends on the nature of our legal obligations and claims in the individual case.

 

To the extent we have collected your Personal Data for purposes of provision of services, customer management, and customization of content (for descriptions of these purposes see above), we keep your Personal Information for as long as you have an account with us, as needed to provide you with our respective services and in compliance with relevant laws of Cyprus. For further information regarding specific retention periods please contact us at pdata@tryfontseriotis.com.

 

Legal Bases for Collection, Use, and Disclosure of Your Personal Information

There are different legal bases that we rely on to collect, use and disclose your Personal Information, namely:

  • Consent: We will rely on your consent to use (i) your Personal Information for marketing and advertising purposes; (ii) your Personal Information for other purposes when we ask for your consent separately from this privacy policy and for which the purpose of the process does not relate to the services we offer to you.
  • Performance of a contract: The use of your Personal Information for purposes of providing the services, customer management, and functionality and security as described above is necessary to perform the services provided to you under our terms and conditions and any other contract that you have with us.
  • Compliance with legal obligation: We are permitted to use your Personal Information to the extent this is required to comply with a legal obligation to which we are subject.
  • Protection of your vital interests: The processing of your Personal Information is necessary to protect your vital interests if you are physically or legally incapable of giving consent.
  • Protection of our legitimate interests: The processing of your Personal Information is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

 

How We Protect the Security of Your Personal Information

We take appropriate security technical and organizational measures (including physical, electronic, and procedural measures) to safeguard your Personal Information from unauthorized access, unlawful use, intervention, modification, or disclosure under the requirements of the Regulation. For example, only authorized employees are permitted to access Personal Information, and they may do so only for permitted business functions. In addition, we have trained our employees on how to handle, manage and process personal data, applied upgraded technical measures, and transformed our policies and procedures in a way that will comply with the General Data Protection Regulation.

 

Automated Decision-Making, Including Profiling

We reserve the right to use automated decision-making in the following cases: When deemed necessary to provide services to you, with your written, express consent, and if the appropriate measures have been taken to safeguard your rights.

 

Choices About How We Collect, Use and Disclose Your Personal Information

We strive to provide you with choices regarding the Personal Information you provide to us.

You can choose not to provide us with certain Personal Information, but that may result in you being unable to use certain services.

When you register with us, you may be given a choice as to whether you want to receive email messages, newsletters, or advertising material about product updates, improvements, special offers, or containing special distributions of content by us. If consented yet later on you decide you no longer want to receive commercial or promotional emails or newsletters from us, you will need to avail yourself of the unsubscribe mechanism set out in the applicable communication. It may take up to thirty days for us to process an opt-out request. We may send you other types of transactional and relationship e-mail communications, such as service announcements, administrative notices, and surveys, without offering you the opportunity to opt-out of receiving them as these will relate directly to your relationship with us.

If you provided Personal Information, you may terminate your relationship with us at any time as per the provision of the between us agreement or engagement. If you choose to do so, your Personal Information will be deleted in accordance with our retention policy.

 

Subject to the provisions of the General Data Protection Regulation, you have the following rights in regard to your Personal Information: (Please note, these rights are not absolute and in some cases, they are subjected to conditions as defined by law)

  1. Right of Access – You have the right to access your own Personal Information through the platform, as well as the right to request a copy of your personal data that is maintained and processed by our company.
  2. Right of rectification – You have the right to request the correction of any incomplete and / or inaccurate Personal Information we hold for you.
  3. Right to Erasure – You have the right to request the deletion of Personal Information only if one of the following reasons is true:
    • Personal Information is no longer necessary in relation to the purposes for which they were collected or processed.
    • If the processing is based on your consent and you have withdrawn this consent (on which processing is based) in accordance with Articles 6.1.a and 9.2.a of the Regulation and if no other legal basis, for processing, applies.
    • If you object to processing in accordance with Article 21.1 of the Regulation and there are no compelling and legitimate reasons for processing.
    • If Personal Information has been processed illegally.
    • If Personal Information should be deleted in compliance with a legal obligation under Union law to which our company is subject to.
    • If the personal data have been collected in relation to the provision referred to in Article 8.1 of the Regulation.
  4. Right to Object – You have the right to oppose the processing of your Personal Information at any time and for reasons related to a specific situation, unless there are compelling legitimate reasons for processing that override your interests, rights, and freedoms.
  5. Right to Restriction of Processing – You reserve the right to request the restriction of processing on your Personal Information so that we may no longer process the specific information until the restriction is lifted (for example, the data have been corrected).
  6. Right to Data Portability – You have the right to request the transfer of the personal data, that you have provided to our company. These data will be given to you in a format that is structured, widely used, and machine-readable and, in certain cases, you may also have the right to request for us to send the information to another organization, provided that such a transfer is technically feasible.
  7. Right to Object and Automated Individual Decision-Making (Including Profiling) – You have the right to request that we do not make any decision, regarding you, solely on the basis of automated processing, including profiling, only in the case that this decision has legal or significant consequences on you.

 

In addition to the aforementioned, if you believe that the processing of your Personal Data is in violation of the Regulation you have the right to submit a complaint at the Personal Data Protection Commissioner’s Office.

 

If you have any questions in regards to the kind of personal data we hold for you, or if you want to exercise any of your personal data rights, it is advisable to send a written request to the email pdata@tryfontseriotis.com or to the postal address provided at the bottom of this Privacy Policy. However, we reserve the right to reject any requests for access or for imposing restrictions or other claims if required or permitted by the law.

 

Changes to Our Privacy Policy

We may modify or revise our privacy policy from time to time. Although we may attempt to notify you when major changes are made to this privacy policy, you are expected to periodically review the most up-to-date version found at our website www.TryfonTseriotis.com so you are aware of any changes, as they are binding on you.

If we change anything in our privacy policy, the date of change will be reflected in the “last modified date”. You agree that you will periodically review this privacy policy and refresh the page when doing so. You agree to note the date of the last revision to our privacy policy. If the “last modified” date is unchanged from the last time you reviewed our privacy policy, then it is unchanged. On the other hand, if the date has changed, then there have been changes, and you agree to re-review our privacy policy, and you agree to the new ones. By continuing to use the Website subsequent to us making available an amended version of our privacy policy in a way that you can easily take notice of it, you thereby consent to such amendment.

 

No Rights of Third Parties

This privacy policy does not create rights enforceable by third parties or require disclosure of any Personal Information relating to users of the Website.

 

No Error Free Performance

We do not guarantee error-free performance under this privacy policy. We will use reasonable efforts to comply with this privacy policy and will take prompt corrective action when we learn of any failure to comply with our privacy policy. We shall not be liable for any incidental, consequential or punitive damages relating to this privacy policy.

 

Contact Information

If you have any questions about this privacy policy or our information-handling practices, please contact us at pdata@tryfontseriotis.com

You may also contact us at P.O.Box12764,2252,Latsia, Cyprus, telephone +357-22507800

 

Submission of a Complaint: If you feel that your concerns in regard to the use of your personal data or any of your data protection rights have not been address by us, you have the right to contact us at pdata@tryfontseriotis.com and submit a complain. You also have the right to submit a complaint with the Personal Data Protection Commissioner’s Office, http://www.dataprotection.gov.cy.