This Privacy Policy has been updated on 08/07/2019.

The Integritas Ltd (hereinafter “the Company”) is committed to protecting the privacy and handling the personal data that it maintains for its employees and customers, in an open and transparent manner. It is also committed to the collection and processing of this personal data in full compliance with the General Regulation on the Protection of Personal Data of the European Union (Regulation 2016/679) (hereafter referred to as “the Regulation”) and the legislation in force in Cyprus that governs the collection and processing of Personal Data of Individuals. Thus, we have developed this Privacy Policy that governs the collection, use, disclosure, transfer and storage of personal information. Please read our privacy practices carefully to understand our policies and practices regarding your information and how we will treat it and do not hesitate to contact us if you have any questions.

Our role under the Regulation

Under the Regulation, the Integritas Ltd is the Data Controller for all the personal data it maintains and processes. As a Data Controller, Integritas Ltd is allowed to collect, maintain and process the personal data of all employees and customers.

Types of Personal Data Collected

If you are an employee of the company, we may keep your name and contact details (telephone number, home address, email), copies of your passport and ID number, national security number, personal banking information and any other financial information we need for your salary payments, your access and number and the respective passcode to check when you enter the building. In addition to these, we keep records of your annual leave and sick leave with diagnosis (only when it is longer than 2 consecutive days).

If you hold the position of a Nominee Director, shareholder or secretary in the Company, we may keep your CV and the supporting letter you have shared with us to evaluate your application, passport number or utility bill, birth certificate, size and source of income and wealth, tax ID number, IBAN and whether or not you belong to the category of Politically Exposed Persons (PEP).

If you are a client or person acting as a signatory to agreements or a person related to customers, we may collect: name, personal contact information, email address, address and telephone number, copies of documents such as passport and identity details, CV and corresponding accompanying letters, any internal passport or utility bill, birth certificate, size and source of income and wealth, tax identification number, IBAN and if whether or not you are in the category of Politically Exposed Persons (PEP).

Processing of Personal Data

Processing of employees and customers’ personal data is in accordance with to the Regulation and the Cypriot legislation governing the collection and processing of Personal Data. The Company uses the personal data for several purposes as part of its operations, as following:

1. For company compliance with a legal obligation (Regulation of Administrative Services and Related Issues Law 2012 (196 (I) / 2012), The Income Tax Law and Annual Audit (Corporate Law) and the Social Insurance Law of 2010 (L. 59 (I) 2010)).
2. To comply with the Company’s legal obligation.
3. To execute a contract of which an employee and a customer are a party or to take action upon their request, before finalizing a contract.
4. In order to protect the legitimate interests of the Company.

Transfer of Personal Data

Transfer of personal data to third parties may occur when this is required for the purpose of the processing and only for that purpose. Recipients may include banks, the Department of social insurance, Departments of the Ministry of Labor and Social Insurance, MOKAS, ICPAC, accountants, agents, governmental organizations and / or public authorities such as the Police upon written request. Αll reasonable technical and organizational security measures will be adhered to in order to preserve your Personal Data in each case.

Retention period

Personal data that have been or will be submitted by you to the Company, are kept in electronic and hardcopy form, in one or more files, on Servers, in a secure storage space on the Company’s premises. They are also held by Reisswolf Cyprus, which agrees to protect and use your personal data solely for the purposes of our cooperation and as defined by us.

The maintenance and processing of the employees and customers’ personal data will be done for as long as it is necessary for the fulfilment of the purposes for which they were collected, including for the fulfilment of any legal, accounting or other requirements.

Safeguards

The Company has implemented the appropriate technical and organizational measures, such as data-protection principles, in order to safeguard all personal information from unlawful use, intervention, modification or disclosure under the requirements of the Regulation.

Changes to the Personal Data Privacy Statement

We reserve the right to modify or amend this Policy at any time by publishing the revised policy on the Company’s Web site: http://integritas.com.cy/. It is recommended that you periodically check this Policy and any changes that may occur in order to be informed regarding the way the Company uses and safeguards your Personal Data.

Data Protection Rights within the EU

According to the Regulation, you have the following rights in regard to your personal data: (Please note, these rights are not absolute and they are in some cases, subjected to conditions as defined by law)

1. Right of Access – You have the right to access your own personal data through the platform, as well as the right to request a copy of your personal data that is maintained and processed by the Company.
2. Right of Rectification – You have the right to request the correction of any incomplete and / or inaccurate personal data we hold for you.
3. Right to Erasure – You have the right to request the deletion of personal data only if one of the following reasons is true:
   • Personal data are no longer necessary in relation to the purposes for which they were collected or processed.
   • If the processing is based on your consent and you have withdrawn this consent (on which processing is based) in accordance with Articles 6.1.a and 9.2.a of the Regulation and if no other legal basis, for processing, applies.
   • If you object to processing in accordance with Article 21.1 of the Regulation and there are no compelling and legitimate reasons for processing.
   • If personal data have been processed illegally.
   • If personal data should be deleted in compliance with a legal obligation under Union law to which the Company is subject to.
   • If the personal data have been collected in relation to the provision of referred to in Article 8.1 of the Regulation.
4. Right to Object – You have the right to oppose the processing of your personal data at any time and for reasons related to a specific situation, unless there are compelling legitimate reasons for processing that override your interests, rights and freedoms.
5. Right to Restrict Processing – You reserve the right to request the restriction of processing on your personal data so that we may no longer process the specific information until the restriction is lifted (for example, the data have been corrected).
6. Right to Portability – You have the right to request the transfer of your personal data, that you have provided to the Company. These data will be given to you in a format that is structured, widely used and machine readable and, in certain cases you may also have the right to request for us to send the information to another organization, provided that such a transfer is technically feasible.
7. Right to Object to Automated Decision Making, Including Profiling – You have the right to request that we do not make any decision, regarding you, solely on the basis of automated processing, including profiling, only in the case that this decision has legal or significant consequences on you.
8. Right to Withdraw Consent – In the limited circumstances in which you may have given your consent for the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw it at any time. This also applies if:
   • the legitimacy of the processing, on which your consent was based on your consent, does not hold true anymore
   • Any processing done, occurs under a different legal basis.
9. In addition to the aforementioned, if you believe that the processing of your Personal Data is in violation of the Regulation you have the right to submit a complaint at the Personal Data Protection Commissioner’s Office.

If you have any questions in regards to the kind of personal data we hold for you, or if you want to request the deletion or correction of those personal data, or you want to exercise any of your personal data rights, it is advisable to send a written request to the email info@integritas.com.cy or to the postal address provided at the bottom of this Privacy Policy. Meanwhile all reasonable efforts will be taken to meet your request. However, we reserve the right to reject any requests for access or for imposing restrictions or other claims if required or permitted by the law.

Contact info

For Further Information: If you have questions in regards to our Personal Data Privacy Statement or the use of employees’ and costumer’s personal data, as described above, or you want to exercise any of your rights, please contact Mr Constantinos Eliades:

Name/Surname: Constantinos Eliades

Email: celiades@integritas.com.cy

Address: Dositheos 7, Parabuilding Block C, Office C102, 1071

Nicosia Cyprus

Call Center: +357 22266910

Submission of a Complain: If you feel that your concerns regarding the use of your personal data or any of your data protection rights have not been address by us, you have the right to contact initially Mr Constantinos Eliades. You also have the right to submit a complaint with the Personal Data Protection Commissioner’s Office, http://www.dataprotection.gov.cy.