We are committed to safeguarding your privacy and handling your data in an open and transparent manner. Looking after the personal data your share with us is hugely important to us.
We would like to reassure you that your privacy is first priority for us, and that your data is safe and secure.
We therefore want to be clear how we use it, in order to provide you with the best possible service that is personalized to your needs and preferences in our services.
WHO WE ARE
Crystalserve Fiduciary Services Limited (“Crystalserve”) of Arianthi Court 2nd Floor, 50 Agias Zonis Street CY-3090 Limassol and telephone number 25 555 800 is a company providing a wide range of professional services, such as incorporation and management of legal entities worldwide, accounting services, administration services, establishment and administration of Investment Funds, direct and indirect tax planning, escrow agent services, payroll services and members’ voluntary liquidation services.
In providing our services and also in employing persons, we act as an independent controller and are, therefore, responsible for complying with Data Protection Law in respect of any personal data we collect and process.
The processing of personal data is regulated by the General Data Protection Regulation EU 2016/679 as supplemented by the Data Protection Act 2018.
WHAT IS THIS POLICY
- Sets out the types of personal data that we collect;
- Explains how and why we collect and use your personal data;
- Explains when and why we share personal data within Crystalserve Fiduciary Services Limited and third parties; and
- Is clear about the rights and choices you have when it comes to your personal data
This policy also applies if you contact us or we contact you about our services.
When we provide you our services we ask for your personal data (such as full name, city, email address) for the purpose to preparatory actions for entering into a contract with you or for performance of a contract and provision of services. Anytime you contact us about our services either by phone, email or post we may collect personal data you provide about yourself.
HOW WE COLLECT YOUR PERSONAL DATA
We may collect your personal data when you contact us through our websites, by telephone, post, e-mail or through any other means.
Please note that the Company collects and process personal data that it legally obtains from you. It can also collect and process personal data from sources available to the public, which it legally acquired and is clearly authorized to process.
HOW AND WHY WE USE PERSONAL DATA
We use personal data to make our services available to you. In this way personal data enables us in processing your instructions. We need to process your personal data so that we can manage your data, provide you with the services you want to have and help you with your queries and requirements.
Furthermore, it is hugely important to us to monitor how our services are used in order to detect and prevent fraud, other crimes and the misuse of services. This reassure us that you can safely use our services.
HΟW WE PROCESS YOUR DATA
Legitimate Basis Processing
When we process your data under legitimate basis i.e. in order to take the necessary steps at your request prior to entering into a service agreement with you, we may use the information provided by you to construct a profile including an economic profile so as to establish whether we are able to enter into an engagement agreement with you or to provide you with the service required.
In the event that we do not accept you as a client you have the right to ask for erasure of your data and return of the documents provided by you within 6 months of your non-acceptance as a client. After the 6-month period, the data and documents will be automatically destroyed/ erased.
Contractual Basis Processing
During the course of provision of our Services we shall be gather, process and keep your personal data and documents for all relevant persons in order to be able to fulfil contractual obligations.
In this respect refusal of provision of such personal data by the relevant persons, shall cause refusal of the Services under by Crystalserve and its Appointees.
Legal Bass Processing
We have the right and obligation to transmit your data in accordance with the Anti Money Laundering Laws of Cyprus and also based on other Laws of Cyprus.
WHEN AND WHY WE DISCLOSURE YOUR PERSONAL DATA TO THIRD PARTIES
We would like to let you know that we work with carefully selected Service Providers that carry out certain functions on our behalf. These include, for example, companies that help us with technology services, storing and combining data, processing payments, lawyers and audit services, insurance and payroll services.
We may disclose personal data with such third parties if the law or a public authority says we must or if we need to disclose personal data in order to establish exercise or defend our legal rights.
Other than the disclosures referred to in this policy, we will not disclosure any personal data without your consent unless we are legally entitled or obliged to do so for example, if required to do so by Court Order or for the purposes of prevention of fraud or other crime.
Contractual Basis Disclosure to 3rd Parties
In the process of provision of the Services, and in particular incorporation and/ or management of foreign companies, Crystalserve may if absolutely necessary, transmit your personal data to the relevant foreign/ third country service provider if this is required in order to enable such service provider to provide the Services.
In this respect, you understand that such transmission and processing of your personal data may take place PROVIDED that it is a prerequisite for the provision of the Service and fulfilment of Crystalserve’s contractual obligations or when it is a prerequisite to transmit such, prior to us entering into a service agreement on your behalf.
Furthermore, in carrying out the Services, Crystalserve works with carefully selected Service Providers that carry out certain functions on its behalf. These include, for example companies that help with technology services, storing and combining data, processing payments, lawyers and audit services, insurance and payroll services. Crystalserve may share personal data with these organizations in accordance with the Terms of Business and the Engagement Letter.
Legitimate Basis Disclosure to 3rd Parties
Personal data obtained on this basis WILL NOT be disclosed to third parties UNLESS you request a service that requires that the information is sent to such third parties prior to entering into a service agreement with them.
For any other reasons except for then ones set out above we may process your personal data, provided that you have given us your specific consent for processing.
In the event that the basis of processing is consent, you have the right to revoke consent at any time.
HOW WE PROTECT AND STORE YOUR PERSONAL DATA
We are respecting, protecting and maintaining your privacy and thus, we have a lot of measures in place. For example, we use computer safeguards such as firewalls and data encryption. We also enforce physical access controls to our buildings and files to keep this data safe. We only authorize access to employees in order to carry out their job responsibilities or so as to provide our services to you.
As part of our policies, we enforce physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data.
However, we will continue to update these measures, as appropriate, when new technology becomes available.
When it comes to Cookies you have a lot of choices, you can use your browser settings to accept or reject new Cookies and to delete existing Cookies. You can also set your browser to notify you each time new Cookies are placed on your computer or other device.
Cookies allow us to improve the way our Website work so that we can personalize your experience and allow you to use many of their useful features.
In addition, Cookies can help us to understand how our website is being used, for example, by telling us if you get an error message as you browse. The Cookies collect data are mostly aggregated and anonymous.
Please note that you may authorize your participation in cookies policy and in the same way you may at any time withdraw this consent.
You can find out how to disable cookies at: https://www.aboutcookies.org/
HOW LONG WE KEEP YOUR PERSONAL DATA
We keep your personal data for as long as it is necessary in order to comply with our legal obligations, contractual obligations and to protect our legitimate interests plus one year with your consent which could be withdrawn at any time within that year.
You have the right to enquire at any time and we have the obligation to respond on which of the above mentioned bases we store and process your information.
Under the General Data Protection Regulation (EU) 679/2016 you have important and various rights with regards to the personal data Crystalserve holds about you. Specifically, you have the right of access, rectification and erasure of such data.
Request access to your personal data
This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction-rectification of your personal data
This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data
You have the right to request erasure of your personal data, when obtained on a consent basis, or when our legal obligations or legitimate basis with regards to record keeping and processing have lapsed and you can contact for this purpose the Controller of your personal data which is Crystalserve Fiduciary Services Limited.
Request the restriction of processing of your personal data
This enables you to ask us to restrict the processing of your personal data, for example direction to use it only for certain things, if it is not accurate, it has been unlawfully obtained but you do not wish for us to delete it, it is not relevant any more, but you want us to keep it for use in possible legal claims.
You have already asked us to stop using your personal data but you are waiting us to confirm if we have legitimate grounds to use your data.
You also have the right to have your personal data transmitted directly by ourselves to other organizations you will name, known as the right to data portability.
Right to lodge a complaint
If you have exercised any or all of your personal data protection rights and still feel that your concerns about how we use your personal data have not been adequately addressed by us, you have the right to complain by contacting with us, and we have an obligation to respond.
CHANGE OF PRIVACY STATEMENT
We may modify or amend this privacy statement from time to time. We will notify you appropriately when we make changes to this privacy statement and we will amend the revision date at the top of this page. We do however encourage you to review this statement periodically so as to be always informed about how we are processing and protecting your personal information.
To protect or exercise any of your rights, or if you have any other questions about use of your personal data and/or information, please contact us.
The General Data Protection Regulation 69/2016 EU has entered into force from 25 May 2018.
Please note that your concerns are very important to us to address all of your queries and requests promptly.