P O Box 27720, Nicosia 2432, Cyprus
Mon - Fri : 09:00 - 17:00
70007599             Email: [email protected]

Privacy Notice

HomePrivacy Notice
Close
70007599             Email: [email protected]
Mon - Fri : 09:00 - 17:00

Applicability of Privacy Notice
This privacy notice is in accordance with the provisions of the European Union General Data Protection Regulation (GDPR) and applies to all natural persons who are clients of Aequus Business Consulting Ltd (hereinafter “Aequus”), as well as any other persons who may have a relationship with, or be connected to, clients of Aequus, or have any other relationship or connection, or who may visit our website, and in respect of whom Aequus collects and processes personal data (hereinafter “Data Subjects”).

Data Controller
Aequus is the Data Controller and is committed to protecting the personal data it collects and processes during the course of its business operations, in line with the GDPR.

Data Protection Officer
The Data Protection Officer (DPO) of Aequus is Haig Assadourian, who can be contacted as follows:

Personal Data Collected
Aequus collects personal data in relation to Data Subjects as part of meeting its obligations towards its clients, as well as in relation to associates or other persons or entities it has a connection or relationship with.

The data collected includes:

  • Full name
  • Residential and/or business address & contact details
  • Any other information which may become required during the course of the relationship

Use of Personal Data
The personal data of Data Subjects is collected and processed by Aequus for the purpose of discharging its duties and responsibilities under the provisions of its appointment by its clients, for the provision of professional or consulting services, or otherwise, as governed by the Letter of Engagement signed with its clients, or any other legal or contractual agreement with any other parties, whether in writing or oral.

Additionally, personal data may also be shared with other service providers as part of the above, but always subject to the consent of the Data Subjects.

Aequus may from time to time send newsletters, publications, emails or other forms of communication, written or oral, for the purpose of informing clients and other related parties, as well as professional firms and associates of any news or new services it may offer in the future.

Furthermore, Aequus will also communicate with associates or other service providers it works with, in relation to mutual clients, for the purpose of serving such clients under the terms of the Letter of Engagement signed between Aequus and its clients, but always subject to the consent of the Data Subjects.

Aequus strictly undertakes to process any personal data it has collected purely for the purposes intended, and only for the necessary period of time allowed, so as to fulfil its obligations to its clients, and to comply with any applicable laws and regulations.

Legal Basis for Processing Personal Data
Aequus collects personal data in accordance with the following legal bases:

  1. Legal obligation – to comply with statutory reporting requirements of the relevant government authorities (e.g. Tax & VAT authorities, Department of Social Insurance Services)
  2. Necessary for the performance of a contract – to discharge its duties and responsibilities under the provisions of the Letter of Engagement signed with clients.
  3. Vital interests of staff, clients and other parties – so as to meet its duties and obligations towards its staff, and to provide a safe and secure environment for all related parties.
  4. Consent – to keep clients and other stakeholders informed of new developments via newsletters and announcements.

Transfer of Personal Data to Third Parties (Processors)
During the course of its normal business operations, and in order to meet its contractual obligations under the Letter of Engagement signed with its clients, or any other agreement, contract or legal obligation, Aequus may be required to share the personal data of its clients and any other persons who may have a relationship with, or be connected to clients of Aequus, or any other parties with any of the following third parties:

  • Government authorities
  • Other service providers & associates

Such third parties are known as Processors under the provisions of the GDPR.

In all such cases, the transfer of personal data will be in accordance with Aequus’s Privacy Policies, and in compliance with the GDPR. Any transfer of personal data to non-governmental organisations will only be effected subject to a Data Processing Agreement.

Furthermore, in cases where personal data is transferred outside the European Union, this will be effected in full compliance with the procedures required by the relevant authority and in compliance with the provisions of the GDPR.

Personal Data Retention Period
Aequus will retain the personal data of Data Subjects for as long as required to fulfil its duties and obligations under the provisions of the Letter of Engagement signed with its clients, or any other contract, agreement, or legal obligation.

Following the termination of the relationship, all personal data relating to the Data Subjects, or any other related persons will be deleted/destroyed, with the exception of:

  • Information required by the Tax Office
  • Any other information which may be required by law
    In so far as such deletion/destruction of data will not be in contravention of any other legal requirements which may be in force at the time.

Data Subjects’ Rights
Under the provisions of the GDPR, Data Subjects have the following rights, with regards to their personal data:

  1. The right to be informed – about the collection and use of their personal data
  2. The right of access – to their personal data
  3. The right to rectification – to have inaccurate personal data corrected, or incomplete data to be completed
  4. The right to erasure – to have personal data erased (so called “right to be forgotten”)
  5. The right to restrict processing – right to request the restriction or suppression of personal data
  6. The right to data portability – to obtain and reuse their personal data and to transfer it easily from one IT environment to another in a safe and secure manner
  7. The right to object – to processing of personal data
  8. Rights in relation to automated decision making and profiling – right to request that in cases where personal data is used for automated decision making or profiling, the final decision is taken by a physical person
  9. The right to withdraw consent – where processing of personal data requires or is based on the consent of the Data Subject
  10. The right to complain – is any persons have any concerns with the way in which their personal data has been processed, they may contact the DPO in the first instance. If they are still not satisfied, they have the right to contact the relevant data protection authority.

Security of Personal Data
Aequus takes all the necessary steps to ensure that all personal data that it has collected is processed, shared, stored and deleted in a safe and secure manner. All reasonable steps are taken to protect the IT infrastructure of Aequus against unauthorised access or loss of data. This includes hardware and software security measures, restriction of access to data via user rights, data encryption, regular software updates and back-ups, and use of the Microsoft Office 365 suite.

Aequus takes all the necessary measures to rectify any shortcomings in its policies and procedures, and in case of any breach of security or loss of any device (PC, laptop, mobile, storage device) the DPO is immediately informed, so that the appropriate damage limitation measures are taken.

Phone: 70007599             Email: [email protected]
P O Box 27720, Nicosia 2432, Cyprus

Aequus © 2021 All Rights Reserved. | Created by UberDigit