This notice will tell you, our client, or prospective client, how we use, hold and protect personal information we collect about you in the course of providing services to you and what rights you have in respect of your personal information. It is important that you read this notice together with any other notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This notice supplements any other notices and is not intended to override them.
In this notice, “GZG”, “we”, “us”, “our” refer to George Z. Georgiou & Associates LLC. GZG is a controller in respect of your personal information. That means that we determine the purposes and means for the processing of your information. For more information about us and how to contact us, please see section 11 of this notice.
Changes to this notice
We may modify or amend this notice from time to time and we will notify you appropriately about this, but we also encourage you to review this notice periodically to always be informed about how we are processing and protecting your personal information.
This notice was last updated in December 2021 and historic versions can be obtained by contacting us.
Keeping your information accurate and current
It is important that the personal data we hold about you is accurate and current. Please inform us if your personal data changes during your relationship with us.
We collect your personal information from various sources, including:
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
The personal data that we collect, and how we collect it, depends upon how you interact with us. We may collect, store, and use the following categories of personal information about you for the purposes explained below:
We may also use your personal information in the following situations, which are likely to be rare:
If you fail to provide personal information
If you fail to provide certain information when requested or if it is not satisfactory, we may not be able to provide our services, or we may be prevented from complying with our legal obligations or we may be not able to act, or to continue to act, for you.
Change of purpose
If we need to use your personal information for a purpose unrelated to the one for which we originally collected the information, we will notify you and we will explain the legal basis which allows us to do so, however, there may be instances we may process your personal information without your knowledge or consent where this is required or permitted by law.
“Special categories” of personal information require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We have in place an appropriate policy document and safeguards which we are required by law to maintain when processing such data. We may process special categories of personal information for the purposes identified in section 4 above and in the following circumstances:
We may also process this type of information where it is needed for the establishment, exercise or defence of legal claims or where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.
Where necessary, we will process information about criminal convictions as part of the provision of services.
Due to the COVID 19 Pandemic and based on various decrees issued from time to time by the Cyprus Government, we may need to see your Safepass Certificate. We do not retain this data and we only view it in order to ensure we comply with the relevant decrees.
We will occasionally send you marketing information where you have provided your consent for us to do so. For example, by subscribing to our newsletter you will receive legal and business news by e-mail. You are free to withdraw your consent at any time by opting out by using the “unsubscribe” link at the bottom of each marketing e-mail or by contacting our DPO.
We will share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or deliver our services or where we have another legitimate interest in doing so. We may also share your personal data when you have consented to us doing so.
We may need to share your information with the courts, where we represent you in legal cases, with co-counsel, opposing counsel, with the Cyprus Bar Association, government authorities and independent bodies, depending on the services we have been retained to provide or any applicable laws and regulations.
Furthermore, we may share personal information with the following categories of third-party service providers as necessary and subject to our professional obligations and any terms of business which we may enter into with you including:
All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
Transferring information outside the EU
We may transfer the personal information we collect about you outside of the European Economic Area in order to perform our contract with you, such as in cases that involve international litigation or have a cross border aspect. In such cases we will transfer your data only to such countries as approved by the European Commission as providing adequate level of data protection, or enter into legal agreements ensuring an adequate level of data protection, such as Standard Contractual Clauses or depending on the circumstances, proceed with the transfer based on your consent.
We have implemented administrative, technical, and physical safeguards to prevent unauthorised access, use, or disclosure of your personal information. Your information is stored on secure servers and isn’t publicly available. We ensure that third parties who may process your information on our behalf (processors) will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the type of information that is collected, the purpose for which it was collected, and whether there is any need to retain it based on applicable legal requirements.
Under certain circumstances, by law you have the right to:
If you wish to exercise any of the above rights, make a complaint or receive more information, please contact our Data Protection Officer (“DPO”) using the details provided below:
George Z. Georgiou & Associates LLC
1 Iras Street, 1060 Nicosia,
You also have the right to file a complaint with the relevant Data Protection Authority. For Cyprus the relevant Data Protection Authority is the Office of the Commissioner for Personal Data Protection, website at http://www.dataprotection.gov.cy or write to them at:
1 Iasonos str., 1082 Nicosia
P.O.Box 23378, 1682 Nicosia
Tel: +357 22818456
Fax: +357 22304565