This privacy statement (“Statement”) has been drafted by and applies to Globalserve Consultants Ltd, a company registered in Cyprus with registered number HΕ 145787 and all their subsidiaries (collectively, “Globalserve,” “we,” or “us”).
At Globalserve, we value and respect your privacy and prove this through this Statement which demonstrates our compliance with the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as the “Regulation”) which is directly applicable in the European Economic Area from 25th May 2018, and has introduced new measures aiming to protect your Personal Information and thus your privacy.
In this Statement, we explain our practices regarding the collection, use, processing and disclosure of your Personal Information, what kind of Personal Information we collect from you and when we collect them.
Collection of Personal Information
“Personal Information” is information that identifies you as an individual or relates to an identifiable individual i.e. through which you may be identified. It always has to do with living people and does not concern legal entities such as companies. The Personal Information which we collect is the following:
a. Name, home, gender and work address, landline and mobile telephone numbers and email address, your business title, date and place of birth, nationality, passport, visa or other government-issued identification information;
b. Debit and credit card numbers, other card information and generally payment, billing and account information;
c. Employer or other relevant details if you are an employee of a corporate account, a vendor or other type of business partner (e.g. travel agent or meeting and event planner);
d. personal characteristics, nationality, income, passport number and date and place of issue;
e. your reviews and opinions about our services;
f. Profile picture;
g. Social media account ID or user ID;
h. Any other type of information which you may choose to provide to us or we may obtain about you through third parties with whom we do business (e.g. travel agents or similar providers);
i. Your images on CCTV;
j. CV’s; and
k. any other publicly available Personal Informaion, including information that is published on websites and any which you have shared via a publicly available platform such as your Facebook, Twitter or Linked In pages.
If you submit any Personal Information relating to other people to us, especially Personal Information of minors, in connection with the services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Statement which is provided at reception desks of our offices and/or in our website http://gstaxconsultants.com/
We and our service providers and/or agents and/or affiliates may collect Personal Information, directly from you and/or indirectly through another source whether these are provided in writing or verbally and in providing any part of our services, ways such as the following:
- Through Our website: We may collect Personal Information when you subscribe for a newsletter from us through our website, when you communicate with us via online chat-texting services or a social media service which may include messenger, facebook, or when you sign up
- Through Our Offline Services: We may collect Personal Information from you offline. This may take place when you visit our offices and/or when you have a meeting with any person of our staff, and when you communicate with any member of our staff over the phone or via e-mail. Also, Personal Information may be collected when you visit any of the group events or meetings or seminars we organise or in which we participate.
- From Other Sources: We may receive your Personal Information from other sources, such as publicly available databases and websites, your employers, our associates, introducers and other third parties who, however, have first obtained your permission to share this information with us.
In the event that we receive information from third parties, as opposed to directly from you, provided that they are lawfully entitled to share your Personal Information with us, we will use and share this information for the purposes described in this Statement. Also in the event that your Personal Information is collected in this way, then we will bring to your attention the information included in this Statement along with the source from which the Personal Information originate, and if applicable, whether it came from publicly accessible sources. This information shall be provided to you within a reasonable period after obtaining the Personal Information, but at the latest within 1 month, except where the Personal Information are to be used for communication with you, in which case we will provide you with the above information at the latest at the time of the first communication with you. However, if the above information is envisaged to be disclosed to another recipient then the above information shall be disclosed the latest when the Personal Information are first disclosed to the new recipient, despite the fact that none of the previous deadlines has passed. Of course, no such information would need to be provided:
a. where you already have this information;
b. where the provision of this information, for some reason, proves impossible or would involve disproportionate effort to obtain;
c. obtaining or disclosure is expressly laid down by Union or Member State to which we are subject, and which provide measures to protect your legitimate interest; or
d. in the event where the Personal Information must remain confidential subject to an obligation of professional secrecy.
Use of Personal Information
We may use Personal Information in the following ways:
1. for the provision of the services you request from us including:
- administration services,
- fiduciary services,
- corporate services,
- management services,
- trustee services,
- opening of bank accounts in Cyprus or foreign countries,
- legal services,
- consulting services,
- financial services,
- accounting services, and
- any other services included to any service agreement and/or engagement letter signed by the Client with the Service Provider (hereinafter referred to as the “Service Agreement”),
2. to corresponding with you;
3. to respond to you requests;
4. To send you tax and deadline alerts, tax news and/or other informative material about the state of the law and the economy, important business and legal events and developments on both Cyprus and international levels;
5. To send you administrative information, informative newsletters and/or publication, periodic customer satisfaction, market research or quality assurance surveys and in order to respond to you requests and messages. This may be done in accordance to any communication preferences you have expressed. Such information may be provided through e-mail, postal mail, social media, telephone, text messages, push notifications, and other means;
6. For our business purposes, such as data analysis, audits, security and fraud monitoring and prevention (including through the use of closed circuit television, card keys, and other security systems), developing new products, enhancing, improving or modifying our Services to ensure that our site, products, and services are of interest to you, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities;
7. To generate usage statistics of our website;
8. To verify your identity when you access your account or to contact you to perform security checks;
9. to generate statistics in relation to the types and volumes of clients to whom we provide services during the year; and
10. to gather information about potential employees and member of staff candidates.
In the event that we decide to further process your Personal Information for a purpose other than that for which your Personal Information was obtained, we shall provide you prior to that further processing with information on that other purpose and with any relevant further information which the General Data Protection Regulation requires.
Disclosure, Sharing and Transfer of Personal Information
To be able to provide you with the best possible service without you having to communicate with many different service providers, your Personal Information may be shared with the below entities and/or people, which may involve cross-border transfer of information to third parties in countries outside the European Economic Area:
- to authorised personnel at our offices, who are appropriately-trained for the processing of Personal Information;
- affiliate and subsidiary companies of Globalserve;
- agents in any jurisdiction for the registration and management of your company/ies,
- your auditors with who you have an Engagement Letter,
- your legal consultants and/o advocates and/or solicitors and/or barristers and/or lawyers with whom you have an Engagement letter and/or agreement
- to the bank in which you wish to open a bank account
- to the Cyprus Registrar of Companies, the Commissioner of Taxation in Cyprus, the Service Provider’s service providers and any other regulators or supervisory authorities,
- any other associates and/or agents and/or to whom you instruct the us to transfer your Personal Information,
- to MailChimp which is a marketing platform of The Rocket Science Group LLC used for the purposes of direct marketing and email campaigns. MailChimp is part of the Privacy Shield framework and has thus been recognised by the European Commission as offering an adequate level of data protection. Despite the agreements which are in place between Globalserve and MailChimp ensure that the processing of your Personal Information is in accordance with the General Data Protection Regulation.
- In the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings), we may share your Personal Information to a third party for the purposes of the aforementioned event.
- If you visit any of our properties for the purpose of an event and/or meeting and/or seminar, then the Personal Information collected for the meeting and/or event and/or seminar may be shared with (1) the organisers of that event and/or meeting and/or seminar, and (2) where appropriate, the guests who participate in the event and/or meeting and/or seminar.
- Other circumstances in which the sharing of your Personal Information may take place are in order to:
- comply with applicable laws,
- respond to governmental inquiries or requests from public authorities,
- comply with valid legal process,
- protect the rights, privacy, safety or property of Globalserve, site visitors, clients, employees, those of any of our affiliates or the public,
- permit us to pursue available remedies or limit the damages that we may sustain,
- enforce our websites’ terms and conditions;
- respond to an emergency; and
- to allow us to pursue available remedies or limit the damages that we may sustain.
13. where your Personal Information is transferred by Globalserve to a country outside the European Economic Area (EEA) Globalserve shall ensure that the country to which the Personal Information is transmitted and the recipient of the Personal Information keeps satisfactory level of protection
Where there is no confirmation from the European Commission that a particular country, which is outside the EEA, keeps satisfactory level of protection, authorization will be sought from the competent data protection authority in Cyprus i.e. the Office of the Commissioner for the Protection of Personal Information in Cyprus.
Globalserve will not, in any way and in any event, directly or indirectly, sell any of your Personal Information to any third party. Any information supplied will be confidential and will be handled in accordance with the applicable laws and regulations.
Confidentiality and Personal Information
Globalserve must employ suitable personnel and take appropriate organizational and technical measures for the processing of Personal Information, their security and protection from accidental or unlawful destruction, accidental loss, alteration, unauthorized dissemination or access or any other form of unlawful processing.
Globalserve carries out checks and/or uses contractual terms to ensure that any party to whom my Personal Information are transferred complies with the principles of confidentiality and the Law and where that the Service Provider determines the way in which the Personal Information will be processed and the purpose for which they will be processed, the Service Provider carries out checks and/or contractual terms to ensure that Personal Information is processed in accordance to their instructions.
Any information related to me shall not be disclosed to third parties except in the cases allowed under the provisions of the Law, and to any person to which I have assigned my rights in relation to the Contract and solely for matters concerning them.
Legal grounds for collection and processing of Personal Information
We would like to inform you that the legal grounds for receiving and handling your Personal Information are:
- that processing is necessary for the provision of the services you seek from Globalserve, which include but are not limited to the services mentioned under “Use of Personal Infroamtion” above (Regulation, Art. 1(b));
- to the extent that the collection and processing is not covered by a) then the legal ground will be your explicit consent to the processing of your Personal Information for the above specific purposes (Regulation, Art. 1(a)). You may withdraw your consent at any time by sending us written notice of your wish to withdraw. This may be done in any written format including e-mail and fax and also includes the automate way to opt out from newsletters and publications (unsubscribe mechanism);
- that processing is necessary for compliance with our legal obligations (Regulation, Art. 1(c));
- that processing is necessary in order to protect your vital interests or those of another individual (Regulation, Art. 1(d)).
- that processing is necessary for the legitimate interests pursued by us except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of Personal Information, in particular where the subject is a child (Regulation, Art. 1(d)).
Under the Regulation, you have the following rights:
a. to check whether and what kind of Personal Information we hold about you and to access or to request copies of such data;
b. to be explained clearly and simply the information contained in this Statement;
c. to request correction, supplementation or deletion of Personal Information about you that is inaccurate or processed in non-compliance with applicable legal requirements;
d. to instruct the erasure of your Personal Information from our archives where:
- it is no longer necessary for the purposes mentioned in this Statement;
- where you withdraw your consent on which the processing is based and where there is no other legal ground for the processing;
- where you object at any time to the processing of your Personal Information in accordance to point (f) and (g) below;
- your Personal Information has been unlawfully processed;
- your Personal Information has to be erased in order for us to comply with our legal and/or regulatory obligations.
e. to obtain a restriction to the collection, processing or use of Personal Information about you where:
- the accuracy of your Personal Information is contested by you to allow us to allow us to verify the accuracy of your Personal Information;
- the processing is unlawful but you do not wish us to erase your Personal Information from our archives;
- we no longer need your Personal Information for the purposes of processing, but they are required by you for the establishment, exercise or defence of legal claims; or
- you object to the processing of your information which is based on your consent, subject to limited exceptions such as the establishment, exercise or defence of legal claims;
f. to object to processing of your Personal Information on grounds, relating to your personal situation, which have been obtained based on the necessity for the legitimate interests pursued by us, and to have us no longer process your personal data unless either we demonstrate to you compelling legitimate grounds for the processing which override your interest, right and freedoms, or the Personal Information is needed for the establishment, exercise or defence of legal claims;
g. to object at any time to processing or your data for direct marketing;
h. to the extent that your data is processed on the legal ground of your consent or the processing is carried out by automated means, to receive the data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from our part;
i. to know the identities of third parties to which your personal data is transferred;
j. to provide instructions on how your data must be handled after your death when relevant;
k. to lodge a complaint with the competent data protection authority, in Cyprus i.e. the Office of the Commissioner for the Protection of Personal Data;
m. to request us to transmit your Personal Information to another controller without hindrance from our part.
How you can exercise your right?:
Globalserve Consultants Ltd
9 Vassili Michaelides, 3026
P.O Box 57019, 3311 Limassol-Cyprus
Tel. 00357 25 817181
Fax. 00357 25 824055
We only accept requests for the exercise of your rights that are in a written form (even if it is in an electronic form) and we also request proof of your identity.
For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Reasonable organization, technical and administrative measures are in place to protect your Personal Information from unauthorized access, disclosure, alteration or destruction, while the Personal Information is stored in our archives. Among the things used to ensure the protection of your data are the minimization of people who have access to the electronic archives where the Personal Information are stored, and web security against hacker attacks.
We also carry out check to ensure that our affiliates and service providers with whom we share personal information, have reasonable measures in place to provide an adequate level of data protection and to maintain the confidentiality of your Personal Information.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us in accordance with the “Contacting Us” section below.
Special category of Personal Information
“Special Category of Personal information” amount to such information the processing of which reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
We do not generally collect Special Category information and we ask that, unless there is a regulatory or other serious need for you and/or another client and/or a third party , you do not to send us, and you do not disclose, any Special Category Personal Information to us.
We do not knowingly collect personal information from individuals who are under 18 years of age. As a parent or legal guardian, please do not allow your children to submit personal information without your permission. By providing us with the personal information of your children, you represent that authority has been given by both parents for the provision of this information.
Unless we hear otherwise from you or a longer retention period is required or permitted by the applicable law or there is a continuous contractual and/or service relationship between you and Globalserve, your Personal Information will be subject to our 3-year retention policy. This retention period is in our opinion necessary to fulfil the purposes outlined in this Statement.
However, CV’s which are received by Globalserve for the purposes of employment, will only be retained for one year.
You Personal Information shall be destroyed as early as practicable, from both our short-term system and our back-ups so that restoration and/or reconstruction of the data is no longer possible. This also involves the secure destruction of any printed paper through methods such as cross-shredding or incinerating the paper documents.
Updates to this Privacy Statement
Where the need arises for the further protection of your Personal Information and for the purposes of your information, we may change and/or modify this Privacy Statement from time to time. Where we make material changes to this Statement we will post a link to the revised Statement of the homepage of the website of Globalserve at http://gstaxconsultants.com/ and where you have consented to the processing of your Personal Information based on a previous version of this Statement you may also be informed through a communication channel that you have provided.
It is possible to recognize when this Statement has been last updated by looking at the date at the top of the Statement. Any changes become effective from the date on which they were posted on the website of Globalserve. Use of the website, any of our products and services, and/or providing consent to the updated Statement following such changes constitutes your acceptance of the revised Statement then in effect.
Globalserve Consultants Ltd
9 Vassili Michaelides, 3026
P.O Box 57019, 3311 Limassol-Cyprus
Tel. 00357 25 817181
Fax. 00357 25 824055
Because email communication are not always secure, please do not include credit card or other sensitive information in your emails to us.