LAST UPDATED: April 2022
We, Georgios Colocassides and Partners LLC (we, us, our) take privacy, and the security of personal data, very seriously, and we are committed to ensuring that we safeguard the privacy and personal data of visitors of our website, https://cohalaw.com (the Website) and those with whom we communicate through that Website, whether by email or electronically, at all times and in the best way possible.
• who we are;
• what personal information we collect about you;
• how, when and why we collect, store, use and share your personal data;
• how we keep your personal data secure;
• for how long we keep your personal data;
• your rights in relation to your personal data;
• how to contact us, or the relevant supervisory authorities, should you have a complaint
When we collect, use and process personal data we are subject to the provisions of the EU General Data Protection Regulation (EU) 2016/679 and local law in relation to personal data we collect, use and process. We are responsible as what is described as a ‘controller’ of that personal information for the purposes of those laws. In other words, we are primarily responsible for that data and we determine the purposes and means of the processing of personal data.
This policy applies in all circumstances, but in particular where:
• you visit our website;
• you submit an enquiry, make contact with us or sign-up to receive our newsletter;
• you apply for a job.
In this policy, please note the use of the following terms:
• personal data: has the meaning given to it by the GDPR and local law and means any information relating to an identified or identifiable individual (known as a data subject);
• processing: means any operation or actions performed on personal data, including collection, recording, organisation, structuring, storing, altering, deleting or otherwise using personal data.
• we, us and our: refers to Georgios Colocassides and Partners LLC;
you and your: refers to the person who is accessing our website and whose data is processed:
the Website: https://cohalaw.com.
Your personal data
We may collect, store, use and share personal data relating to you when you submit an enquiry, make contact with us or sign-up to receive our newsletter or you apply for a job. No personal data is collected when you visit our Website.
The data we need to collect from you for the above purposes, may include the following:
• when you submit an enquiry, make contact with us or sign-up to receive our newsletter:
o your email address
• when you apply for a job:
o name, surname, your email address and the content of our CV.
The purposes for which your information is used
We only use your personal data for the purposes for which it was acquired, or where we have a proper reason for using it. Those reasons may include the following:
• For providing you with our periodic newsletters or responding to you enquiries.
• For marketing our services to existing and former clients and people who subscribed for our newsletters and third parties.
• For processing and assessing you job application.
• Where you have given consent to the use of your personal data for one or more specific purposes.
• Where the use is necessary for compliance with a legal obligation that we are subject to.
• Where the use is necessary in order to protect your vital interests or those of another person.
• Where the use is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
• Where the use is necessary for the purposes of our legitimate interests or those of a third party, except where those interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data, in particular where you or the relevant person is a child.
• For statistical analysis to enable us better to manage our business.
• For maintaining and updating records to ensure accuracy of processing and preventing unauthorised access and modifications to systems, and to prevent and detect criminal activity that could be damaging for us and for you.
• To comply with legal and regulatory obligations, and to make information returns to regulators and legally constituted bodies.
• To ensure safe working practices, and for staff administration and assessment purposes.
In addition to the general matters dealt with in the previous section, we may also need to send you updates concerning us, our services, the developments in the legal field, or other related matters which might concern you, or be of interest to you. This may be by post or email and may include information about services that we offer, and information relating to changes in those services.
We regard ourselves as having a legitimate interest in processing your personal data for these purposes, and we take the view that we do not require your consent in order to do so. From time to time we undertake what are known as ‘legitimate interest assessments’ in order to balance our interests in contacting you with your interests in relation to your data. Where we believe that consent is required, we will contact you specifically for this and will do so in a clear and transparent manner.
Be assured that we treat your personal data with the utmost respect and will never share it with others for marketing or promotional purposes. You have, at all times, the right to request that we do not contact you for any purpose other than carrying out the matter which we are instructed to undertake. We may, however, require that you confirm your marketing preferences from time to time so that we can be sure that your views remain the same.
Sharing your data
We will not generally share your personal data with others. We will only disclose your data to others in order to comply with any legal or regulatory obligations to which you or we are subject.
How your personal data is kept
Your personal data will be kept secure at all times. Your personal data may be held at our offices at third party agencies and services providers. Some of your data may be held on Azzure Microsoft Cloud Services.
We operate various security measures in order to prevent loss of, or unauthorised access to, your personal data. In order to ensure this, we restrict access to your personal data to those with a genuine business need to access it, and we have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Your rights in relation to your personal data
Data protection legislation gives you, the data subject, various rights in relation to your personal data that we hold and process. These rights are exercisable without charge, and we are subject to specific time limits in terms of how quickly we must respond to you. Those rights are, in the main, set out in Articles 12–23 of the GDPR. They are as follows:
• Right of access: the right to obtain from us confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to that personal data and various other information, including the purpose for the processing, with whom the data is shared, how long the data will be retained, and the existence of various other rights (see below).
• Right to rectification: the right to obtain from us, without undue delay, the putting right of inaccurate personal data concerning you.
• Right to erasure: sometimes referred to as the ‘right to be forgotten’, this is the right for you to request that, in certain circumstances, we delete data relating to you.
• Right to restrict processing: the right to request that, in certain circumstances, we restrict the processing of your data.
• Right to data portability: the right, in certain circumstances, to receive that personal data which you have provided to us in a structured, commonly used and machine-readable format, and the right to have that personal data transmitted to another controller.
• Right to object: the right, in certain circumstances, to object to personal data being processed by us where it is in relation to direct marketing, or in relation to processing supported by the argument of legitimate interest.
• Right not to be subject to automated decision making: the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
Before disclosing any personal data to you, we may request verification of your identity. Your rights may be exercised by sending an email to the address provided hereunder.
Keeping your data secure
In order to ensure that data is kept secure, and to prevent there being any breach of confidentiality, we have put in place security measures which are intended to prevent your personal data from being accidentally lost or used or accessed unlawfully. Access to your personal data is restricted to those with a need to access it, and regard will be had to the need for confidentiality when that personal data is processed.
In the event that there is a suspected data security breach you will be notified. Where appropriate we will also inform the competent authorityof a suspected data security breach where we are legally required, or have a regulatory obligation, to do so.
Please note that the transmission of information via the internet is not completely secure. Although we will do our best to protect personal data, we cannot guarantee the security of any data transmitted to us via our website, or to or from us via email. Any transmission using these methods is at your risk. Once we have received your information, we will be able to set up procedures and security features, such as encrypted emails, to try to prevent unauthorised access.
We also take appropriate steps to keep your personal data safe from unauthorised access, improper use or disclosure, unauthorised modification, or unlawful destruction or accidental loss consistent with applicable law.
If you have any queries as to the acquisition, use, storage or disposal of any personal data relating to you please contact: email@example.com. Notwithstanding our best efforts, inevitably sometimes things do go wrong. If you are unhappy with any aspect of the use and/or protection of your personal data, you have the right to make a complaint to the Office of the Commissioner for Personal Data Protection, who may be contacted in writing at the postal address P.O.Box 23378, 1682 Nicosia, Cyprus, fax: +357 22304565, email: commissionerdataprotection.gov.cy.
Georghios Colocassides & Partners LLC is a client-oriented Nicosia-based boutique law firm specialising in business and corporate law and associated litigation, delivering high standard practical solutions to the local and international markets.