Privacy Policy (GDPR)

GDPR stands for General Data Protection Regulation which replaces the previous Data Protection Directives by introducing new standards and principles in regards to the protection for the processing of personal data of natural persons as a fundamental right.

Our intention is to be of meaningful legal service and advice to our customers, by providing what we deem as valuable information.

The present Privacy Policy clearly states how A. DIMITRIOU & ASSOCIATES LLC applies the data protection principles subject to the General Data Protection Regulation 2016/679 regarding the processing of personal data of our customers.

In the present Privacy Notice, A. DIMITRIOU & ASSOCIATES LLC, may be referred to as “us”, “we” and “our”.

Your rights as data subject

Under the GDPR you have the following rights:

(a) to access your personal data

(b) to be provided with information about how your personal data is processed

(c) to have your personal data corrected

(d) to have your personal data erased in certain circumstances

(e) to object to or restrict how your personal data is processed

(f) to have your personal data transferred to a Data Protection Officer of another business in certain circumstances

(g) You have the right to make a complaint at any time to a supervisory Authority. The Cyprus Data Protection Commissioner is the lead data protection supervisory Authority in Cyprus.

Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply.

To find out more about your rights please refer to the EU regulator in the place where you are located (in the EU).

In case you have any questions about how we process your personal data, or in case you wish to exercise any of the rights set out above, please contact us.

What personal data we collect

Personal data means any information relating to you which allows us to identify you, such as your name, contact details, requirement details and information about your access to our website.

We may collect personal data from you when you commence your co-operation with us (either directly or indirectly through our trusted third party partners), if you use our website, or when you contact us either via e-mail correspondence, via telephone, via facsimile etc.

Specifically, we may collect the following categories of information:

Name, home address, e-mail address, telephone number, passport or other recognized personal ID card numbers and details, credit/debit card or other payment details;
Advance customer Information, which includes your name, nationality, date of birth, gender, passport or ID number, expiry date and country of issue;
Information about your use of our website;
The communications you exchange with us or direct to us via letters, emails, chat service, calls, and social media.
What do we use your personal data for, why and for how long

Your data may be used for the following purposes:

Providing products and services you request: we use the information you give us to perform the services you have asked for in relation to your litigation cases, extra-judicial cases, sale-purchase of property, opening of bank account(s) etc., including requested changes;
Contacting you in the event of any change, update in regards to the processing of your case, to obtain your instructions etc.: we send you communications via e-mail, text message, phone calls, post, facsimile etc. These communications are not made for marketing purposes and cannot be opted-out of;
Credit or other payment card verification/screening: we use your payment information for accounting, billing and audit purposes and to detect and / or prevent any fraudulent activities;
Administrative or legal purposes: we use your data for statistical analysis, systems testing, maintenance and development, or in order to deal with a dispute or claim. Note that we may perform data profiling based on the data we collect from you for statistical analysis purposes. Any profiling activity will be carried out with your prior consent only and by making best endeavors to ensure that all data it is based on is accurate. By providing any personal data you explicitly agree that we may use it to perform profiling activities in accordance with this Privacy Policy;
Immigration control safety: we may be obliged to provide your information to immigration authorities;
Security, health, administrative, crime prevention/detection: we may pass your information to government authorities or enforcement bodies for compliance with legal requirements;
Customer Services communications: we use your data to manage our relationship with you as our customer and to improve our services and enhance your experience with us;
Provide tailored services: we use your data to provide information we believe is of interest to you, prior to, during, and after the end of your business relationship with us and to personalize the services we offer to you, such as amendments to current Laws and/or Directives;
Marketing: from time to time we will contact you with information regarding new legislation, new legal services etc., via e-communications. You will have the choice to opt in or opt out of receiving such communications by indicating your choice. You will also be given the opportunity on every e-communication that we send you to indicate that you no longer wish to receive our direct e-communications.
We will only process your personal data where we have a legal basis to do so. The legal basis will depend on the reasons we have collected and need to use your personal data for.

In most cases we will need to process your personal data so we can enter into our engagement letter for the commencement of our business relationship with you.

We may also process your personal data for one or more of the following:

To comply with a legal obligation (e.g. Immigration or VAT requirements);
You have consented to us using your personal data (e.g. for marketing related uses, for opening of bank account(s) [whether specific account / corporate account / administration account etc.]);
To protect your vital interests or those of another person (e.g. in case of a medical emergency);
It is in our legitimate interests in operating as advocates and legal consultants (e.g. for compliance with the Cyprus Bar Association which is our Regulatory Authority, the Central Bank of Cyprus for Money Laundering compliance purposes etc.)
Only children aged 16 or over can provide their own consent. For children under this age, consent of the child’s parents or legal guardians is required.

We will not retain your data for longer than is necessary to fulfil the purpose it is being processed for. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it and whether we can achieve those purposes through other means.

We also consider periods for which we might need to retain personal data in order to meet our legal obligations or to deal with complaints, queries and to protect our legal rights in the event of a claim being made.

When we no longer need your personal data, we will securely delete or destroy it. We will also consider if and how we can minimize over time the personal data that we use, and if we can anonymize your personal data so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.

Security of your personal data

We follow strict security procedures in the storage and disclosure of your personal data, and to protect it against accidental loss, destruction or damage. The data you provide to us is protected using SSL (Secure Socket Layer) technology. SSL is the industry standard method of encrypting personal information and credit card details so that they can be securely transferred over the Internet.

All payment details are transmitted over SSL across dedicated network infrastructure. We may disclose your information to trusted third parties for the purposes set out in this Privacy Policy. We require all third parties to have appropriate technical and operational security measures in place to protect your personal data, in line with EU law on data protection rules.

International Data Transfer

A. Dimitriou & Associates LLC does not operate in other jurisdictions, whether located within or outside the European Economic Area (EEA). However, in instances where you will require the transfer of your personal data for specified and legitimate reasons, we will require all services providers to process your information in a secure manner and in accordance with EU law on data protection. We utilize standard means under EU law to legitimize data transfers outside the EEA.

Sharing your personal data

Your personal data will not be shared with anybody, unless with your prior written consent and only for specific purposes, in assisting your needs and processing of your requirements, e.g. your personal data may be shared with other Authorities and/or professionals for example, banks for the opening of your bank account, immigration authorities for the submission and completion of your application, our Associates, our Agents and/or our trusted partners.

We may also share your personal data with the following third parties for the purpose described in this Privacy Policy:

Government authorities, law enforcement bodies, and for compliance with legal requirements;
Trusted professionals such as accountants, auditors or your banker, through which you have requested, information;
Partner agents required to deliver the services you have asked for, such as real estate property and/or immovable property information;
Credit and debit card companies which facilitate your payments to us, and anti-fraud screening, which may need information about your method of payment to process payment or ensure the security of your payment transaction;
Legal and other professional advisers, courts and law enforcement bodies in order to enforce our legal rights in relation to our contract and/or engagement with you;
Social media: You may be able to access third party social media services through our website or before coming to our website. When you are registered with your social service account, we will obtain the personal information you choose to share with us through these social media services pursuant to their privacy settings in order to improve and personalize your use of our website. We may also use social media plugins on our website. As a result, your information will be shared with your social media provider and possibly presented on your social media profile to be shared with others in your network. Please refer to the privacy policy of these third-party social media providers to find out more about these practices.
Contact forms

All data collected upon the commencement of your engagement with A. Dimitriou & Associates LLC will be processed in line with this Privacy Policy.

When our use of your personal data is based on your consent, you have the option to withdraw your consent to our processing and delete your personal data at any time by contacting our law office.

We will delete any information collected without consent, as soon as we become aware of it.

We keep your personal information contained in your file which can be either in hard copy format, electronic format or both, or even Archived, for as long as you keep your business relation with us and also we maintain record keeping of all your data for 5 years after the termination of our business relation with you, subject to the Anti Money Laundering Applicable Laws of the European Union, harmonized with Cyprus Laws and relevant legislation and/or for 7 years as per Tax Law requirements.

Changes to Privacy Policy

Our Privacy Policy may change from time to time and any changes will be communicated to you either via e-communications or as notice on our website.