PERSONAL DATA PROTECTION POLICY
Latest update: 11.04.2023
EUROSUCCESS CONSULTING (hereinafter “The Company”) attaches particular importance and respect to the protection of the personal data of its operators. This Personal Data Protection Policy (hereinafter “Policy”) concerns the conditions of collection, storage and use of personal data by our Company, based in Nicosia, at 56 Stavrou Ave., Karyatides Business Centre | Block A2, Office 204, 2035 Strovolos, Nicosia – Cyprus, Tel. + 357 22420110, with www.eurosc.eu website and e-mail: email@example.com
About EUROSUCCESS CONSULTING
Our company is a Cypriot company and has as its subject matter, at a National level, the provision of business advice and other management advice, as well as the provision of training services through educational seminars to companies or individuals. At European level, our company develops proposals and participates in projects that are implemented within the framework of European programmes, in the fields of education and learning.
This Personal Data Protection Policy concerns the Company and the personal data that the
Company maintains for natural persons. Information about companies and other entities is not
included for the purpose of this Policy.
The Company is responsible for the website www.eurosc.eu, which is its corporate website. The Personal data that you provide us when you register or visit our website is processed and
will be kept in a file under the responsibility of our Company. In Addition, any other personal
data you give us is also processed and will be kept in a file under the responsibility of our
This Policy and its Terms may be updated from time to time and, for this reason, you should be regularly informed of its content and check this content for possible changes.
1 DEFINITION OF PERSONAL DATA
The term “personal data”, as used in this Policy, refers to information of data subjects, i.e. natural persons or individuals or professionals, such as name, mailing address, e-mail address, telephone number and others, which can be used to determine the identity of a client or visitor to the website.
2 DEFINITION OF PROCESSING OF PERSONAL DATA
Processing of Personal Data is the collection, registration, organization, storage, customization, alteration, retrieval, search for information, use, transmittal to third parties, dissemination, correlation, combination, limitation, deletion and destruction of Personal Data of natural persons.
3 METHOD OF COLLECTION OF PERSONAL DATA
We collect information about you in the following cases among others:
- Subscription to the Website,
- Communication with the Company,
- Purchase of services,
- Contact with Company representative by e-mail, telephone or correspondence,
- Participation in a social media activity related to the Company’s promotional actions (for example, when you say you like or share such an action),
- Signing in via social networking accounts (e.g.: using your Facebook or Google account credentials to create an account or sign in),
- Following trends on social media (Social Listening): The Company may search for relevant and published content on the Internet, and use it to improve its products and services, to solve consumer problems and provide personalized ads.
- Occasionally, by third parties, who may lawfully transmit information about you or the files that we may legitimately have access to.
- If you provide personal data on behalf of a third party, you should ensure that that third party has previously taken note of this Policy.
- If you are under 16 years of age, you should not provide us with any information about you unless you have the consent of the person exercising your parental responsibility.
- Please Help us keep your information up to date by informing us of any changes of your personal data.
4 WHAT PERSONAL DATA OF YOURS WE COLLECT
The following categories of data in reference to you may be collected and submitted for further processing through the various services and means of communication described in this Policy:
A. Communication Data. e.g. name, phone numbers, fax number, mailing address, date of birth, gender, email address, etc.
B. Use of Website and Communication how you use our website and if you open or forward our communications.
C. Information about the Provision of Services information concerning the services you select or receive, your professional position or your identity, information about your complaints and requirements.
In particular for browsing our website you are not asked by eurosc.eu for any personal information.
We collect the above necessary information from you, which you voluntarily grant us.
5 PROCESSING OF PERSONAL DATA
We Do not take decisions, nor do we compile profiles, based on automated processing of your data.
6 LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
For your data relating to your abovementioned actions, the legality of their processing is based on:
- Your own consent, when your data is voluntarily given to us.
- The execution of a contract: This occurs when the processing of your personal data is necessary to fulfill our obligations arising from the contract.
- The legal obligation: this is the case where we are obliged to process your personal data in order to comply with a legal obligation, such as keeping records for tax purposes or providing information to a public body or law enforcement authority.
- The legitimate interest: we may process data about you when we have a legitimate interest in carrying out a lawful activity in order to ensure the continuity of this activity, as long as it does not exceed your interests.
7 PURPOSE OF PROCESSING OF PERSONAL DATA
The personal data that you present or declare anywhere on our website is intended solely for reasons relating to your dealings with us, for our communication with you.
Eurosc.eu operates in accordance with the current Cyprus and EU legislation and securely maintains your personal data.
In Summary, we ask only for as much information as we need for you to enjoy an individual provision of services: registration on our website, selection of the appropriate services, execution and completion of the above, realization of the contract.
We therefore collect your data for the purpose of supporting our operators and for notification purposes.
In particular we collect your information, for the purpose of registering at eurosc.eu, for purchasing our services or dissemination on social media.
8 RECIPIENTS OF DATA
Recipients of the Data are the strictly necessary personnel of the Company, who are committed to preserving confidentiality. We may share or disclose your data when you explicitly request it or when it is required by law.
9 EXECUTORS OF THE PROCESSING
The Executοrs have agreed and committed with the Company:
- To preserve confidentiality,
- Not to send Data to third parties without the Company’s permission
- To take appropriate safety measures,
- To comply with the legal framework for the protection of personal data, in particular the GDPR Regulation.
10 SENDING OVERSEAS
We do not send your data outside the European Union (EU). Your Personal Data is subject to storage and processing within the E.U. only.
11 TIME OF DATA PROCESSING AND STORAGE – TIME OF ITS DELETION
The data provided by you will be kept/stored by us only for as long as necessary to fulfill the purpose for which you have communicated your data to us and in compliance with the applicable legal provisions.
We restrict access to your data to the people who need to use it for the particular purpose.
12 DATA SECURITY
We are committed to safeguarding your Personal Data. We have taken appropriate organizational and technical measures to secure and protect your data from any form of accidental or illegal processing.
These measures shall be reviewed and amended when deemed necessary.
The processing of your Data in any way Is permitted only to our authorized persons, employees and partners exclusively for the abovementioned purposes.
Regarding the protection and safeguarding of electronic data, we have proceeded with the purchase and installation of specialized software to ensure that our records will not reach unauthorized persons and/or organizations. Specifically, we have installed on our server and all our computers the 2FA system of the company ESET (ESET Secure Authentication File: Product-Overview-ESET-Secure-Authentication), a system that ensures the protection and accessibility, strictly and only to authorized users of the company’s records, through various stages of identification and access levels. In Addition, each user is able to be informed and aware of whether access to the system has been performed through his/her access data, via his mobile device, and thus he/she can immediately terminate any unauthorized access attempt.
In Addition, we have proceeded with the encryption of our electronic files through the ESET Endpoint Encryption program which provides a system of encryption of all files, including the external disks used by The staff.
13 DATA BREACH
If a personal data breach occurs, the controller is required to notify the relevant supervisory authority as soon as possible, and no later than 72 hours after becoming aware of the breach, if feasible. This notification is only unnecessary if it is unlikely that the breach will result in a risk to the rights and freedoms of natural persons. If the notification is not made within 72 hours, the controller must provide reasons for the delay. This timely notification is essential to ensure compliance with GDPR and to mitigate any risks to individuals’ privacy rights and freedoms.
14 YOUR RIGHTS AS SUBJECT TO DATA
Α. You Have the right of access to your personal data.
This means that you have the right to be informed by us if we are processing your data. If we are processing any of your kept data, you can ask to be informed about the purpose of the processing, what kind of data we keep, who we give it to, how long we store it for, whether automated decision making is made, but also for your other rights, such as rectification, deletion of data, restriction of processing and submission of a complaint to the Office of the Commissioner for Personal Data Protection.
Β. You have the right to rectify inaccurate personal data.
If you find that there is an error in any personal data kept that concerns you, you can submit an application for us to correct it.
C. You have the right to deletion/right to be forgotten.
You may ask us to delete your data if it is no longer necessary for the abovementioned processing purposes or you wish to revoke your consent if this is the only legal basis.
D. You Have the right of portability regarding your data.
You may ask us to obtain in readable form the data you have provided or to ask us to transmit it to another controller.
E. You have the right to restrict the processing.
You can ask us to limit the processing of your data for as long as the examination of your objections to processing is pending.
F. You Have the right to oppose the processing of your data.
You can oppose the processing of your data or waive your consent and we will stop the processing of your data if there are no other compelling and legitimate reasons that prevail over your right.
15 HOW TO EXERCISE YOUR RIGHTS
For these purposes any request you may have will have to be addressed in writing to EUROSUCCESS CONSULTING at firstname.lastname@example.org
For any questions or suggestions or statements related to these issues please contact us.
Using the abovementioned forms of contact you can still contact us for more information on the progress of your requests.
16 WHEN DO WE ANSWER
We answer your requests for free without delay, and in any case within (1) one month from the time we receive your request. If, however, your Request is complex or there are a large number of requests by you we will inform you within the month if we will need an extension of another (2) two months within which we will reply.
If your requests are evidently unfounded or excessive in view of their repeated nature, we may impose a reasonable fee, taking into account administrative costs for providing the information or carrying out the requested action or refuse to follow up on the request.
17 APPLICABLE LAW
We Process your Data in accordance with the General data Protection Regulation 2016/679/EU, and in general the current national and European legal and regulatory framework for the protection of personal data.
18 YOUR RIGHT TO APPEAL
You Have the right to submit a complaint to the Office of the Commissioner for Personal Data Protection (postal address: Iasonos 1, P.B. 1082, Nicosia, tel. + 357 22818456, e-mail address: commissionerdataprotecton.gov.cy), if you consider that the processing of your Personal Data violates the applicable national and regulatory framework law for the protection of personal data.
19 AMENDMENT OF THIS POLICY
We will update this Policy whenever necessary. If there are any significant changes to the Policy or the way we use your Personal Data, we will notify you either by posting a notice in a conspicuous place before the changes take effect or by any other convenient way. We encourage you to periodically read this Policy to know how your Data is protected.
The Company is the Controller of the Data it processes.
Our address is 56 Stavrou Ave., Karyatides Business Centre | Block A2, Office 204, 2035 Strovolos, Nicosia – Cyprus.
Our email address is: email@example.com