Privacy Statement Summary

At Yennadiou Auditors Ltd [ ‘We’, ‘the firm’, ‘Yennadiou’] we are committed to protect privacy of information and personal data entrusted to us. We handle private information in an open, transparent manner.

The privacy statement set below applies to personal data processed by Yennadiou registered in Cyprus under registration number HE391144 with registered offices at 41-43 Spyros Kyprianou Avenue, Patroclos Tower 4th floor, 6051 Larnaca.

It describes what personal data or information we gather about you, when and why we use that information for and to whom we give the information.  It demonstrates your rights in relation to your data and indicates whom you can contact for additional information or queries.

You can find how we will collect, handle, store and protect personal information about you when:

  • Providing services to you or to our clients, or
  • We perform any activities that form part of the operation of our business.

We may refer to information that identify or may identify you or that may otherwise relate to you as “personal data” or “personal information”. We may also sometimes collectively refer to collecting, handling, using, protecting, transferring, storing and deleting your personal information as “processing” such personal data or information.

What information do we collect?

We may collect or obtain personal data about you when we provide services to you as a client and particularly when performing due diligence checks in connection with our services we might provide to you as a prospective client.

We may collect or obtain such data because you give them to us [ according to our “know-your-client” procedures ] because other people provide that data to us  [for example your employer or adviser, or third party service providers that we cooperate with to help operate our business ] or because it is publicly available.

Such personal data usually include but not limited to : your name, age, date of birth, ID, email address, home address, country of residence, family circumstances (for example, marital status and number of dependents), employment and education details , financial and tax related information (for example income and tax residency) and other similar information.

Sensitive or ‘special category’ data or information

We may also collect, but rarely, ‘sensitive’ or ‘special categories’ of personal data, such as details about your health (for example, in relation to life and medical insurance), ethnic or racial origin, but only as far as the law permits us to do so.

In the rare occasion we process any sensitive personal data relating to you we will do so only because :

  1. You have given us your explicit consent to process that data, or
  2. The processing is necessary to carry out our obligations under employment, social security or social protection law or other applicable law, or
  3. The processing is necessary for the establishment, exercise or defence of legal claims or
  4. You have made the data manifestly public.

Personal data or information from third parties

Where we have no direct contractual relationship with you but obtain your personal data about you by our client, we take steps to ensure that our client has complied with the applicable privacy laws and regulations relevant to that information, for example, information notices as to how your personal data will be processed and disclosed to third parties such as Yennadiou Auditors. In addition, we also make sure that he has obtained all necessary consents for us to process your personal data as described in this privacy statement.

Children data

Our services are not designed for, or intentionally targeted at, children. It is not our policy to collect or store information about children. For the purposes of this privacy statement, “children” are individuals under the age of fourteen.

The use of your personal data or information

Use of personal information to provide services to our clients

Most commonly, we will use your personal data in the following circumstances:

(A)  For the performance of a contract we have entered with you or for the completion of certain steps before entering into a contract with you.

We may process your personal data in the course of correspondence relating to our services.  Such correspondence may be with you or our service providers or competent authorities.

Please note that if you do not provide the personal data we request from you, we may not be able to offer or continue offering our services to you.

(B)  For our compliance with legal obligations.

We are required to comply with certain legal and regulatory obligations, as well as certain industry specific and professional standards, which may involve the

processing of personal data. We may need for example, to carry out identity verifications through our “know-your-client” and due diligence procedures, set-up anti-money laundering controls and comply with our tax reporting obligations. We may also need to provide information to a public body or law enforcement agency when we are so required.

(C)  When we have appropriate legitimate interests

We may process your personal data to pursue business interests of our own or of third parties, provided your interests and fundamental rights do not revoke such interests. More specifically, we process your personal data:

  • To maintain our accounts and records
  • To maintain the security of our information systems
  • To identify, prevent and investigate fraud and other unlawful activities
  • To monitor and safeguard the security of our people, premises and assets through video surveillance
  • For financial accounting, invoicing purposes
  • To defend, investigate or prosecute legal claims
  • For recruitment and business development purposes, and
  • In order to receive professional advice from our advisors including our lawyers, accountants and consultants.

(D)   Where we have obtained your consent

We will only ask for your consent when we wish to provide marketing information to you in relation to our products and/or services that we think might be of interest to you.

You may easily withdraw your consent to such processing at any time by contacting privacy@yennadiouaudit.com or by clicking on the “Unsubscribe” function in any marketing communications, including emails, that you may receive from us.

Where would we disclose your information to

We may disclose personal data about you to third parties that provide services to us, competent authorities (including courts and official bodies or authorities regulating us), your employer and/or their advisers, your advisers, credit reference agencies or other organizations that we use so as to take appropriate business decisions and mitigate the risk of potential fraud and misconduct.

Please note that some of the recipients of your personal data referenced above may be based in countries outside of the European Union. In such cases, we shall make sure that there are adequate safeguards in place to protect your personal data that comply with our legal obligations.

In addition, we may request you to provide us with your specific consent in cases of transfers to countries where no adequacy mechanism is in place.

Further details of the transfers described above and the adequate safeguards used by Yennadiou Auditors in respect of such transfers are available from us by contacting the Data Protection Officer at Yennadiou Auditors Ltd, 24-209444 or by email at privacy@yennadiouaudit.com.

Protection of your personal information

We have implemented physical, electronic and managerial measures so as to make sure that we keep your personal data secure. These include:

  • Education and training to our staff to ensure they are aware of privacy policies and obligations regarding processing personal data;
  • Administrative and technical controls;
  • Technological security measures; and
  • Physical security measures.

How long we keep your information for

We will hold your personal data on our systems and our records [ that is in electronic and in hard copy form] for the longest of the following periods:

  1. As long as is necessary and are required by us for the provision of the  relevant activity or services,
  2. Any retention period that is required by law,
  3. The end of the period in which litigation or investigations might arise in respect of the services, or,
  4. Any retention period as per our data retention policy.

Your rights

Your rights under the data protection regulation are :

  • To have access to your personal data. You may request to obtain from ourselves a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • To request correction of your personal data , which we process so that you may complete or correct data we hold and process about you.
  • To request erasure of your personal data. This right provides you with the opportunity request from us erase your personal data concerning you (known as the right to be forgotten) where there is no good reason for us to continue to process it.
  • To object to processing of your personal data, including profiling, where we are relying on a legitimate interest and there is something about your particular situation, which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
  • If you object to processing to direct marketing purposes, then we shall stop the processing of your personal data for such purposes.
  • To restrict processing of your personal data.
  • To receive a copy of your personal data in a format that is structured and commonly used and transfer such data to other organizations. You may request the transfer of your personal data directly by us to other organizations (data portability)
  • To withdraw your consent with regard to the processing of your personal data for certain purposes at any time. Note that any withdrawal of consent shall not affect the lawfulness of processing which was based on consent before it was withdrawn or revoked by you.

In order that you may be able to exercise any of your rights, or if you have any other questions about our use of your personal data, please send an email to privacy@yennadiouaudit.com or write to us to the address below:

The Data Protection Officer

Yennadiou Auditors Ltd

41-43 Spyrou Kyprianou Avenue

Patroclos Tower, 4th floor

6051 Larnaca, Cyprus

Right to complain

If you are not satisfied with the way we have processed your personal data or if you have any privacy query , you have a right to complain to the Office of the Commissioner in Cyprus. If you would like to be directed to the Office of the Commissioner, please contact us.

Changes to this privacy statement

We may modify or amend this privacy statement from time to time following, for example, new developments or amendments in the law or the regulation.

To let you know when we make changes to this privacy statement, we will amend the revision date at the top of the first page. Therefore, we encourage to periodically review this statement, to be informed about any possible changes.