Introduction
The EU on 6 April 2016 decided to a most important reform of its Data Protection context, by adopting a new General Data Protection Regulation 2016/679 (GDPR). This General Data Protection Regulation, will become directly applicable on 25th of May 2018, to all EU countries. Therefore the below Privacy Notice provides you with information on how we collect and process your personal data as of 25th of May 2018.
Table of contents:-
Generally who we are
The personal data we are obliged to collect
How we collect your personal data
How we process and use your personal data
Who we may share your data with
Transfer and processing of your personal data outside the European Economic Area
How long we will keep your personal data for
You are permitted
Our communications, the Website, Social Media Widgets and cookies
Privacy Notice Amendments
How to contact us

1.         Generally who we are
1.1     George Theocharides LLC (“George Theocharides LLC”, “we” or “us” or “our” or “the firm”, ) is a licensed lawyers limited liability company incorporated in Cyprus and provides Legal and professional services in Cyprus and to overseas and/or international clients.
1.2      We are:-
(a)       licensed and regulated by the Cyprus Bar Association and incorporated by the Company Registrar in Cyprus with registered number HE247573. Our registered office is at 137 Gladstonos Str, Taitou Court, Suite 303, 3032, Limassol, Cyprus;
(b)       liable for our website, the www.theocharides.com  (“Website”);
(c)       responsible in view of the General Data Protection Regulation (“GDPR”) and the controller in respect of the processing described in the current Privacy Notice;
2.         The personal data we are obliged to collect
2.1     We may require to collect any of following personal data from you:
(a)      the full name and your personal contact details such as your residence and/or business address, your email address and your mobile number and/or telephone number of home and/or business;
(b)       your identity, C.V. (Curriculum Vitae) including your nationality, date of birth, passport and/or national identity card details and country of domicile, your employment if any and maybe employment history, your job title if any and duties, educational profile, tax status, interests and any other information may be relevant to our provision of professional services;
(c)       data in relation to your financial situation such as income, liabilities , assets and expenditure, sources of wealth if any, financial statements as well as your bank account details and any other information necessary for processing payments and for Anti Money laundering (“AML”) purposes;
(d)       understanding and dealing with your business enquiries/aims/intentions, and any other information you will provide to us in relation with our provision of professional services;
(e)       data about our meetings with you, especially when we meet at our premises;
(f)        restricted usage data relating to your viewing and/or accessing of our email marketing materials, and your marketing preferences (see Section 9 (Our communications, the Website and cookies) below).
2.2     We may also require to process special category data (including data relating to racial or ethnic origin, political opinions, religious beliefs, trade union membership, health and sexual life) and / or data relating to criminal convictions and offences (together “sensitive personal data”).
3.         How we collect your personal data
3.1     We may gather your personal data or you may provide it to us through different ways including from information:-
(a)       you provide it to us when we meet you;
(b)       it may provided to us by either your company, organization, agents, advisers, intermediaries or custodians of your assets;
(c)       provided to us by our clients;
(d)       you have communicate to us by telephone, email, post, or any other forms of electronic communication. In this respect, we may monitor, record and store any such communication;
(e)       gathered when you complete (or we may complete on your behalf) client engagement formalities, i.e. retainer, email, letter, oral instructions or you have registered for an event;
(f)        collected from publicly available sources or from third parties, e.g. when we need to conduct background checks about you;
(g)       accumulated via closed circuit television (CCTV) monitoring in our offices;
(h)       collected when you view or access our email marketing materials (see section 9 (Our communications, the Website and cookies) below); and / or
(i)         accumulated otherwise in the normal course of providing professional services.
4.         How we process and use your personal data
4.1     Your personal data will be processed on whether you are a client, a representative of a client, a business contact, someone whose personal data we necessarily process as part of our provision of professional services, or otherwise.
We may process your personal data for the following purposes:
providing a proposal to you or your company in relation to the professional services we offer and for client engagement purposes (including the carrying out of background checks);
providing professional services to your enquiries (including legal and advice and/or opinions and/or associated advisory services);

operating our business relationship with you and/or our clients, for record-keeping purposes and more generally for the proper operation of George Theocharides LLC;

concerns with any possible complaints or any feedback you may have;

follow and improving the performance and effectiveness of our services, as well as by continuing training our personnel;

for any other purpose for which you provide us with your personal data;

for the purposes set out in Section 9 (Our communications, the Website and cookies) below;

seeking advice on our rights and obligations, such as where we require our own legal advice, and to exercise and defend our legal rights;

compliance with our legal and regulatory obligations, such as anti-money laundering laws (which may include the carrying out of background checks and retention of a record of such checks), data protection laws and tax reporting requirements, and/or to assist with investigations by police and/or other competent authorities (where such investigation complies with relevant law) and to comply with Court orders;

protecting the security of our systems and communications; and / or

for security purposes generally and to ensure the safety of our employees and visitors;

providing you access to our website and personalizing your visit to it;
4.2     We may process your personal data for any of the purposes set out above where one or more of the following lawful processing grounds applies:
(a)       the process is essential to perform an agreement with you, or to take steps at your request before entering into a contract with you;
(b)       the process is essential for us to fulfil with our legal obligations;
(c)     the process is essential for our legitimate interests (including the operation of George Theocharides LLC, and the provisions of professional services) or those of any client or relevant third party, unless those legitimate interests are overridden by your interests or fundamental rights or freedoms; and/or
(d)     you have consented to the process in question.
4.3     Where in cases we process sensitive personal data, other lawful processing grounds may apply, such as that the processing is necessary for the establishment, exercise or defence of legal claims (for example to protect and/or defend our property or rights, or those of our clients) or for reasons of substantial public interest; or where you have given us your explicit consent.
5.         We may share your data with
5.1      We may share your personal data with:
(a)       your organization;
(b)       with our client for the specific issue;
(c)       third parties we engage or may appoint to assist in providing our professional services, such as lawyers, advocates, other professional services firms, Banks, IT and other consultants, public relations advisers, translators and/or couriers;
(d)       intermediaries to whom we introduce you;
(e)       third party service providers who provide business services to us, such as shared service centres, and with providers of anti-money laundering services and background checks, for processing in accordance with our instructions;
(f)        our own legal and professional services providers and/or insurers, where appropriate;
(g)       third parties and their advisers in the event of the potential or actual sale or purchase of all or part of our business or assets (or any other business or assets), subject to appropriate obligations of confidentiality; and/ or
(h)       Courts and other authorities in connection with the enforcement or defence of legal rights and other provisions of our professional services.
6.         Transfer and processing of your personal data outside the European Economic Area
6.1     We may require to transfer your personal data to countries outside the European Economic Area for providing professional services which may have the same level of data protection as within EU.
6.2     In such case we ensure that any such transfer meets the requirements of General Data Protection Regulation, e.g. in case is necessary for the provision of our professional services to you or for the establishment, exercise or defence of legal claims; or is otherwise subject to prescribed safeguards such as model clauses approved by the European Commission. More information is available from admin@theocharides.com
7.         How long we will keep your personal data for
7.1     We will retain your personal data for as long as is necessary to fulfil the purposes set out in this Privacy Notice.
7.2      In many cases this will mean that we shall retain your personal data for the same period as we retain your files or a copy of your files. If after 10 years you have no business requiring invoicing, your data and account could be automatically deleted. In addition, we shall retain information obtained to meet our obligations under the anti-money laundering regulations for at least 5 years following the end of our business relationship with you.
7.3      Longer retention periods may be appropriate where, for example, specific legal or public interest archival reasons apply.
8.       You are permitted
8.1     Under General Data Protection Regulation you have the following rights to:
(a)       obtain access to, and copies of, the personal data we hold about you and information about how we process it;
(b)       request us to correct any inaccuracies (after informing us) in the personal data we hold about you;
(c)       request us, in certain circumstances, erasure of your personal data;
(d)       request us , in certain circumstances, to restrict our data processing activities;
(e)       acquire from us the personal data you have provided to us in a reasonable format, including for the case where you would like to transmitting that personal data to another data controller;
(f)        object to our use of your personal data based on our legitimate interests, on grounds relating to your specific situation;
(g)       withdraw your consent, where our use of your personal data is based on that consent; and
(h)       complain to the Data Protection Commissioner, which can investigate compliance with data protection law and has enforcement powers, if you are not satisfied with how we are processing your personal data.
8.2     Please contact us in writing using the contact details below if you would like to act in any of your rights above. Please note that these rights are not absolute, and we may be entitled (or required) to refuse any requests where exceptions apply.
9.         Our communications, the Website, Social Media Widgets and cookies
9.1      We may use your contact details to send you either by post or email, newsletters, updates, event invitations and other mailings promoting our services. We do this on the basis of our legitimate interests or your consent (as appropriate to the communication in question). You may always unsubscribe from these mailings, by clicking on the link in the relevant email; or by contacting us at info@theocharides.com.
9.2      We use mailing list management/marketing software to manage how we contact you. This permits us to record and manage how we contact you, and to manage any of your preferences and bookings for our events.  It also permits us (as set out in any such email) to review whether emails are opened or forwarded, and whether briefing links are clicked. With this way this data aids us to ensure that our mailing list remains up to date; it may also provide us with some basic information about your interests and to personalize our communications with you.
9.3 We may use Social Media Widgets and may include social media features, e.g. facebook “like” button and other widgets that run on our website. These features may collect your IP address and which page you are visiting, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third-parties or hosted directly on our web site. Your interactions with these features are governed by the privacy policy of the organization providing it.
9.3      We use cookies on our Website, in accordance with our Cookie Policy.
10.       Privacy Notice Amendments
From time to time we may update/amend this Privacy Notice as to how we process personal data. We will publish the new version on the Website and where appropriate, will provide you with a copy of this.
11.      How to contact us
If you have any questions about this Privacy Notice or how we process your personal data, you may contact us at admin@theocharides.com, or by post at Data Protection, 137 Gladstonos Str, Taitou Court, office 303, 3032, Limassol, Cyprus.