According to General Data Protection Regulation (GDPR) (EU) 2016/679, BERYL TRUST COMPANY LTD (“The Company”) acknowledge the importance of treating personal data as confidential and we apply it to all personal data that are collected, used or disclosed by the Company as part of an actual business relationship with past and present clients.
COLLECTION OF PERSONAL INFORMATION
We collect your personal information directly from you and we process your ‘personal data’ such as your full name, residential and business address, e-mail and telephone number, date of birth, identity/passport information, status/place of employment/job title, salary/ source of funds & source of wealth (i.e. economic and financial background), tax information such as tax residence and tax number, bank reference letter, criminal records and records in case of disciplinary matters (i.e. warnings and certificate of bankruptcy) so as to implement the provisions of the business agreement signed between you and the Company.
USE OF PERSONAL INFORMATION:
As stated above your personal information is collected and used for establishing, managing or terminating your business relationship with the Company. In more details your personal data are processed for the following reasons:
- To comply with the general requirements and with the specific provisions of the applicable Anti-Money laundering legislation,
- To initiate and continue a business relationship with clients so as to provide the requested services,
- To meet the requirements on KYC data collection,
- Process company-client claims (i.e.compensation, if any),
- For providing IT support.
MANAGEMENT OF PERSONAL INFORMATION
According to Regulation 2016/679 of the European Union your personal data will be:
- Processed lawfully and in a transparent manner,
- Collected for the purposes of your Agreement solely and they will not be processed for any other purpose than the one that they have been originally collected,
- Adequate, relevant and limited to what is necessary; no unnecessary data will be collected,
- Kept up to date and in a form that will not allow identification of clients for a period of more than five (5) years after the termination of the business relationship as required by the provisions of the current AML
- Processed in a manner that will ensure their appropriate security by using appropriate technical and other security measures.
Your personal information will be shared with those employees, authorities, governmental authorities and institutions within and outside of your home jurisdiction, that require such information either because it is required by law or so as to assist us with establishing, managing and safeguarding or terminating the business relationship with you.
Employees will provide administrative, information technology and data processing services to us so that we may operate your business and to safeguard your personal data. These safeguards are designed to protect your personal information from loss and unauthorized access, copying, use, modification or disclosure.
We share your personal information and as result, your personal information may be collected, used, processed, stored or disclosed in the home jurisdiction of your company, to authorities, governmental authorities and institutions (i.e. tax authorities and the Cyprus Securities and Exchange Commission, bank and financial institutions, other service providers) whenever and only as required by the applicable legislation.
DATA SUBJECTS RIGHTS (KNOW YOUR RIGHTS)
Under the GDPR Regulation 2016/679 of the European Union, data subjects have the following rights:
- Right to be informed, transparency as to how personal data will be used;
- Right of access, you have the right as the data subject of access to your personal data
- Right to rectification of data that is inaccurate or incomplete, you can request to amend any of your personal data which are inaccurate or
- Right to be forgotten (under certain circumstances), you can request erasure of your personal data in some cases, however this will be applied only in cases where it does not contradict with the provisions of your business relationship with the Company;
- Right to data portability, allows you to obtain and reuse your personal data for your own purposes across different services; We can provide you with a copy of your personal data in a form that you can send it to a third party;
- Right to restriction of processing, you have the right to restrict processing where (a) the accuracy of the personal data is contested (b) the processing is unlawful and the client opposes the erasure of the personal data and requests the restriction;
- Right to object, you have the right to object, at any time to the processing of your personal data, however this will be applied only in cases where it does not contradict with the provisions of your Agreement with the Company.
- Automated individual decision-making, you have the right not to be subject to a decision based solely on an automated processing.
It is important that the information contained in our records is both accurate and current. In case of any change of your personal information please let us know.
The Company will provide you with appropriate contact information of the representative and if there will be any updates or changes in your personal data please notify us by contacting the representative so as to amend your data accordingly. You can raise a question/complaint about the processing to your personal data to our representative and if not resolved then you can address this to the data protection regulator in Cyprus.