This Privacy statement describes when and what personal data we gather about you, how we use such personal data, and who we give such personal data to. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection. It also sets out your rights in relation to your personal data and who you can contact for more information or queries.
Evidentrust is strongly committed to protecting personal data, and this privacy statement details our approach on such issues. “Evidentrust” refers to Evidentrust Financial Services Ltd , a limited liability company registered in the Republic of Cyprus under registration no. 378746 and with its registered address at 64 Ivikou Street 3081, Limassol, Cyprus.
Personal data includes any information relating to an identified or identifiable living person. Evidentrust processes personal data for numerous purposes, and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ. Please refer to the various provisions of this privacy statement for specific information on particular processing activities. ”
Our role as Data Controller
Evidentrust is the data controller of any personal data collected by you. This means that Evidentrust is responsible for deciding how we hold and use personal information about you. We will process such data in accordance with the provisions of applicable Data Protection law. If you have any question regarding this privacy statement or how and why we process your data, please contact us at:
Data Protection Officer
Evidentrust Financial Services Ltd
64 Ivikou Street, 3081, Limassol, Cyprus
Phone: +357 25 327770
Collection of personal data
When collecting and using personal data, our policy is to be transparent about why and how we process personal data. To find out more about our specific processing activities, please refer to the relevant sections of this statement.
We have implemented generally accepted standards of technology and operational security in order to protect personally identifiable data and information from loss, misuse, alteration or destruction. In particular, we ensure that all appropriate confidentiality obligations and technical and organisational security measures are in place to prevent any unauthorised or unlawful disclosure or processing of such information and data and the accidental loss or destruction of or damage to such information and data.
Transfer to third parties
We do not share personal data with unaffiliated third parties except as necessary for our legitimate professional and business needs, for the purpose of executing your instructions or requests and/or as required or permitted by applicable legislation, professional standards or any applicable agreement between us. When we share data with others, we may, whenever required, put contractual arrangements in place to protect the data and to comply with our data protection, confidentiality and security standards.
Personal data held by us may be transferred to the following categories of persons:
Third party organisations
We use third party organisations to support us in providing services and process data on Evidentrust’s behalf, including providers of information technology, cloud based software as a service provider, identity management, website hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.
Law enforcement, governmental or regulatory authorities or to other third parties as required by, and in accordance with, applicable law or regulation
We may also disclose personal data to respond to requests of the courts, governmental authorities or where it is necessary or prudent for compliance with applicable legislation, for criminal investigations or security purposes, for establishing, exercising or defending legal rights
Individual’s rights and how to exercise them
Individuals have certain rights over their personal data and data controllers are responsible for fulfilling these rights. Where we decide how and why personal data is processed, we are a data controller and include further information about the rights that individuals have and how to exercise them below.
Access to personal data
You have a right of access to personal data held by us as a data controller. This right may be exercised by emailing us at email@example.com. We may charge for a request for access in accordance with applicable law. We will aim to respond to any requests for information promptly and in any event within the legally required time limits (currently 30 days).
Amendment of personal data
When we keep personal data submitted to us, we do not assume responsibility for verifying the ongoing accuracy of the content of personal information. When practically possible, if Evidentrust is informed that any personal data processed by us is no longer accurate, we will make any appropriate corrections based on your updated information. If you would like to update any personal data you have submitted through this site, please do so via the original registration page or please email us at firstname.lastname@example.org.
Unsubscribe/Withdrawal of consent
Where we process personal data based on consent, individuals have a right to withdraw consent at any time. We do not generally process personal data based on consent (as we can usually rely on another legal basis). Should visitors subsequently choose to unsubscribe from mailing lists or any registrations, we will provide instructions, on the appropriate webpage or in communications to our visitors, or a visitor may contact by email to email@example.com.
You have the right to request the erasure of your personal data under the following circumstances and we shall endeavor to accommodate such request whenever feasible:
- Where your personal data is no longer necessary in relation to the specific purpose for which it was originally collected;
- Where your consent is withdrawn (if such consent was used as a legal basis);
- Where you object to the processing and there is no overriding legitimate interest for continuing the processing;
- Where such erasure is necessary for compliance with a legal obligation.
You have the right to restrict processing. In the event that you choose to exercise this right, and provided that such request may not be overridden on legitimate grounds, we shall retain your data but restrict processing.
You have a right to data portability allowing you to obtain and reuse your personal data for your own purposes across different services.
Based on your right to object you have the right to object to processing based on legitimate interests or the performance of a task in the public interest and direct marketing.
If you wish to exercise any of the rights, please send an email to firstname.lastname@example.org.
The personal data you submit to us will only be retained for as long as is required for the purposes for which it was collected and as required by applicable law, our internal policies, our contractual relationship with you (if applicable) and the legitimate interests of the parties as more specifically stated in the specific processing activities.
We understand the importance of protecting children’s privacy, especially in an online environment. The websites covered by this Privacy statement are not intentionally designed for or directed at children, and all users should be above the age of majority in their local country. We adhere to laws regarding marketing to children. We will not knowingly collect or maintain personal information about individuals under the age of 14, except as part of an engagement to provide professional services and only following the express consent of their legal guardian or parent.
If you have any questions or complaints about this Privacy Statement or the way we process your personal data, or would like to exercise one of your rights set out above please send an email with the details of your complaint to email@example.com.
You also have a right to lodge a complaint with the Data Protection Commissioner (the Cyprus data protection regulator). For further information on your rights and how to complain to the Data Protection Commissioner please visit this page.