We are committed to keep your personal data secure and respect your privacy as we base our relationship with you on mutual trust.
Our company undertakes to comply with the principles relating to the processing of personal data laid down in the GDPR. Those principles prescribe that the personal information we hold about you must be:
- Processed lawfully, fairly, and in a transparent manner.
- Collected only for valid purposes that we have clearly explained to you.
- Relevant and limited to the purposes we have informed you about.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept secure.
In various sections on our website, anonymous session cookies are used. Cookies are small text files that are stored locally in your browser cache during your visit to our website, until the end of the session (closing the browser). These cookies are used to make the website more user-friendly, and to display the website properly in your browser.
Cookies make it possible to recognize your internet browser again. The use of these cookies does not involve the storage of personal data, nor is such data combined with your personal user data.
Types of personal information
We may collect personal information from you when you contact us to seek legal advice or apply for employment or obtain information about this website. The personal information that we process includes but is not limited to the below:
- Basic information, such as your name, the company you work for, and your title or position.
- Contact information, such as your postal address, email address, and phone number.
- Financial information, such as payment-related information, bank account details, balances, statements.
- Technical information, such as information from your visits to our website or in relation to materials and communications we send to you electronically.
- Personal information provided to us by or on behalf of our clients or generated by us in the course of providing services to them, which may include special categories of data.
- Information you provide us for employment purposes.
- Any other information relating to you which you may provide to us.
Sensitive Personal Data
Where we need to Process your Sensitive Personal Data for a legitimate purpose, we do so in accordance with applicable law.
Special category data in the EU and certain other jurisdictions refers to sensitive data such as your racial or ethnic origin, religious beliefs, or health data. We may also collect data about criminal convictions. We will process this data where:
- we have your explicit consent for the particular processing.
- this is necessary to protect your vital interests or those of another person: for example, in medical emergencies.
- you have manifestly made the data public: for example, where you have published it on social media.
- this is necessary to deal with legal claims: for example, involving court proceedings.
- this is necessary for substantial public interest: for example to prevent or detect unlawful acts.
- as permitted by applicable law: outside the EU and other jurisdictions where these restrictions apply.
How we use your personal data
We use your personal data for the following purposes:
- Website monitoring: to check the website and our other technology services are being used appropriately and to optimize their functionality.
- Site security: to provide security to our offices and other premises (normally collecting your name and contact details on entry to our buildings).
- Online security: protecting our information assets and technology platforms from unauthorized access or usage and monitoring for malware and other security threats.
- Regulatory: compliance with our legal and regulatory obligations as a law firm including auditing and reporting requirements.
- Service provision: providing legal advice and services.
- Business relationship: managing and administering our relationship with you, your company, or organization including keeping records about business contacts, services, and payments so we can customize our offering for you, develop our relationship, and target our marketing and promotional campaigns.
- Communication: sending emails, newsletters, and other messages to keep you informed of legal developments, market insights, and our services.
- Events: running legal briefings, roundtables, and other events.
- Client surveys and feedback: including events feedback and client listening exercises as well as answering issues and concerns which may arise.
- Client legal compliance: client due diligence (under anti-money laundering, sanctions screening, and other crime prevention and detection laws and regulatory requirements) which may involve automated screening checks to ensure that clients and contacts are genuine and to prevent fraud or crime and we may not be able to take instructions if you do not provide the information we need to do these checks.
- Legitimate interest: to pursue legitimate business interests.
Transfer of personal data
We may transfer your data outside Cyprus to any of our law firm’s network offices if required for the purposes of your enquiry. Some of our associatesmay be located in countries outside the European Economic Area (EEA), which do not have the same data protection legislation level when compared to European Law. BLUESUN AUTOMATION LTD shall, however, ensures a data protection level equal to the one of the EEA during the processing of your data, in accordance with the applicable provisions of the GDPR
BLUESUN AUTOMATION LTD may also transfer your personal data for use or storage to other third parties, taking into account the applicable GDPR provisions, for the fulfilment of the above mentioned data processing purposes, such as, indicatively:
- Affiliate companies – service providers (Law and Accounting Firms for legal matters, accounting and audit purposes, credit institutions).
- Third parties such as authorities, financial and technical advisors travel agencies, hotels, IT support service providers, and administrative personnel in various countries.
- Legal Successors- we might disclose personal information to a buyer or a successor in the event of a merger, restructuring, dissolution or sale, or transfer of some or all of our assets.
- Transfer of data in countries out of the European Economic Area.
- By providing your personal data you acknowledge that such data transfers may occur.
Personal data about others
In some cases, you may provide personal data to us about other people (such as your customers, directors, officers, shareholders, or beneficial owners). You must ensure that you have given those individuals an appropriate notice that you are providing their information to us and have obtained their consent to that disclosure.
We will hold your information securely in line with physical, technical, and administrative security measures. However, the transmission of information via the internet is not completely secure. Although we will take reasonable measures to protect your personal information, we cannot guarantee the security of your information transmitted and any transmission is at your own risk.
How long do we retain your personal data?
We generally keep your information as needed to provide our legal services and to deal with claims. Your personal information will be retained for as long as required for the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action and BLUESUN AUTOMATION LTD business purposes.
Rights to information, objection and other rights
You have certain rights in relation to your information. The availability of these rights and the ways in which you can use them are set out below in more detail.
Some of these rights will only apply in certain circumstances. If you would like to exercise or discuss, any of these rights, please contact the relevant Data Protection Officer as listed in this Policyin writing at the relevant email address.
- Access: you are entitled to ask us if we are processing your data and, if we are, you can request access to your personal data. This enables you to receive a copy of the personal data we hold about you and certain other information about it.
- Correction: you are entitled to request that any incomplete or inaccurate personal data we hold about you is corrected.
- Erasure: you are entitled to ask us to delete or remove personal data in certain circumstances. There are also certain exceptions where we may refuse a request for erasure, for example, where personal data is required for compliance with law or in connection with claims.
- Restriction: you are entitled to ask us to suspend the processing of certain of your personal data about you, for example, if you want us to establish its accuracy or the reason for processing it.
- Transfer: you may us to help you request the transfer of certain of your personal data to another party.
- Objection: where we are processing your personal data based on a legitimate interest (or those of a third party) and you may challenge this. However, we may be entitled to continue processing your information. You also have the right to object to where we are processing your personal information for direct marketing purposes.
- Automated decisions: you may contest any automated decision made about you where this has a legal or similar significant effect and ask for it to be reconsidered.
- Consent: where we are processing personal data with consent, you can withdraw your consent.
Right to lodge a complaint with a supervisory authority
You also have the right, to lodge a complaint with a supervisory authority in particular in the Member State in the European Union where you are habitually resident where we are based or where any alleged infringement of Data Protection law has taken place.
Amendments of this Data Protection Policy
Should we proceed with any material amendments of this Policy, we will inform you accordingly via our website or by other appropriate means, if necessary.
Applicable law / Jurisdiction