Skip to main content
Maria Zachariou Demetriou LLC Boutique Law Firm

Legal

Privacy Policy

Privacy Policy

Maria Zachariou Demetriou LLC is committed to protecting your privacy . This policy explains how Maria Zachariou Demetriou LLC ("the Firm") collects, uses and protects personal data and which rights you have in this respect in accordance with applicable data protection laws.

General.

By providing the Firm with your personal information and using the Firm's services, you are accepting and consenting to the practices described in this policy. For the purposes of EU Regulation 2016/679 (the EU General Data Protection Regulation) hereinafter referred to in this policy as the "GDPR", the Firm is responsible for your personal data.

What kind of Personal Data the firm Keep in Relation to You

The personal data the Firm collects may include:

  • Information collected from publicly available resources, integrity databases and credit agencies where this is relevant to the services offered to you;
  • Identification and contact details, including your name, professional position, residential or business address (where provided), telephone numbers and email address, fax number;
  • Payment and financial information, including details required to process transactions, such as bank account information or other billing-related data;
  • Information arising from our professional relationship, including instructions, communications, transactions, and details relating to matters the Firm handles on your behalf;
  • Additional identification data, such as date of birth, marital status, passport or identification details, and gender, where required for compliance purposes (e.g. KYC/AML) or in the context of legal proceedings;

How the Firm Collect Data

The Firm may collect personal data about you in a number of circumstances, including:

  • Direct interactions, such as when you contact the Firm through the contact form available on its website, communicate with the Firm via email, or contact the Firm by telephone;
  • Client onboarding processes, including the provision of information and documentation required for the establishment and maintenance of a professional relationship, as well as for compliance with applicable legal and regulatory obligations (including KYC and AML requirements);
  • Ongoing communications, including correspondence, instructions and other information provided by you in the context of the legal services the Firm provides;
  • Automated technologies, including the use of cookies and similar tracking technologies when you access and use the website.
  • In some circumstances, the Firm collects personal data about you from a third party source. For example, it may collect personal data from your organisation, other organisations with whom you have dealings, government agencies, an information or service provider or from a publicly available record.

How the firm USEs your DATA

The Firm processes personal data only where necessary and for legitimate purposes, including:

  • Provision of legal services, including the assessment, handling and management of legal matters and the delivery of legal advice;
  • Communication with clients and prospective clients, including responding to enquiries, providing updates and maintaining ongoing professional contact;
  • Compliance with legal and regulatory obligations, including obligations arising under applicable laws and regulations, such as anti-money laundering (AML) and know-your-client (KYC) requirements;
  • Administration of its business operations, including record-keeping, billing, and internal management purposes;
  • Protection of legal rights and interests, including the establishment, exercise or defence of legal claims; and
  • Operation and improvement of its website, including ensuring its functionality, security and performance.

Legal Basis for Processing

The Firm process personal data in accordance with applicable data protection laws and only where a valid legal basis exists. Depending on the circumstances, processing may be based on one or more of the following grounds:

  • Performance of a contract, where processing is necessary for the provision of legal services or to take steps at your request prior to entering into such a contract;
  • Compliance with legal obligations, including obligations arising under applicable laws, regulations and professional requirements, such as anti-money laundering (AML) and know-your-client (KYC) obligations;
  • Legitimate interests, where processing is necessary for the purposes of our legitimate interests, including the proper operation and security of our website and the effective management of our practice, provided that such interests are not overridden by your fundamental rights and freedoms;
  • Consent, where you have provided your explicit consent for specific processing activities, such as the use of cookies or the submission of information through our website, which you may withdraw at any time.

How the Firm treats the Personal Data of third parties provided by you

Where you disclose to the Firm personal data relating to any other individual (including, without limitation, directors, officers, employees, or business associates), you warrant that you have the legal right and authority to provide such information.

You further confirm that the relevant individual has been duly informed, or will be duly informed, that their personal data may be provided to the Firm and processed by the Firm (including without limitation its employees, associates, directors, officers) in accordance with this Privacy Policy, without the need for the Firm to take any additional steps in this regard.

Data sharing

The Firm may share your data with:

  • Courts, governmental authorities and regulators
  • The Cyprus Registrar of Companies and Land Registry
  • Financial institutions and auditors
  • IT service providers and professional advisors
  • Other third parties where required for legal services

All disclosures are made in compliance with GDPR.

Data Retention

The Firm retain personal data only for the period necessary to achieve the purposes for which it was collected, or until consent is withdrawn where processing is based on consent and such withdrawal is applicable under the law.

In certain circumstances, the Firm may retain personal data for a longer period where this is required in order to establish, exercise or defend legal rights, or to comply with legal and regulatory obligations imposed under applicable national or European legislation. In such cases, the data will be retained until the expiry of the relevant limitation periods or until the matter has been fully resolved and settled.

When determining the appropriate retention period, the Firm takes into account a range of factors, including the nature, volume and sensitivity of the personal data, the potential risks associated with unauthorised access or disclosure, the purposes for which the data is processed, whether those purposes can reasonably be achieved through alternative means, and any applicable legal or regulatory requirements.

Data Security

In the course of providing legal services, the Firm is subject to strict duties of confidentiality. In addition to these obligations, the Firm implements appropriate technical and organisational safeguards to protect personal data against unauthorised access, loss, misuse, or disclosure.

Such measures are applied in accordance with our internal policies and procedures governing the handling, storage, access, and sharing of personal data.

Personal data may be stored and processed either in electronic systems maintained by us or in physical records, depending on the nature of the information and the purposes for which it is used.

Up-to-date Data

You are encouraged to inform the Firm promptly of any changes to your personal information to enable it to maintain accurate records. Where necessary, the Firm ( including without limitation its employees, officers, directors etc) may request confirmation or updates of personal data to ensure its continued accuracy. You may cancel any request you have made of the Firm, or if you become aware the Firm has any inaccurate personal data about you, please send an email to ……..

The Firm reserves the right to update or correct any inaccurate or incomplete personal data based on the information available to it. Failure to provide accurate and up-to-date information may affect its ability to provide our services effectively.

What kind of rights you may have?

Subject to applicable legal provisions, you are entitled to exercise certain rights in relation to your personal data. These include the right to request access to the personal data the Firm holds about you, to request the correction of any inaccurate or incomplete information, or to raise any concerns regarding the way in which the Firm processes your personal data and, where applicable, to object to or request the restriction of the processing of your personal data. If you wish to do any of the above please send an email to ………

If you believe that the Firm has processed your personal data in breach of any applicable law and failed to remedy such violation to your reasonable satisfaction, you may also lodge a complaint with a competent data protection authority.

How does the Firm update this Privacy Policy?

The Firm may revise this Privacy Policy from time to time in order to reflect changes in its data processing practices, as well as developments in applicable laws and regulations. The Firm encourages you to review this Policy periodically to remain informed of any updates. Any changes will be indicated by an updated effective date at the beginning of this Policy.

Where required by applicable data protection legislation, the Firm will inform you of any material changes either by direct communication or by publishing the updated information through appropriate publicly accessible channels.

Contact the Firm

If you would like to contact the Firm with any queries or comments, please send an email to ………..