2. Who we are
APC Audit Tax Advisory Ltd, is an Audit Company which operates under the license granted by the Institute of Certified Public Accountants of Cyprus (“ICPAC”) with license number E275/A/2013, having its registered address at 11 Florinis street, 6th floor, Office 601, 1065, Nicosia, Cyprus. APC Audit Tax Advisory Ltd is committed to safeguard the security and integrity of personal data, which is related to the individual visitors of our website as well as to our prospective and/or existing clients.
3. What Personal Data we collect
We may receive and process different personal data, depending on the intended purpose.
We collect personal data of prospective and/or existing clients by physical or electronic correspondence. This data relates to information, which APC Audit Tax Advisory Ltd has to collect and assess in line with the requirements of the Republic of Cyprus on customer due diligence. These may include name, surname, residential address, date of birth, identification details (passport or ID), full address, mobile number, email address, signature, employment status, source of funds, source of wealth, criminal record, academic information, bank details, professional qualifications, photo identification, social media information, whether you are subject to any sanctions etc.;
From our employees, we collect all the data required by the labour law, as well as those required for the effective operation of the company, for which they are completely informed through the employment agreement Employee Privacy Notice. For the record keeping time, they are informed in the same ways;
APC Audit Tax Advisory Ltd may process personal data where obliged to do so under specific laws and regulations, such as employment law, tax law etc.
4. Time of Collection of Personal Data
Personal data may be collected by APC Audit Tax Advisory Ltd when you contact our Company in relation to any services that it may provide. In addition, we may also obtain your personal data in case you express any interest in and/or become an employee of our Company.
5. How do we ensure the Security of Personal Data?
Our Company has implemented technical, administrative and physical security measures to help protect your personal data from unauthorised access and improper use. The following security measures are used to protect personal data against unauthorised use or any other form of unauthorised processing:
Physical security of access to our offices;
Access to personal data is limited to a specific number of authorised employees, based on secure passwords;
We select reliable partners who are also committed to the same obligations regarding the protection of personal data;
Our staff are committed to our confidentiality rules.
6. Legal Basis for Processing of Personal Data
We use your personal data when the law allows us to. The legal basis for processing personal data varies depending on the purpose of processing. Personal data may be processed on one or more of the following legal grounds:
you have expressly provided your consent for a specific processing;
the processing is necessary to enter into, or for the performance of a contract;
processing is necessary to comply with legal obligations;
processing is necessary to protect the vital interests of you or of another natural person;
to comply with court orders and exercises and/or defend our legal rights;
7. Use of your Personal Data
The Company will only use your personal data in accordance with the relevant Law. APC Audit Tax Advisory Ltd will process your personal data to:
Register you as a new client;
Provide its services or to enter into discussions for the provisions of its services;
Manage payments, fees and charges;
Collect and recover money owed to us;
Comply with its legal obligations including accounting and tax;
Defend or uphold its legal rights;
Matters regarding employment, payroll and other similar purposes;
8. Disclosure of Personal Data to Third Parties
APC Audit Tax Advisory Ltd does not disclose any personal data to third parties without the explicit consent of the physical or legal person (including that legal person’s representatives and / or Beneficial Owner/s), to whom the personal data is related. Notwithstanding the above, the provision of our services will require the disclosure of personal data related to our prospective and / or existing clients on a confidential base to public bodies (such as for FATCA, CRS, DAC6 purposes and for complying with the regulations concerning the register of beneficial owners and trust register), relevant authorities, financial institutions and external auditors as well as external legal advisors. Therefore, your rights to your personal data as described below are not diminished by this.
9. Your Rights
Right of access: you have the right to request from us, to provide you with a copy of the personal data that we hold about you;
Right of rectification: you have the right to request from us to correct the personal data that we hold about you that is inaccurate or incomplete;
Right to erasure (‘right to be forgotten’): You have the right to request from us in certain circumstances to erase your personal data concerning you without undue delay. In case these circumstances apply to your case, we have an obligation to erase personal data without undue delay;
Right to restriction of processing: You shall have the right to obtain from us restriction of processing where one of the following applies:
the accuracy of your personal data is contested by you, for a period enabling us to verify the accuracy of the personal data;
the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
we no longer need the personal data for the purposes of the processing, but we are required by you for the establishment, exercise or defence of legal claims;
you have objected to processing pursuant to Article 21(1) of GDPR pending the verification of whether our legitimate grounds of us override those of you.
Right of portability: You have the right to receive the personal data concerning you, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller when the processing is based on consent pursuant to point (a) of Article 6(1) of GDPR or on a contract pursuant to point (b) of Article 6(1) of GDPR and when the processing is carried out by automated means;
Right to object: You have the right to object, on grounds relating to your particular situation at any time to processing personal data concerning you which is based on point (f) of Article 6(1) of GDPR.
Right to object to automated processing and profiling: You have the right to be free from decisions based solely on automated processing of your Personal Data, including profiling, unless such profiling is necessary for entering into or the performance of a contract or you have provided explicit consent;
Right to withdraw consent: You have the right to withdraw your previously given explicit consent regarding the collection, use and processing of your personal data at any time.
It is noted that the data subject’s right of access to personal data, may be lifted in whole or in part in the following cases:
i.for the purposes of proper fulfilment of the duties of the Company and supervisory authorities, as these are derived from the provisions of the Prevention and Suppression of Money Laundering and Terrorist Financing Law, L.188(I)/2007 as further amended;
ii.to avoid obstruction of official or legal inquiries, analyses, investigations or procedures for the purposes of the Law L.188(I)/2007 and to ensure that prevention, investigation, and detection of money laundering and terrorist financing is not jeopardised.
10. Data Storage
APC Audit Tax Advisory Ltd stores personal data for no longer than is reasonably necessary for its processing purposes. Where our Company stores personal data based on your consent, they will be deleted when you withdraw your consent and provided that the Company is not obliged under law to maintain such data. All existing clients’ documents/personal data are kept as per AML requirements for a period of 5 years, which is calculated after the termination of the business relationship. According to FATCA and CRS requirements, the relevant data are kept for a period of 6 years.
The Company may keep Personal Data for longer, if it cannot delete the data for legal or regulatory reasons. Specifically, the Company may retain personal data for five (5) additional years, where further retention of documents and information is justified for the purpose of prevention, detection or investigation of money laundering and terrorist financing.
11. Transfers of personal data to third countries
Our Company might need on certain occasions for the purposes of carrying out its services to transfer your personal data outside the EU/EEA. In such a case, we will ensure that the transfers will comply with the GDPR Regulation based on a Commission Adequacy decision or we will use specific contracts approved by the European Commission, which give personal data the same protection it has in Europe.
12. You can make a Request
If you want to exercise one of your rights, you can submit a request. The Company has three (3) communication channels. You can submit your request by filling out the relevant form at the Company's premises, via email or by phone.
We try to respond to all legitimate requests within one month. However, it may take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
13. Which cookies do we use and which information do cookies collect?
Our website uses strictly necessary cookies. These cookies are essential for the proper website function. Without using these cookies, we cannot offer effective website functionality. They allow you to browse and use the website’s functions, ensuring effective use of our website. These cookies cannot identify you.
14. Updating of the Policy
15. Contact Details of the Personal Data Protection Authority
You have the right to make a complaint at any time to Cyprus Data Protection Commissioner.
Name: Personal Data Protection Authority of Cyprus
Address: 1 Iasonos, 1082 Nicosia
16. Contact Details of APC Audit Tax Advisory Ltd
For any matter relating to the processing of your personal data and the exercise of the above-mentioned rights, you may contact our Company.
Address: 11 Florinis street, 6th floor, Office 601, 1065, Nicosia, Cyprus