Privacy Policy

General Information

At Acfin Audit Ltd we’re committed to protecting and respecting your privacy.

This Policy explains why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure.

We may change this Policy from time to time. By using our services, you’re agreeing to be bound by this Policy.

This policy applies to information we collect about:

  • Visitors to our website
  • People who do business with us
  • Professional contacts and suppliers of services to us or our clients
  • Potential recruits
  • People who register to attend events we run

If you have any questions about data protection at Acfin Audit Ltd please contact us at dataprotection@acfin.com.cy

Who we are

Company Name: Acfin Audit Ltd
Company Number: HE380037
A registered company in: Cyprus
Licensed by: The Institute of Certified Public Accountants of Cyprus
With its registered address at: 7 Thiseos, 2042 Strovolos, Nicosia, Cyprus
Referred to as (Acfin, the Firm, we, us or our)

For the General Data Protection Regulation (GDPR), the term ‘data controller’ refers to the person or organisation that determines what data is required and controls how this personal data is processed. In this instance Acfin will be the ‘data controller’ for all personal information that we determine the means and purpose of processing.

Information we may collect

We may collect, process and store the following kinds of Personal Data, and we may also collect certain types of anonymous statistical data. Sometimes we may need to ask for your explicit consent to collect personal data and when this is required we will make that request clear.

This might include the following:

personal information to enable us to provide our professional services to you. This will often include your name, address, email and preferred contact details. We may also need to collect information such as your social insurance number and Tax ID as well as financial details.

professional information is collected when you apply for a role within Acfin or become one of our employees. This incudes your CV, job history, skills and experiences, qualifications, professional memberships, work place performance and other information we may need to service the terms of your employment contract such as absence records, medical or health information, sexual life or criminal records. We may also receive information about you from your employer if we are performing a role on their behalf such as bookkeeping or payroll.

information from other sources (such as worldcheck, ebos or other similar bodies/websited) which we will add to the information which we already hold about you in order to help us provide the required services or comply with our legal and regulatory obligations, in particular regarding anti-money laundering.

technical information about the type of computer you are using and about your visits to, and use of, the Website. This is anonymous data such as your computer’s IP address, geographical location, browser type, referral source, length of visit and the number and type of pages viewed. This is anonymous statistical data and it cannot identify a specific person if or when it is collected;

information that you provide to us through the Website contact form, chat windows email, telephone or otherwise. This information may include your name, email address, telephone number and postal address;

any other information that you choose to send to us and for which you gave your consent for us to use.

How we will use the information about you

We gather this information:

  • To provide the contracted services
  • To process any application for employment
  • To improve the quality of services
  • To keep you updated as to relevant events or information which you may find of interest
  • To maintain our records for administrative purposes
  • When obliged to do so by statutory authorities
  • To comply with statutory and/or regulatory obligations
  • Where necessary to verify your identity.

Where we provide services to you, our legal basis for processing is contract. Where we wish to process details of individuals and sole traders who are not current clients, we will only do so on the basis of consent.

Sharing your information with others

We never sell your personal data to any third party. We only share your data with third parties where it is required to do so by law and or to deliver the information and or services you have requested from us. This would also only be done with respect to the applicable Data Protection Legislation.
In addition to the disclosures reasonably necessary for the purposes identified elsewhere in this Privacy Notice, we may disclose information about you:

  • to carefully selected sub-processors to help us collect, store or manage your information. This will always be managed under the terms of a written data processing agreement;
  • to the extent that we are required to do so by the applicable Data Protection Legislation;
  • in connection with any legal proceedings or prospective legal proceedings;
  • in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk); and
  • to the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling.

Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Legal basis of processing

We will only process your information for as long as we have a relevant legal basis to do so. This is usually in order to provide you with the contractual services you have requested from Acfin or if you have provided us with adequate consent to process your information for other purposes.

We may use the legal basis of legitimate interests to process your information but this will always be after a careful consideration to ensure that the processing is balanced and reasonable. If we choose to process your information under the legal basis of legitimate interests, we will always inform you of our legitimate business interest and your right to object.

We may also be required to process your personal information under a legal or regulatory obligation.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at dataprotection@acfin.com.cy

Data security

We have taken reasonable technical and procedural precautions to prevent the loss, misuse or inadvertent alteration of your personal data. We will store all the personal data you provide in secure servers or systems.
However, we cannot guarantee the security of any data you choose to send to us over the internet and if you choose to send such information to us via the internet, you do so at your own risk.

We are committed to ensuring that your information is secure and we have procedures in place to try and prevent any unauthorised access or disclosures and to safeguard and keep secure the information that we collect online.

All the Personal Data collected by us and stored electronically is held on a secure server in European Economic Area only. Where required, this information is encrypted for additional security. We use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorise access to Personal Data only for those employees who require it to fulfil their job responsibilities.

Transfer of data outside of the EU

We do not transfer your personal data outside the European Economic Area unless required to do so by applicable law or regulation.

Access to your Personal Data

You have rights in relation to any Personal Data that we hold about you. If you wish to access your Personal Data you may make a formal subject access request by contacting Acfin.

The information you request must relate to you or another person that you have authority to act on their behalf. Acfin will require a confirmation of your ID prior to providing any information about the data we hold. If you are unable to provide sufficient information to prove your ID, Acfin reserves the right to refuse your request for access to Personal Data. The rights you have in relation to the Personal Data we hold regarding you are:

  • the right to rectify any inaccuracies in the information we hold;
  • the right to erasure of information in specific circumstances;
  • the right to request transfer of your information to another controller; and
  • the right to object to processing in certain circumstances.

If you have provided us with consent to process your information, you always reserve the right to withdraw this consent via the method detailed in the paragraph below. We are committed to ensuring that your wishes are respected and upon notification that you wish to withdraw your consent, Acfin will immediately cease processing the information in question.

Please send your request to Acfin by contacting us at dataprotection@acfin.com.cy. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. You have the right to issue a complaint directly to the Information Commissioner’s Office, the Republic of Cyprus supervisory authority for data protection issues http://www.dataprotection.gov.cy/dataprotection/dataprotection.nsf/contact_el/contact_el?opendocument).

Cookies

Cookies may be used on some pages of our site. “Cookies” are small text files placed on your hard drive that assist us in providing a more customised website experience. For example, a cookie can be used to store registration information in an area of the site so that a user does not need to re-enter it on subsequent visits to that area. It is Acfin’s policy to use cookies to make navigation of our website easier for visitors and to facilitate efficient registration procedures.

In order to enhance user experience, our site uses some widgets such as Google Maps, Twitter, and YouTube. Visitors should be aware that some of these widgets may also place cookies on their systems. However, the cookie information from each of these sites is usually anonymous, unless the visitor is logged in to those third-party systems while using our website.

If you are concerned about cookies, most browsers permit individuals to decline cookies. In most cases, a visitor may refuse a cookie and still fully navigate our website, however some functionality in the site may be impaired. After termination of the visit to our site, you can always delete the cookie from your system if you wish.

Log files

In order to properly manage our website we may anonymously log information on our operational systems, and identify categories of visitors by items such as domains and browser types. These statistics are reported in the aggregate to our webmasters. This is to ensure that our website presents the best web experience for visitors and is an effective information resource. Site statistics may also be compiled by third parties, and therefore your IP address may be passed to third parties for statistical reporting only.

Third party links

There are several places throughout our website that may link to other websites that do not operate under our website’s privacy practices. When you follow links to other websites, Acfin’s privacy practices no longer apply. We encourage visitors to review each site’s privacy policy before disclosing any personally identifiable information.