Konstantinidou LLC

Privacy Policy

We, C.KONSTANTINIDOU LLC, a limited liability company incorporated under the laws of the Republic of Cyprus with registration number ΗΕ 481817, registered office address at Sotiri Michailidi & 28 Oktovriou, LOPHITIS INTERNATIONAL CENTRE, 7th Floor 3035 Limassol, Cyprus, and regulated by the Cyprus Bar Association, (“we” “us” or “our”) value your privacy and share your concerns about the way in which your personal data is handled.

This Privacy Policy applies to (a) persons that engage our services, (b) existing employees, (c) prospective employees, (d) persons whose personal data we may process by reason of providing our services to third parties (including, without limitation, such as clients of ours, other law firms and banks). References in this Privacy Policy to “you”, “your” or “yours” should be construed as references to the following persons.

To the extent applicable, this Privacy Policy should be considered and read in conjunction with our Terms of Use, our terms of legal services, and any other agreement which you may have in place with us.

Collection and Processing of Personal Data

By “Personal Data”, we refer to any personal information (a) you may provide to us directly (b) that we may collect in the course of our business or employer-employee (current or prospective) relationship, and (c) that we may collect from you through your use of our website at konstantinidoullc.com (the “Website”) or when you subscribe with us to receive newsletters and updates published on the Website. Depending on the circumstances, this can include things such as:

  • your name, your place of work and your title or position;
  • contact information, such as your postal address, email address and phone number;
  • financial information, such as payment-related information;
  • your specimen signature;
  • technical information, such as information relating to your visits to the Website;
  • identification and background information provided by you or collected by us as part of our business acceptance processes and practices, including, without limitation, any data revealing your ethnic or religious background (such as a copy of your passport or identity card) or data relating to criminal convictions or health or other data of a sensitive nature;
  • your CV, previous employment experience and academic qualifications; and/or
  • any other information relating to you and your request which you may provide to us or that we may collect.

Even though our client base primarily consists of juridical persons and not natural persons, in certain circumstances we may, where we have a business relationship with a client that is a juridical person (e.g. a company established in Cyprus or abroad), process the personal data of persons that relate to our client (e.g. they may be a shareholder, officer, employee, agent, associate, representative, ultimate beneficial owner, advisor, supplier and/or customer of our client) or have a dispute with our client. It may also be the case that we process personal data of other persons instructed by you or other by persons or companies involved with us in providing the requested services, including, without limitation, accountants, banks, auditors, other law firms (in Cyprus or abroad) or other advisors.

Purposes for which Personal Data is collected

We collect and process your personal data for the following purposes:

  • to be able to assess your request, whether for provision of legal services or otherwise, and/or fulfil such request;
  • in order to improve the services we provide (e.g. to improve our delivery of legal services, the content and functionality of the Website and/or otherwise); and/or for business administration purposes; and/or to protect and/or enforce our interests and rights; and/or in order to perform our obligations under a transaction to which we are a party to such as sale of business, merger or restructuring;
  • to comply with a legal obligation to which we are subject to (e.g. comply with local anti-money laundering laws and regulations);
  • to perform our obligations towards our employees in our capacity as employer; and/or
  • to assess and evaluate the performance of our employees, provide equal opportunities, and award them.
Legal basis for collecting and processing personal data

We collect and process personal data on the following legal bases:

  • in order to perform our obligations in accordance with any contract that we may have with you or in order to take steps to enter into a contract with you; and/or
  • that it is in our legitimate interest or in a third party’s legitimate interest to process your personal data in such a way to ensure that we provide our services in the best way that we can; and/or
  • it is our legal obligation to process your personal information to comply with any legal obligations imposed upon us; and/or
  • where we have your consent to do so; and/or
  • in reliance on any other applicable legal basis provided under applicable laws and regulations.

It may be a case that more than one legal basis may apply to your circumstances.

Personal Data storage

Once your personal data is collected, it is stored in a secure and updated system of data storage and management. This system allows the supply, on request, of details of the data held and maintains a record of how it has been used. The data is processed in a manner that ensures appropriate security of personal data, including, without limitation, protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures. In addition, we have implemented and maintain suitable physical and managerial procedures to safeguard the security and confidentiality of your personal data.

From time to time, we review our security procedures in order to consider appropriate new methods available and ensure that we continuously use accepted industry standards to protect your personal data provided to us.

Where personal data is included and/or provided to us in paper form, the relevant documents are securely stored in a designated space within our premises where no unauthorised access is permitted.

We maintain a strict policy with regard to confidentiality and security and we require all our staff, advisors and data processors to do the same.

Personal Data retention

We can only keep the data we collect from you for so long as it is necessary for one of the purposes listed above. Accordingly, your Personal Data will be retained in accordance with the appropriate retention period for each category of data and in strict compliance with applicable law. Those periods are based on the requirements of applicable data protection laws and the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and our business purposes. In particular, where we collect your data to:

  • perform our contractual obligations towards you as a service provider, the retention period shall, subject to any further lawful processing (including, without limitation, requirement to retain personal information for compliance with a legal requirement to which we are subject to), be at least six years from the date of our last interaction with you;
  • perform our contractual obligations towards you as an employer, subject to any further lawful processing (including, without limitation, requirement to retain personal information for compliance with a legal requirement to which we are subject to), personal information of employees will be retained for a period equal to the relevant limitation period of actionable claims prescribed under applicable law;
  • evaluate your application to work with us, your personal data shall, subject to any further lawful processing (including, without limitation, your consent to us to retain such information, and/or requirement to retain personal information for compliance with a legal requirement to which we are subject to), be securely deleted or destroyed following an unsuccessful application for employment; and
  • satisfy a request relating to the Website that you have filed with us (i.e. where you subscribed with us to receive newsletters and updates published on the Website), your personal data shall, subject to any further lawful processing (including, without limitation, your consent to us to retain such information, and/or where we have a legitimate interest to do so), be retained until you withdraw the consent you have provided us with.
Personal Data disclosure

We shall not disclose or communicate or share your personal data to any third party unless with your prior consent. We reserve the right to disclose, communicate and share your personal data in the following instances:

Service providers: we may share your personal data with service providers we have engaged to perform services on our behalf, including, without limitation, recruiting, credit card verification, storage fulfilment, disaster recovery and web-hosting service providers. We always request that our service providers protect your privacy in every possible manner and we prohibit them from using your personal data for their own marketing purposes or otherwise

Indicatively and non-exhaustively, a list of third parties with whom we may share your personal data is set out below:

  • banks and other financial services providers;
  • public and governmental authorities, including, without limitation, regulatory authorities, tax authorities, and corporate registries; and/or
  • IT support services providers;
  • accountants;
  • auditors;
  • experts or other specialist consultants required for the purposes of us delivering our services to you (e.g. expert witnesses in relation to a legal case you are a party to);
  • other data controllers engaged or otherwise connected with the provision by us to you of our services; and
  • third party postal or courier providers who assist us in delivering our documents related to a matter that concerns you.

For the purpose for which the data has been provided: we may share your personal data to fulfil the purpose for which you provide it;

To comply with applicable legal requirements: we may share personal data in order to comply with applicable laws or if we are compelled to do so by a governmental agency, regulation, a court or other legal process. We may also disclose personal data if we believe disclosure is necessary to prevent or investigate a possible crime, such as fraud or identity theft or to protect our own rights or property, or to resolve any problems or inquiries or property, or to protect the rights, property or safety of others;

Violation of our Terms of Use: in case we have an indication or believe that your use of the Website has or may potentially violate any law and/or regulation, or our Terms of Use;

Merge or other change: we reserve the right to transfer your personal data in the event of a merger, joint venture, acquisition, change of control, or other business combination. In such case, steps will be taken to ensure that your personal data will continue to be protected by this Privacy Policy;

To other lawyers: we may share your personal data with other lawyers or affiliates with whom we have a cooperation on a specific project, case or matter; and

With your consent: we may share personal data for a purpose to which you provide your prior express consent. Save as described above, we refrain from disclosing any information about your visits to the Website or other information which identifies you to any third parties unless we have your prior express consent.

Further and without prejudice to the above, when providing our contractual obligations towards you, we may appoint sub-contractor data processors. We may appoint external data controllers where necessary to deliver our services, including, without limitation, auditors, accountants or other third-party experts.

At all times, we shall disclose your personal data in accordance with what is stated herein before, and applicable laws and regulations.

Transfer of Personal Data

In order to provide our services, we may need to transfer your personal data to locations outside Cyprus. Although there is a risk that personal data can be transferred to countries outside the EU and the EEA where no adequate level of protection is guaranteed, we undertake to take steps so as to ensure that your personal data is adequately protected in accordance with this Privacy Policy.

Where our third-party service providers process personal data outside the EEA in the course of providing services to us, our written agreement with them will include appropriate measures, usually standard contractual clauses.

Your rights regarding your Personal Data

Access: You have the right to request details of the Personal Data we hold about you and information on how we process it.

Rectification: You have the right to request the prompt correction of inaccurate Personal Data we hold. Where feasible, we will inform any third parties with whom we have shared your data of the correction. Upon request, and where lawful, we will also inform you of those third parties.

Erasure: You may request the erasure of your Personal Data, and we are required to comply without undue delay, except where processing is necessary for compliance with legal obligations or for the establishment, exercise, or defence of legal claims.

Data Portability: You have the right to receive your Personal Data in a structured, commonly used, machine-readable format and, where technically feasible, to have it transmitted to another controller when processing is based on consent or contract and carried out by automated means.

Restriction of Processing: You may request that we restrict the processing of your Personal Data in certain circumstances, such as when you contest its accuracy or object to its processing. Where feasible, we will notify third parties with whom your data has been shared of the restriction, and, upon request and where lawful, inform you of those parties.

Objection: You may object to processing based on our legitimate interests if you believe your fundamental rights and freedoms outweigh those interests. We may continue processing only if we can demonstrate compelling legitimate grounds that override your rights and freedoms.

Withdrawal of Consent: Where processing relies on your consent, you may withdraw that consent at any time. We will inform you of any potential consequences at the time of withdrawal.

Right to Complain: You may lodge a complaint with the local supervisory authority, the Office of the Data Protection Commissioner, if you are dissatisfied with our processing of your Personal Data.

Please note that some of the above rights may be limited in certain circumstances, including where we have overriding legal obligations, legitimate interests, or where data is protected by legal professional privilege or professional secrecy.

Personal Data leaks

We make every effort to safeguard your personal data and privacy. Notwithstanding any measures we take to protect your persona data, we cannot guarantee that: (i) such security measures will prevent our computers from being accessed illegally, and (ii) the personal data on them being stolen, misused or altered.

You remain solely responsible for the security of your computer at all times and we may not have any responsibility whatsoever for destruction or inappropriate disclosure of your personal data.

We have set up an internal data breach procedure to be followed in the event that any personal data is destroyed, lost, altered or if there is unauthorised disclosure of (or access to) personal data as a result of a breach of security. Data breaches or leaks which may pose a risk to individuals will be notified to the Office of the Data Protection Commissioner within seventy-two (72) hours. A breach which is likely to result in a high risk to the rights and freedoms of individuals will also trigger an obligation to notify the holders of the personal data directly.

Links to other websites

This Website may include links to other internet sites. Such sites are beyond the control of C. KONSTANTINIDOU LLC and we assume no responsibility for the content and privacy practices of any such sites. C. KONSTANTINIDOU LLC makes no representations regarding any such sites, and does not endorse, guarantee or approve in any way the information, practices, policies, material or services on those websites. You acknowledge and agree that your use of such sites, and use of any information, material, products and services offered and/or provided by such sites, is solely and exclusively at your own risk.

Further information

Get in touch with us if you have any question or require any clarification or would like to exercise any one of your rights by emailing us at [email protected]. We reserve the right to ask you for proof of your identity for security purposes.

Amendments to this Privacy Policy

From time to time we may amend this Privacy Policy. We therefore urge you to frequently visit this page in order to stay up to date with how we process your personal data. Where possible, we will notify you of any significant changes via an e-mail or will otherwise bring such changes to your attention. Your continued use of the Website following the introduction and publication of any such amendments will signify your acceptance to any such changes or modifications.

 

Last update: November 2025