Search Button

Privacy Policy


1 PURPOSE 
At A. Eracleous Electrical Installation Ltd, we value our customers and take pride in providing you our products and services in the paper converting industry.  

The Company obtains certain personally identifiable information about you, to facilitate our relationship and offer you the best possible service.  

The purpose of this Privacy Policy is to explain our practices and policies for collecting, using and sharing information and Cookies collected from or about you. We have adopted additional policies and procedures that are part of our ongoing product and service support.  

This Privacy Policy applies regardless of whether you are accessing the website via a personal computer, a mobile device or any other technology or devices, or on records we maintain as part of our ongoing business. If you have any questions, you can contact our DPO (Data protection Officer) gnosis@cy.net. 

 

2 TYPES AND USAGE OF INFORMATION WE COLLECT 

 

No

Purposes of processing your data

Personal data involved

Possible consequences of failure to provide the

personal data

Legal basis for processing your data

1

Your Customer

Registration/Contract

Personal Identifiers, Contact Details, Tax Identifiers, Social Security Identifiers, Financial Information, Connection Information, Location

Information, Medical/health information,

Financial Information

Failed registration/Contract

Contract Performance

2

Identity and Contact Details

Verification

Personal Identifiers, Criminal Activity, Financial Information, Social Security Information, Connection Information,

Localization Information

Account suspension/ closure, Unavailability to login, Withdrawal request unavailable, Refusal to

accept

Regulatory/ Legal Obligation

3

Transactions Management

Personal identifiers, Financial

Information

Account suspension/ closure, Withdrawal request freezing and/ or cancellation

Regulatory/ Legal Obligation

4

Monitoring & Assessing

Behaviour for Crime Prevention

Personal Identifiers, Contact Details,

Criminal Activity, Tax Identifiers, Social

Security Identifiers, Financial

Information

Account suspension/ closure, Unavailability to login, Withdrawal request

unavailable

Regulatory/ Legal Obligation

5

Monitoring & Assessing Credit

Behaviour for Business

Development

Personal Identifiers, Criminal Activity, Financial Information, Social Security

Information, Connection Information,

Localisation Information

N/A

Legitimate Interest (Internal

Reporting & Business

Development)

6

Monitoring & Assessing spending Behaviour for

Personalised Offers, Bonuses and User Interface

Personal Identifiers, Criminal Activity, Financial Information, Social Security Information, Connection Information,

Localisation Information

Unavailability of receiving offers and bonuses. Not customized spending experience.

Consent

7

Informative Communications, Newsletters and Campaigns

Personal Identifiers, Contact Details

Unavailability of receiving newsletters and general marketing campaigns.

Consent

8

Inquiries, Complaints &

Troubleshooting

Personal Identifiers, Contact Details,

Occupational Activity, Connection Information, Localisation Information,

Financial Information

N/A

 

Legitimate Interest (Optimal experience for our customers and troubleshooting of issues)

9

Reporting to Regulatory/ Law enforcement Authorities

Personal Identifiers, Criminal Activity, Financial Information, Social Security Information, Connection Information,

Localisation Information, Tax Identifiers

Account suspension/ closure,

Unavailability to login,

Regulatory/ Legal Obligation

10

/Professional offers

Personal Identifiers, Contact Details

Unavailability of the relevant promotion, offer, etc.

Consent

 

No

Purposes of processing your data

Personal data involved

Possible consequences of failure to provide the

personal data

Legal basis for processing your data

11

Credit worthiness and solvency checks, compare information for accuracy, and verify it with third parties

Personal Identifiers, Criminal Activity, Financial Information, Social Security Information, Connection Information,

Localization Information

Potential restrictions web site usage in cases of detection of malpractices

Legitimate Interest (Assurance of accuracy and legal nature of

information provided)

12

Quality Assurance and Customer Services Training

Through Call Recording

Personal Identifiers, Contact Details, Occupational Activity

Unavailability of Call-back/ Phone Customer Service

Legitimate Interest (Optimal experience for our customers and quality assurance of our customer service)

“Additional Provisions Applicable to Processing of Personal Information of EEA Residents.” This includes detailed information provided pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of Personal Information and on the free movement of such data, commonly referred to as the “General Data Protection Regulation” (GDPR). 


Your rights  
Exercising your rights. You may exercise any of your rights in relation to your personal data by written notice gnosis@cy.net to us in addition to the other methods specified above subject to:

  • your request not being found to be unfounded or excessive, in which case a charge may apply; 
  • the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address). 

We may withhold personal information that you request to the extent permitted by law. 
You may instruct us at any time not to process your personal information for marketing purposes. 
In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes. 

 

The rights you have under data protection law are: 

  1. The right to access; 
    Your right to access your data. You have the right to ask us to confirm whether or not we process your personal data and, to have access to the personal data, and any additional information. That additional information includes the purposes for which we process your data, the categories of personal data we hold and the recipients of that personal data. You may request a copy of your personal data. The first copy will be provided free of charge, but we may charge a reasonable fee for additional copies 
  2. The right to rectification; 
    Your right to rectification. If we hold any inaccurate personal data about you, you have the right to have these inaccuracies rectified. Where necessary for the purposes of the processing, you also have the right to have any incomplete personal data about you completed. 
  3. The right to erasure; 
    Your right to erasure. In certain circumstances you have the right to have personal data that we hold about you erased. This will be done without undue delay. These circumstances include the following: it is no longer necessary for us to hold those personal data in relation to the purposes for which they were originally collected or otherwise processed; you withdraw your consent to any processing which requires consent; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. 
    However, we will only process it for other reasons: with your consent; in relation to a legal claim; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
  4. The right to restrict processing; 
    Your right to restrict processing. In certain circumstances you have the right for the processing of your personal data to be restricted. This is the case where: you do not think that the personal data we hold about you is accurate; your data is being processed unlawfully, but you do not want your data to be erased; it is no longer necessary for us to hold your personal data for the purposes of our processing, but you still require that personal data in relation to a legal claim; and you have objected to processing, and are waiting for that objection to be verified. Where processing has been restricted for one of these reasons, we may continue to store your personal data.  
    However, we will only process it for other reasons: with your consent; in relation to a legal claim; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
  5. The right to object to processing; 
    Your right to object to processing. You can object to us processing your personal data on grounds relating to your particular situation, but only as far as our legal basis for the processing is that it is necessary for: the performance of a task carried out in the public interest, or in the exercise of any official authority vested in us; or the purposes of our legitimate interests or those of a third party. If you make an objection, we will stop processing your personal information unless we are able to: demonstrate compelling legitimate grounds for the processing, and that these legitimate grounds override your interests, rights and freedoms; or the processing is in relation to a legal claim. 
  6. The right to data portability; 
    Your right to object to direct marketing. You can object to us processing your personal data for direct marketing purposes. If you make an objection, we will stop processing your personal data for this purpose 
    Automated data processing. To the extent that the legal basis we are relying on for processing your personal data is consent, and where the processing is automated, you are entitled to receive your personal data from us in a structured, commonly used and machine-readable format. However, you may not have this right if it would adversely affect the rights and freedoms of others. 
  7. The right to complain to a supervisory authority; 
    Complaining to a supervisory authority. If you think that our processing of your personal data infringes data protection laws, you can lodge a complaint with a supervisory authority responsible for data protection. You may do this in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
  8. The right to withdraw consent; 
    Right to withdraw consent. To the extent that the legal basis we are relying on for processing your personal data is consent, you are entitled to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal. 

The personal data we hold for Staff 
Personal data that we may collect, use, store and share (when appropriate) about staff includes, but is not restricted to: 

  • Contact details 
  • Date of birth, marital status and gender 
  • Next of kin and emergency contact numbers 
  • Salary, annual leave, pension and benefits information 
  • Bank account details, payroll records, National Insurance number and tax status information 
  • Recruitment information, including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process 
  • Disclosure and Barring Information 
  • Qualifications and employment records, including work history, job titles, working hours, training records and professional memberships 
  • Outcomes of any disciplinary and/or grievance procedures 
  • Absence data 
  • Copy of driving licence 
  • Hygiene records and certificates 
  • CCTV footage 
  • Data about your use of the business’s information and communications system 
  • We may also collect, store and use information about you that falls into "special categories" of more sensitive personal data. This includes information about (where applicable): 
  • Race, ethnicity, religious beliefs, sexual orientation and political opinions
  • Trade union membership 
  • Health, including any medical conditions, and sickness records 
 

Why we use this Staff data  

The purpose of processing this data is to help us run the business, including to: 

  • Enable you to be paid 
  • Facilitate safe recruitment, as part of our safeguarding obligations towards pupils 
  • Support effective performance management 
  • Inform our recruitment and retention policies 
  • Allow better financial modelling and planning 
  • Enable ethnicity and disability monitoring 
  • Improve the management of workforce data across the sector 
  • Support the work of the Business Teachers’ Review 

 

Our lawful basis for using this Staff data 
We only collect and use personal information about you when the law allows us to. Most commonly, we use it where we need to: 

  • Fulfil a contract we have entered into with you 
  • Comply with a legal obligation 
  • Carry out a task in the public interest 

Less commonly, we may also use personal information about you where:

  • You have given us consent to use it in a certain way 
  • We need to protect your vital interests (or someone else’s interests) 
  • We have legitimate interests in processing the data – for example, where: 
    • You have applied for another position and references are required as part of safer recruitment o Your marital status has changed and we are obliged to inform government office about this 

Where you have provided us with consent to use your data, you may withdraw this consent at any time. We will make this clear when requesting your consent, and explain how you go about withdrawing consent if you wish to do so. Some of the reasons listed above for collecting and using personal information about you overlap, and there may be several grounds which justify the business’s use of your data. 

Collecting this Staff information 
While the majority of information we collect from you is mandatory, there is some information that you can choose whether or not to provide to us. 

Whenever we seek to collect information from you, we make it clear whether you must provide this information (and if so, what the possible consequences are of not complying), or whether you have a choice. 


How we store this Staff data 
We create and maintain an employment file for each staff member. The information contained in this file is kept secure and is only used for purposes directly relevant to your employment. The staff files are kept within a locked cupboard in the Director’s office. You are able to have access to your file at any time to ensure that all information about you is up to date. 

Once your employment with us has ended, we will retain this file and delete the information in it in accordance with our retention policy which currently states that we will keep it for two years for reasons such as: fulfilling a reference request.

What we store

How/Where it is stored

 

 

Personnel files

Hard copies are kept securely within the Director’s office in a locked cupboard.

You can request to see your personnel files at any time through the head or deputy

Performance management documentation

Electronically on the server and data system Hard copies are kept within the Director’s office

You can request to see your performance management at any time through the head or deputy

Attendance information

Electronically on the server and data system It is sent to backup link via a secure link

Hard copies are kept within the Director’s office

You can request to see your attendance information at any time through the Director


Staff Data sharing 
We do not share information about you with any third party without your consent unless the law and our policies allow us to do so. 

Where it is legally required or necessary (and it complies with data protection law) we may share personal information about you with: 

  • Our local authority  
    •  to meet our legal obligations to share certain information with it, such as safeguarding concerns and information about staff performance and staff dismissals 
  • The Department for Education 
    • to meet our legal obligations to share information linked to performance data. 
  • Your family or representatives 
    • to carry out our public task in the event of an emergency o Other staff members 
    • to carry out our public tasks, for example having access to your business email address so that information can be shared effectively. 
  • Suppliers and service providers  
    • to enable them to provide the service we have contracted them for, such as payroll o Central and local government  
    • to complete the legal obligation for things such as the workforce census o Auditors 
    • coming under a legal obligation, Trafford may be asked from auditors about financial information related to business. 
  • Survey and research organisations 
    • to meet our legal obligation in relation to ‘freedom of information’ requests o Trade unions and associations 
    • to carry out our public task in light of any key discussions within business linked to disciplinary/capability procedures or for events such as redundancy. 
  • Security organisations 
    • in order to keep our business secure and under the lawful basis of public task, we pass on certain staff member information so that they can be contacted if necessary (such as the Operations Manager). 
  • Health and social welfare organisations  
    • to carry out our public task in line with our attendance management policy with organisations such as occupational health 
  • Police forces, courts, tribunals 
    • to meet our legal obligations to share certain information with it, such as safeguarding concerns or to carry out our public task in relation to a tribunal. 
  • Employment and recruitment agencies 
    • to meet the public task of supplying requested references. 
  • The Directors 
    • to carry out our public task within the business and remain accountable to them for finance and personnel issues. 

 

3 DISCLOSURE OF PERSONAL INFORMATION 
We will not sell, disclose, or rent your personal information to any third party/entities in ways different from what is disclosed in this privacy notice. However, we may disclose your personal information to third parties: 

3.1 In the event that we sell or buy any business, assets or shares, we may disclose your personal data to the prospective seller or buyer of such business, assets or shares.  

3.2 If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation, in order to enforce or apply our terms and conditions, or to protect our rights, property, or safety, or those of our customers or others.

3.3 In order to cooperate with law enforcement agencies to enforce laws, as well as investigate and prosecute unlawful activities such as frauds and scams. We maintain the right to disclose any information about you to law enforcement and other government officials as we, in our sole discretion, believe necessary or appropriate, in connection with any investigation of fraud, scam or other activity that is illegal. In particular, these authorities are:

  • Tax Authorities in countries we operate
  • Governing bodies 
  • Anti-Money Laundering / Counter Terrorism Financing (AML/CTF) agencies  
  • Law enforcement bodies 

This includes exchanging information with other companies and organizations (e.g. banks, credit institutions) within or outside EU for the purposes of fraud protection and credit risk reduction. These entities may then use your personal information to investigate and act on any such breaches in accordance with their procedures.

3.4 Finally, we may disclose certain personal information to unaffiliated third-party service providers, agents or independent contractors who help us maintain our website and provide other administrative services to us (including, but not limited to, order processing and fulfillment, providing customer service, maintaining and analyzing data, sending customer communications on our behalf, and entry collection, winner selection and prize fulfillment for contests, and other promotions). We seek to ensure that these unaffiliated third parties will not use the personal information for any other purpose than to provide the administrative services for which they are responsible. We also enter into contracts with these third parties that compel them to meet the privacy standards required by law in handling your personal information, and use the information only for the purposes for which it was conveyed to them. 

Aiming to achieve the purposes described under section 2 of the current policy, the following third parties, located in the European Union, may receive your data:

  • Payment providers 
  • AML/CTF and anti-fraud services 
  • Services providers 

3.5 We will not disclose your personal information with any third parties outside of the European Union in countries where there is no adequate data protection regime. However, in the event that such a data transfer occurs, we will take all reasonable steps possible to ensure that your data is treated as securely as it is within the EU/EEA and in accordance with this Privacy Policy and the applicable legislation. Additionally, we will update the current Privacy Policy in order to reflect the cross-border data transfer and the relevant safeguards for your privacy. 

 

4 HOW LONG WE KEEP YOUR DATA 
4.1 It is our policy to only retain client information for as long as is necessary for the purpose for which it was originally obtained, in alignment with the Data Minimization and Storage Limitation principles.  For all purposes below, your data will be retained for a seven years period, after the termination of the customer relationship. Additionally, we align the retention of your information with potential differentiations arising from the exercising of your data privacy rights (please refer to section 6). However, in some cases some personal information may be retained beyond that time period due to potential legal obligations, legitimate interest purposes, etc. Such reasons would be issues related to:

  • Money laundering 
  • Taxation 
  • Players Protection  
  • Civil Law 
  • Penal Law 
  • Any other legal issues 

5 YOUR DATA PRIVACY RIGHTS

5.1 At any point while we are maintaining or processing your data, you have the following rights and can submit a relevant request via your personal account: 

  • Right of access – you have the right to access the personal data that we hold about you; 
  • Right of rectification – you have the right to correct data that we hold about you that is inaccurate or incomplete. Further analysed in section 7 of the current policy; 
  • Right to erasure – you can ask for the data we hold about you to be erased from our records and we are obliged to satisfy such request in certain circumstances; 
  • Right to restriction on processing – you have the right to request to restrict the processing of your personal information and we are obliged to satisfy such request when certain conditions apply; 
  • Right to data portability – you have the right to have the data we hold about you transferred to another organisation; 
  • Right to object – you have the right to object to particular processing activities, under certain conditions; 
     

5.2 We will assess your request and reply to you regarding the progress and outcome of the request (granting of request, partial granting of request, rejection of request), as soon as possible and in any case in no longer than one month of the request’s submission. 

In the event that A. Eracleous Electrical Installation Ltd refuses your request regarding the aforementioned Data Privacy Rights, we will provide you with a reason as to why. You have the right to lodge a complaint directly with the Regulatory authority and the DPO (via the means described in paragraph 13 of the current policy).

5.3 We reserve the right to reject requests that are unreasonably repetitive, require disproportionate technical efforts or have disproportionate technical consequences, risk the privacy of others, or would be extremely impractical. 

 

6 UPDATING YOUR PERSONAL INFORMATION 
6.1 Except for exceptional circumstances, you may review, update or delete certain personal information by, if you are a registered user of the website, logging on and using the tools provided to edit such information. However, certain data that are necessary to check eligibility, such as date of birth or age, cannot be deleted. 

6.2 You can obtain a copy of your personal information through your personal account. For your protection, you will be required to provide proof of your identity to obtain such copies. You should include adequate information to identify yourself and such other relevant information that will reasonably assist us in fulfilling your request. If you would like to close your account, you can also contact customer services. If you would like to close your account, this could be done through your personal account. We will comply with such requests unless we have a legitimate ground to not delete the data.  

 

7 SECURITY 

7.1 Protecting your data is of utmost importance for A. Eracleous Electrical Installation Ltd and in this regard, we constantly strive to provide all possible means of assuring your personal data’s safekeeping, the restriction of unauthorized access and / or potential alterations. Such means include information security measures consistent with current best practices to protect our customers’ privacy. These measures include technical, procedural, monitoring and tracking steps intended to safeguard data from misuse, unauthorized access or disclosure, loss, alteration or destruction

 

8 PROFILING

8.1 We collect your personal data including transactional behavior, Purchasing activity and practices, cookies and geolocation information, amongst others, in order to provide you with customized and tailored to your preferences views and services. The profiling activity allows us to present you with a personalized view and experience on our website.  8.2 The profiling activity also allows us to detect and report potential fraudulent behavior and violation of our Terms and Conditions potential money laundering practices and responsible spending behavior, in line with our regulatory/ legal obligations of reporting such incidents to the relevant authorities.  

To summarize the aforementioned, the profiling activity is deemed necessary for the following purposes: 

  • Marketing reasons:  You can receive customized offers, newsletters and general marketing campaigns,. 
  • Responsible spending reasons: If your spending behavior is deemed as “at risk” and you are considered to be addicted or you state that you are, your account will be closed for your own protection, according to our Terms and Conditions.  
  • Anti-Fraud reasons: If you are found to violate our Terms and Conditions (e.g. by having two (or more) active accounts at our website) your account(s) will be closed and your betting activity will be cancelled, according to our Terms and Conditions.  
  • AML/CTF reasons: If, according to your profiling, your activity is deemed suspicious in terms of Money Laundering then, your activity will be reported at the relevant Law enforcement bodies at the countries we operate, according to our Terms and Conditions. 

 

9 DIGITAL MARKETING 

9.1 Additionally, and in order to provide to you personalized offers, promotions and marketing material, we collect your personal data, including transactional behavior, spending activity and practices, cookies and geolocation information, amongst others. Usage of such services is on the sole discretion of you and the consent provided upon your registration. You can provide your consent at a later time or revoke an existing consisting consent for such services, through our dedicated consent management portal integrated in your personal account.

10 INTERNET PROTOCOL (IP) ADDRESS 
When you visit the Website, we register your device`s IP address and browser settings. Your IP address is a unique address that devices use in order to identify and communicate with each other on a computer network. Browser settings can include the type of browser you use, browser language, and time zone. We collect this information so that we can personalize your experience and trace your device in cases of misuse or unlawful actions in connection with visits to or use of the service. Furthermore, we may use the IP address to approximate your location (at city level).

11 COOKIES 

11.1 A 'cookie' is a small text file that is downloaded onto your access device when you visit a website and that enables the website to obtain certain information from your browser, such as your preferences. This website use cookies and similar technologies to manage login sessions, provide personalized web pages and to tailor advertising and other content to reflect your specific needs and interests.

11.2 You may configure your browser to block all cookies, including cookies associated with our services, or to indicate when a cookie is being set by us. However, it is important to remember that many of our services may not function properly if cookies are disabled. For example, we may not remember your language preferences. Please refer to your browser’s or mobile device’s technical documentation for instructions on how to delete and/or disable cookies.

11.3 For further information on cookies, how they are used and how they apply to the use of your personal data, please visit www.aboutcookies.org or www.allaboutcookies.org. 

12 CHANGES TO OUR PRIVACY POLICY 

12.1 We strive to constantly review and update our privacy policy in order to address potential legislative and regulatory requirements, while providing optimal protection of your privacy. Any update will be communicated to you via the current web page.

13 CONTACT US 

13.1 If at any time you believe that we have not adhered to the provisions set out within this Privacy Policy or for any other Data Privacy related matter, please contact us through email at gnosis@cy.net. Kindly be informed that our Data Protection Officer is Dr Chrysanthos Mardapittas. 

Contact our department