TORWELL GROUP – PRIVACY NOTICE

This Data Protection Notice provides an overview of how and why personal data of physical persons are collected and processed by TORWELL LTD, Registration No. 355522 (referred to as ‘we’, ‘us’, ‘our’, ‘Torwell’, ‘Company’) and informs you about your rights under the relevant legal framework. 

In TORWELL we are committed to safeguarding the privacy and non-public personal data of our clients, collaborators, employees and associates, in accordance with the General Regulation on the Protection of Personal Data of the European Union (Regulation 2016/679, GDPR) (hereafter referred to as the “Regulation”) and the national law providing for the protection of natural persons with regard to the processing of personal data and for the free movement of such data (Law 125(I)/2018).

Please read our privacy practices carefully to understand our policies regarding your data and how we treat them, and do not hesitate to contact us for any questions at the following contact details:

Email: [email protected] 
Tel: +357 26911294 

  1. DEFINITIONS

Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; 

Data Subject means the individual who is the subject of the relevant Personal Data. 

Personal Data means any data which identify or may identify a natural person (‘data subject’) and which may include, for example, your name, address, identification number, telephone number, date of birth, occupation, data concerning your health or family status.

Processing means the handling of your Personal Data by us in any way, including collecting, protecting, transmitting and storing your personal data.

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Website means https://torwellgroup.com/  

 

  1. THE ROLE OF THE COMPANY

According to the Regulation, the Company is the Data Controller for all Personal Data it collects, maintains and processes.

As a Processor, the Company shall process Personal Data as per the means and purposes defined by the Data Controller.

  1. HOW WE COLLECT PERSONAL DATA

We obtain your personal data mainly through any information we receive:

Our Website may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Users may opt-out of receiving mailings by clicking on the unsubscribe button at the bottom of this page.

 

  1.  WHAT DATA WE COLLECT

The personal data that we may collect or obtain may vary depending on the service that we may provide to you or the activity that you may participate in and may include data by which subjects may be identified or be considered as sensitive data.  

Personal Data that we collect, process and share, about you and, under certain circumstances, your spouse, civil partner, partner or dependents, may include, non-exhaustively, the following:

  1. For Clients:
  1. For employees or collaborators:

 

  1. For candidates for recruitment

 

  1. For Website visitors
  1. WHY DO WE PROCESS YOUR PERSONAL DATA

We will process your personal data in accordance with the Regulation and the national legal framework for the following purposes: 

We also use information in aggregate form (so that no individual user is identified):

None of our processes is based on automated decision-making, nor profiling.

  1. WHERE DO WE DISCLOSE YOUR PERSONAL DATA

For the purposes of processing your Personal Data as described in this Policy, we may need to share your information with other parties outside the Company, as below stipulated, always subject to ensuring that such parties maintain appropriate measures to protect your Personal Data. 

 

  1. HOW WE STORE YOUR PERSONAL DATA

The Personal Data that we collect will be stored and processed in Cyprus and/or within the European Union.

  1. FOR HOW LONG DO WE RETAIN YOUR PERSONAL DATA

The retention period for which we keep your Personal Data varies and is determined based on the type of record, nature of the services provided, nature of our legal obligations and claims. 

We shall store your non-public Personal Data for a retention period which does not exceed 10 years from the date of termination/ completion of the purposes for which it was collected.

CCTV records are kept for six (6) months after they have been recorded.

For prospective employees’ we shall keep personal data for six (6) months from the date of notification of the rejection of your application or from the date of withdrawal of such application

To the extent we have collected your Personal Data for purposes of provision of services, customer management, and customization of content as described above, we keep your Personal Data for as long as you are associated with us, as needed to provide you with our respective services and in compliance with relevant laws of Cyprus.

Notwithstanding the above, the above retention period may be extended in certain cases to enable us to use the data for defending potential legal claims, taking into account the applicable limitation periods under relevant laws, as well as, if applicable, to comply with Anti-Money Laundering/KYC laws and regulations, Anti-Bribery/Corruption Laws and regulations, accounting and tax laws, applicable to certain jurisdictions which we operate in.

Any personal data collected under the lawful basis of the consent, such as contact details for communication purposes will be deleted when you withdraw your consent by sending a relevant enquiry at [email protected] 

 

  1. HOW WE PROTECT YOUR PERSONAL DATA

Your Personal Data may be kept by the Company in different formats such as:

The security of your Personal Data is important to us, but remember that no method of transmission especially over the Internet, or method of storage is 100% secure. While we strive to use commercially acceptable means and take appropriate security technical and organizational measures (including physical, electronic and procedural measures) to safeguard your Personal Data from unauthorized access, unlawful use, intervention, modification or disclosure under the requirements of the Regulation, we cannot guarantee absolute security.

For example:

 

  1. YOUR RIGHTS 

As a Data Subject you have certain rights under the GDPR in regard to your Personal Data (these rights are not absolute and, in some cases, they are subjected to conditions as defined by Law), as follows:

You have at all times the right to obtain confirmation from the Company as to whether or not any Personal Data concerning you are being processed, and, where that is the case, access to the personal data. To obtain such information please contact us at [email protected] 

Upon request, we can send you one electronic copy of the Personal Data we hold, concerning you, via email, without any charge. The Company retains the right to charge a reasonable fee in the event of repetitive or excessive requests.

You have the right to obtain rectification of inaccurate Personal Data about you as well as to have incomplete personal data completed, including by means of providing a supplementary statement.

You have the right to request erasure of your Personal Data where:

You have the right to restrict our use of the your Personal Data, where the following reasons apply, unless there are compelling legitimate reasons for processing that override your interests, rights and freedoms:

You have the right to object at any time, to the processing of your Personal Data, on grounds related to your particular situation unless there are compelling legitimate reasons for processing that override your interests, rights and freedoms. In order to submit an objection, please contact us via email at [email protected] 

You have the right to request the transfer of your Personal Data, that you have provided to the Company. These data will be given to you in a format that is structured, widely used and machine readable and, in certain cases you may also have the right to request for us to send the Data to another organization, provided that such a transfer is technically feasible.

If you have any questions in regard to the kind of personal data we hold for you, or if you want to exercise any of your personal data rights, please send a written request to [email protected] or to the postal address provided at the bottom of this Privacy Policy. However, we reserve the right to reject any requests for access or for imposing restrictions or other claims if required or permitted by the law.

 

  1. MISCELLANEOUS

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

Although we may attempt to notify you when major changes are made to this privacy policy, you are expected to periodically review the most up-to-date version found at our Website  https://torwellgroup.com/ so you are aware of any changes, as they are binding on you.

We do not guarantee error-free performance under this Privacy Policy. We will use all reasonable efforts to comply with this Privacy Policy and shall take immediate rectification actions when we face a breach of this Privacy Policy. We shall not be liable for any incidental, consequential or punitive damages relating to a breach of this Privacy Policy. 

Our Website does not address anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

If you have any questions about this Privacy Policy, please contact us by visiting this page on our website.

 

If you feel that your concerns in regard to the use of your personal data or any of your data protection rights have not been addressed by us, you have the right to contact us at [email protected] 

and submit a complaint. 

You also have the right to submit a complaint with the Personal Data Protection Commissioner’s Office at http://www.dataprotection.gov.cy.