Jinius Privacy Statement
Jinius Ltd (referred to as ‘we’, ‘us’, ‘our’, or the ‘Jinius’) is committed to protecting your privacy and handling your data in an open and transparent manner.
This privacy statement:
- provides an overview of how Jinius collects and processes your personal data and tells you about your rights under the local data protection law and the EU General Data Protection Regulation (‘GDPR’),
- is directed to natural persons who are either current or potential customers of Jinius, or are authorised representatives/agents or beneficial owners of legal entities or of natural persons which/who are current or potential customers of Jinius,
- is directed to natural persons who now have or who had a business relationship with Jinius in the past,
- is directed to any other natural persons whose personal data has been, or may in the future, be lawfully obtained by Jinius in the normal course of its business,
- contains information about when we share your personal data with other third parties (for example, our service providers or suppliers).
In this privacy statement, your data is sometimes called “personal data” or “personal information”. We may also sometimes collectively refer to handling, collecting, protecting, and storing your personal data or any such action as “processing” such personal data.
For the purposes of this privacy statement, personal data shall mean any information relating to you which identifies or may identify you and which includes, for example, your name, address, identification number.
1. WHO WE ARE
Jinius is a company registered in Cyprus under registration number HE441093 having its registered office at 51 Stassinos Street, Strovolos, 1599 Nicosia. If you have any questions or wish to obtain more details about how we use your personal information, you can contact our Data Protection Officer at firstname.lastname@example.org.
Jinius is part of the Bank of Cyprus Group. Each entity of the Bank of Cyprus Group has its own separate privacy statement. Such entities maintain their own websites that may be linked to our website. If you are interested in learning about how such entities process your personal data, please refer to their corresponding privacy statements which may be found on their websites.
2. HOW WE COLLECT YOUR PERSONAL DATA
We obtain your Personal Data through the following channels:
- From information you provide to us, examples include:
- When you visit our website or social media pages or submit written inquiries to our website or social media pages,
- When you participate in any marketing activity provided by Jinius,
- When you submit any query or complaint to us through email, telephone, or social media,
- From information lawfully obtained by third parties, examples include:
- Your legal representatives,
- Other entities within the Bank of Cyprus Group,
- Public authorities,
- From publicly available sources, examples include:
- The department of Registrar of Companies and Official Receiver,
- The press and media,
- Internet search engines,
- The Bankruptcy Archive.
3. WHAT PERSONAL DATA WE PROCESS
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
||First name, last name, billing address, delivery address, email address, telephone
||Financial statements, tax returns, bank account.
||First name, last name, date of birth, identity card number.
|Your preferences in receiving marketing from us and our third parties and your
||Username, password, purchases/orders made by you, your interests/preferences
and feedback/survey responses.
||Internet protocol (IP) address, your login data, browser type and version, time
zone setting and location, browser plug-in types and versions, operating system
and platform and other technology on the devices you use to access Jinius website
and web application.
|Details about payments to/from you and other details of products/services you
have purchased through Jinius.
||Information about how you use Jinius website/web application, products, and
We also collect, use, and share aggregated data, such as statistical or demographic data for any purpose (e.g., analytics). Aggregated data may be derived from your personal data but is not considered personal data in law, as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy statement.
4. WHETHER YOU HAVE AN OBLIGATION TO PROVIDE US WITH YOUR PERSONAL DATA
To be in a position to proceed with a business relationship with you or another person (for example, a legal entity for which you are the authorized representative / agent or beneficial owner), you must provide your personal data to us which are necessary for the required commencement and execution of a business relationship and the performance of our contractual obligations. We are, furthermore, obligated to collect such personal data given the provisions of the applicable money laundering legislation which require that we verify your identity before we enter a contract or a business relationship with you or another person. Depending on the circumstances, you might have to provide us with your identity card/passport, your full name, place of birth (city and country), and your residential address so that we may comply with our statutory obligations as mentioned above.
Kindly note that, if you do not provide us with the required data, then we will not be allowed to commence or continue our business relationship with you or another relevant person.
5. WHY WE PROCESS YOUR PERSONAL DATA AND ON WHAT LEGAL BASIS
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter or have entered with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
- Where you have provided your consent.
Note that we may process your personal data based on more than one legal basis depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal basis, we are relying on to process your personal data.
6. WHO RECEIVES YOUR PERSONAL DATA
During the performance of our contractual and statutory obligations, your personal data may be provided to various departments within Jinius, but also to other companies of the Bank of Cyprus Group. Various service providers and suppliers may also receive your personal data so that we may perform our obligations and provide our services. Such service providers and suppliers enter into contractual agreements with Jinius by which they observe confidentiality and data protection according to the data protection law and GDPR.
It must be noted that we may disclose data about you for any of the reasons set out hereinabove, or if we are legally required to do so, or if we are authorized under our contractual and statutory obligations or if you have given your consent. All data processors appointed by us to process personal data on our behalf are bound by contract to comply with the GDPR provisions. Under the circumstances referred to above, recipients of personal data may be, for example:
- Supervisory and other regulatory and public authorities because of a statutory obligation. Some examples are the Central Bank of Cyprus, the European Central Bank, the Cyprus Securities and Exchange Commission, the income tax authorities, criminal prosecution authorities,
- Marketing companies and market research companies, including companies which assist us in performing customer satisfaction surveys,
- File storage companies, archiving and/or records management companies, cloud storage companies,
- Purchasing, procurement, website and advertising agencies,
- Call centres and/or other service providers which may assist us with large scale and urgent campaigns and/or correspondence relating either to marketing or other obligations of Jinius,
7. HOW LONG WE KEEP YOUR PERSONAL INFORMATION FOR
We will keep your personal data for as long as we have a business relationship with you as either an individual or as an appointed representative of a legal entity, or a beneficial owner.
Once our business relationship with you has ended, we may keep your personal data for the longest of the following periods: (i) any retention period set out in our retention policy which is in line with regulatory requirements relating to retention or (ii) the end of the period in which legal action or investigations might arise in respect of the products and services provided.
We may keep your data for longer if we cannot delete it for legal, regulatory, or technical reasons. If we do, we will make sure that your privacy is protected and only use it for these purposes.
For prospective customer data we shall keep your personal data for 12 months from the date that a quotation was provided to you, unless you have requested that we maintain this data for a further period as determined by yourself.
8. AUTOMATED DECISION MAKING
In establishing and carrying out a business relationship, we generally do not use any automated decision-making. We may process some of your data automatically, with the goal of assessing certain personal aspects (profiling), to enter or perform a contract with you or another person (for example, a legal entity for which you are the authorized representative), in the following cases:
- Data assessments are carried out in the context of combating money laundering and fraud.
- Profiling, with the help of specialized tools, whereby your personal data, such as contact details, products and services portfolio information, transaction pattern and behaviour (including spending habits), financial background and demographic data (including family status) is processed for the purpose of developing and creating specialized products and services.
In the rare instances that we process your personal data by solely automated means (including profiling), we shall only process your data for such purpose, if we have your explicit consent to do so.
9. MARKETING ACTIVITIES AND PROFILING
We may process your personal data to tell you about products, services and offers that may be of interest to you or your business.
The personal data that we process for this purpose consists of information you provide to us and data we collect and/or infer when you use our services, such as information on your policy transactions. We study all such information to form a view on what we think you may need or what may interest you. In some cases, profiling is used, i.e., we process your data automatically with the aim of evaluating certain personal aspects to provide you with targeted marketing information on products.
We can only use your personal data to promote our products and services to you if we have your explicit consent to do so or, in certain cases, if we consider that it is in our legitimate interest to do so.
You have the right to object at any time to the processing of your personal data for marketing purposes, which includes profiling, by contacting at any time our Customer Services Centre or any of our branches either in person or in writing.
10. YOUR DATA PROTECTION RIGHTS
You have several rights in relation to the personal data you have shared with us. These are in line with the applicable legislation and can be summarized as follows:
|Right to Access
||You have the right to request access to your personal data that we hold including the right to
be informed about the purpose of the processing and the recipients of your personal data.
Provided the rights of others are not affected, we will supply to you a copy of your personal
data that we hold but in doing so we may ask you to verify your identity.
|Right to Rectification
||You have the right to have any inaccurate personal data rectified and, considering the purposes of the processing, to have any incomplete personal data about you completed.
|Right to Erasure
||Under some circumstances, you have the right to the erasure of your personal data without
undue delay. Those circumstances can come about when:
• your personal data is no longer necessary in relation to the purpose for which it
was collected or otherwise processed.
• you withdraw consent in circumstances where you had previously provided it.
• you object to the processing under certain rules of applicable data protection law.
• the processing is for direct marketing purposes.
• your personal data was unlawfully processed.
The right to erasure is not absolute and exclusions include circumstances where processing
is necessary for exercising the right of freedom of expression and information; for compliance
with a legal obligation; and/ or for the establishment, exercise, or defence of legal claims.
|Right to Restrict Processing
||Under certain circumstances, you have the right to restrict the processing of your personal
data. Examples of such circumstances include cases where you contest the accuracy of your
personal data or our need to have access to your personal data for the declared processing
purposes. If processing has been restricted on this basis, we may continue to store your
personal data, but we cannot otherwise process it.
|If we have been processing your personal data on a certain legal basis (such as legitimate
interest) you have the right to object to such processing in certain circumstances. On the
submission of such objection and unless we can demonstrate compelling legitimate grounds
for the continuance of the processing which override your interests or if the processing is for
the establishment, exercise, or defence of legal claims, we shall seize the processing.
|Right to Data Portability
||If the processing is carried out by automated means and the legal basis for our processing of
your personal data is:
i. consent; or
ii. performance of a contract to which you are party; or
iii. preparatory work at your request prior to entering a contract,
you have the right to receive your personal data from us in a structured, commonly used, and
machine-readable format, unless it would adversely affect the rights and freedoms of others.
|Right to Lodge
|If you consider that our processing of your personal data infringes applicable data protection
legislation, you have a legal right to complain to the Office of the Commissioner for Personal
Data Protection. Find out on their website how to submit a complaint
|To the extent that the legal basis for our processing of your personal data is consent, you
have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness
of processing before the withdrawal.
You may exercise any of your rights in relation to your personal data by written notice to us via email@example.com.
11. HOW TO COMPLAIN
If you have exercised any or all of your data protection rights and still feel that your concerns about how we use your personal data have not been adequately addressed by us, you have the right to complain by contacting us via firstname.lastname@example.org. You also have the right to complain to the Office of the Commissioner for Personal Data Protection. Find out on their website how to submit a complaint (http://www.dataprotection.gov.cy).
12. CHANGES TO THIS PRIVACY STATEMENT
We may modify or amend this privacy statement from time to time. We will reasonably endeavour to notify you appropriately when we make changes to this privacy statement, and we will amend the revision date at the top of this page. We do however encourage you to review this statement periodically to always be informed about how we are processing and protecting your personal information.
13. CONTACT INFORMATION
You can reach our data protection officer at email@example.com.