Privacy Statement
Jinius Privacy Statement
Jinius Ltd (“we”, “us”, “our”, or “Jinius”) is committed to protecting your privacy and handling your personal data in an open and transparent manner. This Privacy Statement explains how we collect and process your personal data when you use our website, web application, or services. It also describes the rights you have regarding your personal data.
This privacy statement:
- provides an overview of how Jinius collects and processes your personal data and explains your rights under the GDPR and Cyprus Data Protection Law 125(I)/2018,
- applies to natural persons who are current or prospective customers of Jinius,
- applies to authorised representatives, agents or beneficial owners of legal entities that are current or prospective customers of Jinius,
- applies to natural persons who have had or may have a business relationship with Jinius,
- applies to natural persons whose personal data is lawfully obtained in the normal course of business,
- applies to subscribers of marketing materials and communications,
- applies to natural persons interacting with Jinius via its website, web application, customer support or other communication channels.
1. WHO WE ARE
Jinius Ltd is a company registered in Cyprus under registration number HE441093, with its registered office at 51 Stassinos Street, Strovolos, 1599 Nicosia. Jinius is part of the Bank of Cyprus Group.
If you have any questions about this Privacy Statement or wish to exercise your rights, you may contact our Data Protection Officer (DPO) at privacy@jinius.com.cy.
2. WHAT PERSONAL DATA WE PROCESS AND WHERE WE COLLECT IT FROM
We collect and process different types of personal data depending on the products or services you use and your interactions with us. Data may be collected directly from you, through your authorised representative, from other Group entities, or from publicly available sources such as the Registrar of Companies, media or the internet.
The personal data we may collect includes:
| Type | Description |
|---|---|
| Contact data | Name, surname, billing and delivery address, email address, telephone number. |
| Identity data | Date of birth, identity card/passport number and supporting identification documentation. |
| Financial data | Bank account details, payment information, and relevant financial documentation. |
| Transaction data/history | Details of payments to/from you and information about products/services you have purchased or used through Jinius. |
| Technical data | IP address, login data, browser type/version, time zone settings, device type, operating system, authentication logs, session information, and other technical data generated when you interact with our website/web application. |
| Usage Data | Information about how you use the website/web application, including activity logs, clickstream data and service interaction information. |
| Profile Data | Username, passwords (encrypted), preferences, survey responses, account settings, transaction preferences. |
| Marketing & communication data | Marketing preferences and communication preferences. |
| Aggregated Data | We may collect aggregated data for analytics purposes (e.g. usage statistics). Aggregated data does not identify you. |
3. CHILDREN’S DATA
We do not knowingly collect data relating to children. For the purposes of this Privacy Statement, “children” are individuals under the age of eighteen (18).
If you are under 18, please do not provide any personal data. If you believe you have inadvertently provided such data, please ask a parent or legal guardian to notify us so that we may delete it.
4. WHETHER YOU HAVE AN OBLIGATION TO PROVIDE US WITH YOUR PERSONAL DATA
To establish or maintain a business relationship with you or your organisation, certain personal data is necessary for contractual or regulatory purposes (including AML/CFT requirements). If you do not provide such information, we may not be able to proceed with or continue the business relationship.
5. WHY WE PROCESS YOUR PERSONAL DATA AND ON WHAT LEGAL BASIS
We process your personal data only where at least one GDPR lawful basis applies:
| Legal basis | Description |
|---|---|
| For the performance of a contract | To provide products/services, register accounts, process orders, handle support requests, etc |
| For compliance with a legal obligation | Including AML/CFT laws, Companies Law, DAC7 reporting, tax laws, regulatory compliance, and other statutory requirements. |
| For the purposes of safeguarding legitimate interests | For purposes such as: • Ensuring quality of service • Fraud prevention and security • Business reporting and analytics • Conducting customer satisfaction surveys • Sending operational service communications necessary for proper service function (e.g. merchant catalogue update reminders) We perform a Legitimate Interest Assessment (LIA) before relying on this basis. |
| You have provided your consent | Used only where required (e.g. for marketing communications or non-essential cookies). You may withdraw consent at any time. |
6. WHO RECEIVES YOUR PERSONAL DATA
Recipients may include:
- Internal departments within Jinius
- Other Bank of Cyprus Group entities
- Service providers (cloud hosting, IT support, analytics, communication providers)
- Payment and transaction processors such as JCC
- Courier companies
- Supervisory or public authorities, where legally required
All processors engaged by Jinius are contractually bound to comply with GDPR.
7. TRANSFER OF YOUR PERSONAL DATA TO A THIRD COUNTRY OR TO AN INTERNATIONAL ORGANISATION
Your personal data may be transferred to third countries (i.e. countries outside of the European Economic Area) in such cases as e.g. if this data transfer is required by the applicable law (e.g. reporting obligation under Tax law) or you have given us your consent to do so or where Jinius uses service providers for certain tasks which they or their service providers may have their headquarters, parent companies or data centers in a third country. Processors in third countries are obligated to comply with the European data protection standards and to provide appropriate safeguards in relation to the transfer of your data in accordance with GDPR Article 46.
Jinius will take all reasonable steps necessary to ensure that your data is treated securely and in accordance with this Privacy Statement. Jinius reserves the right to transfer personal data when required by mandatory laws or authorities. Please contact us if you would like further information about how we protect your transferred information.
8. TO WHAT EXTENT THERE IS AUTOMATED DECISION-MAKING AND WHETHER PROFILING TAKES PLACE
In establishing and carrying out a business relationship, we generally do not use any automated decision-making. We may process some of your data automatically, with the goal of assessing certain personal aspects (profiling), to enter or perform a contract with you or another person (for example, a legal entity for which you are the authorized representative), in the following cases:
- Data assessments are carried out in the context of combating money laundering and fraud.
- Profiling, with the help of specialized tools, whereby your personal data, such as contact details, products and services portfolio information, transaction pattern and behaviour (including spending habits), financial background and demographic data (including family status) is processed for the purpose of developing and creating specialized products and services.
In the rare instances that we process your personal data by solely automated means (including profiling), we shall only process your data for such purpose, if we have your explicit consent to do so.
9. HOW WE TREAT YOUR PERSONAL DATA FOR MARKETING ACTIVITIES AND WHETHER PROFILING IS USED FOR SUCH ACTIVITIES
We may process your personal data to tell you about products, services and offers that may be of interest to you or your business.
The personal data that we process for this purpose consists of information you provide to us and data we collect and/or infer when you use our services, such as information on your policy transactions. We study all such information to form a view on what we think you may need or what may interest you. In some cases, profiling is used, i.e., we process your data automatically with the aim of evaluating certain personal aspects to provide you with targeted marketing information on products.
We can only use your personal data to promote our products and services to you if we have your explicit consent to do so.
You have the right to object at any time to the processing of your personal data for marketing purposes, which includes profiling, by contacting at any time our Customer Services Centre either in person or in writing. Furthermore, if you are a registered customer of the Jinius website, you may update your marketing preferences and communication methods directly through your account.
10. HOW LONG WE KEEP YOUR PERSONAL INFORMATION FOR
We will keep your personal data for as long as we have a business relationship with you as either an individual or as an appointed representative of a legal entity, or a beneficial owner.
If you no longer wish to be a Jinius customer, you can contact us either via Customer Support Center or at privacy@jinius.com.cy and request that we close your account. However, in order to meet our professional and legal requirements, we may need to keep some of your personal data even after you have asked us to delete it. We will only keep what we absolutely need to, and only to make sure we can meet our legal or regulatory requirements, resolve disputes, or enforce our Terms & Conditions.
Once our business relationship with you has ended, we may keep your personal data for the longest of the following periods: (i) any retention period set out in our retention policy which is in line with regulatory requirements relating to retention or (ii) the end of the period in which legal action or investigations might arise in respect of the products and services provided.
We may keep your data for longer if we cannot delete it for legal, regulatory, or technical reasons. If we do, we will make sure that your privacy is protected and only use it for these purposes.
For prospective customer data we shall keep your personal data for 12 months from the date that a quotation was provided to you, unless you have requested that we maintain this data for a further period as determined by yourself.
For unsuccessful candidates who have attended an interview with us, we may keep your CV for a period of 12 months for future relevant job opportunities, from the date of the interview occurrence, unless you have requested to withdraw your application.
11. YOUR DATA PROTECTION RIGHTS
You have several rights in relation to the personal data you have shared with us. These are in line with the applicable legislation and can be summarized as follows:
| Type | Description |
|---|---|
| Right to Access | You have the right to request access to your personal data that we hold including the right to be informed about the purpose of the processing and the recipients of your personal data. Provided the rights of others are not affected, we will supply to you a copy of your personal data that we hold but in doing so we may ask you to verify your identity. |
| Right to Rectification | You have the right to have any inaccurate personal data rectified and, considering the purposes of the processing, to have any incomplete personal data about you completed. We maintain the accuracy and completeness of the personal data we hold. It is important that you inform us of any updates to your contact details or other personal data so that we have the most up-to-date information about you. If you are a registered customer, you can also update your personal details through “My Account” screen in our website. |
| Right to Erasure | Under some circumstances, you have the right to the erasure of your personal data without undue delay. Those circumstances can come about when: • your personal data is no longer necessary in relation to the purpose for which it was collected or otherwise processed. • you withdraw consent in circumstances where you had previously provided it and there is no other legal basis for processing. • you object to the processing under certain rules of applicable data protection law. • the processing is for direct marketing purposes. • your personal data was unlawfully processed. The right to erasure is not absolute and exclusions include circumstances where processing is necessary for exercising the right of freedom of expression and information; for compliance with a legal obligation; and/ or for the establishment, exercise, or defence of legal claims. |
| Right to Restrict Processing | Under certain circumstances, you have the right to restrict the processing of your personal data. Examples of such circumstances include cases where you contest the accuracy of your personal data or our need to have access to your personal data for the declared processing purposes. If processing has been restricted on this basis, we may continue to store your personal data, but we cannot otherwise process it. |
| Right to Object to Processing |
If we have been processing your personal data on a certain legal basis (such as legitimate interest) you have the right to object to such processing in certain circumstances. On the submission of such objection and unless we can demonstrate compelling legitimate grounds for the continuance of the processing which override your interests or if the processing is for the establishment, exercise, or defence of legal claims, we shall seize the processing. |
| Right to Data Portability | If the processing is carried out by automated means and the legal basis for our processing of your personal data is: i. consent; or ii. performance of a contract to which you are party; or iii. preparatory work at your request prior to entering a contract, you have the right to receive your personal data from us in a structured, commonly used, and machine-readable format, unless it would adversely affect the rights and freedoms of others. |
| Right to Lodge a Complaint |
If you have exercised any or all of your data protection rights and still feel that your concerns about how we use your personal data have not been adequately addressed by us, you have the right to complain by contacting us via privacy@jinius.com.cy. You also have the right to complain to the Office of the Commissioner for Personal Data Protection. Find out on their website how to submit a complaint (http://www.dataprotection.gov.cy). |
| Right to Withdraw Consent |
To the extent that the legal basis for our processing of your personal data is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal. If you are a registered customer on the Jinius website, you may update your marketing preferences and communication methods directly through your account settings. |
You may exercise any of your rights by submitting a written request to privacy@jinius.com.cy. Requests are reviewed promptly and processed within the timelines set by GDPR and Cyprus Law 125(I)/2018.
We endeavour to address all of your requests promptly.
12. CHANGES TO THIS PRIVACY STATEMENT
We may modify or amend this privacy statement from time to time to reflect changes in our practices and services.
We will reasonably endeavour to notify you appropriately when we make changes to this privacy statement, and we will amend the revision date at the top of this page. We do however encourage you to review this statement periodically to always be informed about how we are processing and protecting your personal information.
13. CONTACT INFORMATION
If you have any questions about Jinius’ Privacy Policy, the data we hold on you, or you would like to exercise any of your data protection rights, you can reach our data protection officer at privacy@jinius.com.cy.
If you wish to report a complaint or if you feel that Jinius has not adequately addressed your data privacy concern, you have the right to complain to the Office of the Commissioner for Personal Data Protection. Find out on their website how to submit a complaint (http://www.dataprotection.gov.cy).
14. COOKIES
Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer or mobile device if you agree.
You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website/web application may become inaccessible or not function properly. For more information, please refer to our Cookie policy, which is available on our website.