1. The information we collect and how we use it
When you register for any of our services, we may require details including:
– Last Name
– First Name
– Company and your position
– VAT Number
– Address details
– Telephone number
We gather this information to allow us to process your registrations and also any orders you make through our websites. The relevant information is then used by us to communicate with you on any matter relating to the conduct of your account and the provisions of our services in general. We may also use aggregate information and statistics for the purposes of monitoring website usage in order to help us develop the website and we may provide such aggregate information to third parties. These statistics will not include any information that can be used to identify any individual. We may also wish to provide you with information about special features of our website or any other service or products we think may be of interest to you. If you would rather not receive this information please send us an e-mail message to (email@example.com). We may automatically collect technical information when you connect to our site that is not personally identifiable. This includes for example the type of Internet Browser you are using, the type of computer operating system and the domain name of the website from which you are linked to our site.
Within the scope of the provision of our services to our clients, we will come across personal data of individuals who usually are the subject matter of the service we offer to our clients. Through this statement, we inform the said individuals that their data will be collected and processed for the purpose of executing our obligation to our clients. This data will be safely processed and stored and the subject individuals have the same rights like all other individuals of whom we process their data as per paragraph 7. Your reinforced rights.
For which purposes do we collect personal data?
Except for cases of provision of services directly to you when you request any kind of service from us, Infocredit Group Ltd processes data so that it can supply commercial data about organizations to other organizations. The purpose of this processing is to enable businesses to manage their financial risks, protect against fraud, know who they are doing business with, meet compliance and regulatory obligations and better understand organizations, industries and markets.
Consequently, we collect information on businesses and other relevant information in order to assess risk. This information includes the following examples:
1. Registration details (Registered Name, Registered Address, Registration Number etc.)
2. Director, Secretary and Shareholder information (Name, Surname, Identity Card/ Passport/ARC number and the issuing country, Address, Occupation, Nationality, Date of Birth, date of appointment, information on the shares held, Position held in the company or companies)
3. Capital (Issued, No. of Shares, Nominal, Value etc.)
4. Payment records and Charges (Current and Historic)
5. Negative information and bankruptcies of the entity and its related legal entities
6. Financial Statements (when available)
7. Credit scoring assessment based on financial and non-financial variables
8. Company operational histories, subsidiaries, affiliates, and lines of business;
9. Business compliance information from public source government and professional records, media and business publications;
10. Newspaper and media reports of criminal convictions
11. Bankruptcies information as retrieved from the Official Receiver
Infocredit does not seek to collect any information in relation to a European resident’s race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation, genetic or biometric data.
Our data originates from Public & other sources:
1. Public sector information (e.g. Company Registrars and Official Receiver)
2. Governmental and administrative public records such as business registrations, company filings, court and bankruptcy filings
3. Organisations providing information directly to us
4. Creditors and suppliers of an organisation
5. Regulatory bodies and law enforcement agencies
6. Media sources
Why do our clients request data from us
1. Credit Risk Management & Assessment
Credit risk management is the practice of determining creditworthiness – assessing new and existing customers for their financial health, which can indicate their ability to pay on time. It’s important that suppliers perform their due diligence to manage the risks that come with extending business credit.
2. Anti-money laundering information for prospective clients
In Cyprus and the other jurisdictions in which we operate, laws and regulations are designed to combat money laundering. Broadly, money laundering can arise if a person acquires, retains, transfers, uses or controls the proceeds of a crime or the benefit of a criminal activity. References to money laundering includes references to terrorism.
In order to fulfil their obligations our clients are obliged to verify the identity of new clients, and in certain circumstances existing clients. In addition, their internal requirements from time to time may require that they conduct background checks on new or existing clients. These may necessitate verification procedures of the identity and good standing of clients, one or more of their directors or employees or other representatives and others and the identity of clients’ or potential clients’ shareholders, beneficial owners, management, directors or officers and/or other relevant information, possibly including evidence of the source of funds, at the outset of, and possibly from time to time throughout, their relationship with clients, which they may request and/or may obtain from third party sources namely Infocredit Group.
In cases where we are performing the above investigations on behalf of our clients we may request from them to provide us with copies of evidence of identity of their clients or their representatives or any other details they have which will assist us in fulfilling this investigation.
Who do we share this information with?
1. Customers – businesses and organisations with whom we enter into agreements to licence or access our data. Our customers enter into agreements or licences with us because they wish to manage their financial risks, protect against fraud, know who they are doing business with, meet compliance and regulatory obligations, better understand organisations, industries and markets or carry out direct marketing.
2. Resellers – we licence information to authorized resellers and third-party businesses for reselling.
Grounds of Processing
In legal terms we process personal data under the ground of “legitimate interest” and “Third Party Legitimate Interest”. Infocredit’ s legitimate business interest is the supply of commercial data. The purpose of this processing is to enable businesses to manage their financial risks, protect against fraud, know who they are doing business with, meet compliance and regulatory obligations and better understand organisations, industries and markets.
When you view one of our websites, we may store information on your computer. This information will be in the form of a “Cookie” or similar file and can help us in many ways. For example, cookies allow us to tailor our website to better match your interest and preferences. With most Internet browsers, you can erase cookies from your computer hard drive, block all cookies or receive a warning before a cookie is stored. Please refer to your browser instructions or help screen to learn more about these functions.
4. Updating your details
If believe that any of the information provided to us, or included in our database is not up to date please contact us at firstname.lastname@example.org in order to proceed with an update.
5. Your consent
6. Events registration
To register as a delegate for an event you must complete a registration form. During registration you are required to give your contact information (such as name, address, phone number and email address). This information enables us to process and fulfil your enrolment online so that we can contact you about the events for which you have expressed interest. Optionally, you may provide demographic information (such as company name and position). If you do provide such information, we are able to use it to provide a more personalized experience on our website.
7. Your Reinforced rights
Infocredit has taken appropriate measures to provide any information relating to your rights as well as the exercise of these rights. Under Chapter III of the GDPR you have the following rights:
I. Transparent information, communication and modalities for the exercise of your rights
You have the right to be provided with your data freely and in an intelligible and easily accessible form. Following your request, Infocredit shall provide information without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. In that case the Infocredit will inform you for the reasons of the delay.
II. Information to be provided where personal data are collected from the data subject
You have the right to know the contact details of the agent who collects your data, the contact details of the Data Protection Officer (‘DPO’) that was appointed by Infocredit, the purposes of the processing for which the personal data are intended, the legal basis for the processing, the recipients or categories of recipients of the personal data and where applicable the fact that the controller intends to transfer personal data to a third country.
III. Right of access
You have the right to request and receive a copy of your personal data undergoing processing. However, for any further copies requested, Infocredit may charge you a reasonable fee that is based on administrative costs.
IV. Right to rectification
You have the right to obtain from Infocredit without undue delay the rectification of inaccurate personal data concerning you.
V. Right to erasure (‘right to be forgotten’)
There is a right to ask for the erasure of your personal data and no longer processed where the personal data are no longer necessary in relation to the purposes for which they are controlled or otherwise processed.
Hence, in the cases where Infocredit retains and process personal data in accordance with the provisions of Article 6(1)(c) of the GDPR, Infocredit may object to such a request and may keep the relevant personal data that are required in order for Infocredit to comply with its legal obligations.
VI. Right to restriction of processing
You have the right of restricting processing where the accuracy of the personal data is contested by you, the processing is unlawful and there is pending verification as to whether the legitimate grounds of Infocredit override those of your rights.
Therefore, we ensure that Infocredit has in place a procedure where you have the right to restrict the processing of your personal data. Nonetheless, for those personal data that are necessary for compliance with a legal obligation, the University may object to the restriction.
VII. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to Infocredit, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
VIII. Right to object
You have the right to object to the processing of your personal data. However, since Infocredit lawfully processes such data under Article 6(1)(c), the University will still have the right to process the data.
IX. Automated individual decision-making, including profiling
You have the right not to be subject to a decision solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects.
You can exercise your reinforced rights by clicking here.
8. Data Protection
We process and store all personal data, in line with EU Data Protection Legislation. Personal data is utilised for registration purposes only and is not sold or forwarded to any third parties without your consent.
Data Protection Responsibilities
For any further information you need with regards to Data Protection please contact us as Data Protection Officer contact details:
A. & E. C. Emilianides, C. Katsaros & Associates LLC
192 Ledras, 3rd Floor,
1011 Nicosia, Cyprus
Tel: + 357 22 676752
Fax: + 357 22 676754