The Nicosia District Local Government Organization (hereinafter referred to as the "NDLGO") exercises functions for the administration, regulation and management of local affairs within its jurisdiction. The headquarters of the NDLGO are located at 84 Athalassa Avenue, P.O. Box 21943, Nicosia.
This document is intended to provide you with understandable, transparent and direct information regarding the processing of your personal data collected and processed in the context of the implementation of NDLGO's obligations towards you and compliance with its legal obligations and because NDLGO is committed under the applicable legislation to safeguard and protect your right to protection against unlawful processing of personal data and your right to privacy and to protect your personal data.
This Policy is addressed to natural persons who are existing or potential customers of NDLGO, beneficiaries of NDLGO services, third parties, suppliers and partners. By providing your personal information or the information of another person such as a beneficiary in our relationship with each other or you have received authorization to process their data, you accept that we will use it in the manner detailed in this Policy. You should refer the person whose personal information you provide to NDLGO to this Policy.
The Personal Data Protection Policy and the processing of personal data based on it is based on the following principles:
NDLGO adopts and applies this Policy in the context of its compliance with the provisions of the General Data Protection Regulation (EU) 2016/679 (hereinafter "GDPR"), as incorporated into law, as well as the applicable regulatory framework, including the decisions, circulars and opinions issued by the Commissioner for Personal Data Protection.
The term personal data also includes, among others, some sensitive data (or special categories of data) such as, for example, data concerning the health of an individual which reveal information about his or her state of health, any criminal convictions and data revealing racial or ethnic origin.
When we say that your personal data is subject to "processing", this term includes any operation carried out in relation to that data such as collection, recording, organization, structuring, storage, adaptation, alteration, alteration, retrieval, consultation, use, disclosure, dissemination, disclosure, availability, association, combination, restriction, erasure and destruction.
NDLGO processes personal data in the following cases, for the following purposes:
The NDLGO processes personal data such as:
Personal data are processed, held and stored by the NDLGO in a secure environment, solely for the purposes for which they are intended and only for as long as necessary to achieve those purposes, without prejudice to cases where they are required by legal or regulatory obligations and the more specific ones provided for by applicable legislation. As regards the exact information on the retention period, please contact the Data Protection Officer of the NDLGO.
We may need to share your personal data with our partners and/or third parties to whom NDLGO has delegated, in whole or in part, to perform personal data processing functions on its behalf, in order to better serve and provide our services. However, in no case will we share your personal data to be processed for reasons contrary to those described in this Policy and without informing you in advance.
In any case, personal data may be transferred to public authorities, supervisory authorities, and in general to any public, administrative, supervisory, judicial or other authority and/or agency in the exercise of the NDLGO's legitimate tasks.
In any transfer to third parties, NDLGO shall take all measures in advance to ensure that the data to be transferred are necessary and shall legally ensure that the organizations to which they are transferred comply with the requirements of applicable law and provide sufficient assurances that appropriate technical and organizational measures are in place to ensure that, when personal data are processed by them, the rights of the customer data subjects are protected.
The subjects of the processing of their personal data have the following rights:
(a) The right to be informed and have access to their personal data and to obtain information about them, including their origin, the purposes of their processing, the recipients or categories of recipients and the period of their storage.
b) The right to correct inaccurate data and to complete incomplete data held.
c) The right to delete the data, without prejudice, however, to the obligations and legal rights of the NDLGO to keep the data for a minimum specified period of time, under the applicable legal and regulatory framework.
(d) The right to restrict the processing of data where either their accuracy is contested, or their processing is unlawful, or the purpose of the processing is no longer fulfilled and provided that there is no legitimate reason for their retention.
(e) Right to portability of the data to another controller, provided that the processing is based on the consent of the data subject and carried out by automated means. The fulfilment of this right is without prejudice to the legitimate rights and obligations of the NDLGO to retain the data and to fulfil its duty in the public interest.
f) The right to object to the processing of data relating to them on grounds relating to their particular situation, in cases where the data are processed for the performance of a task carried out in the public interest or for the purposes of the legitimate interests pursued by the NDLGO or a third party.
(j) The right to withdraw your consent to the processing of your personal data at any time, without however affecting the lawfulness of the consent on which the NDLGO relied prior to your withdrawal. Please note that the withdrawal of your consent may lead to the termination of the services concerned.
Requests from NDLGO data subjects concerning their personal data and the exercise of their rights are submitted to the NDLGO Data Protection Officer at the following e-mail address ([email protected]).
If, when submitting a complaint, the subject feels that he or she has been wronged by the NDLGO or if he or she has doubts about the outcome of his or her request, he or she may also submit it in writing to the Commissioner for Personal Data Protection at the address below:
Office of the Commissioner for Personal Data Protection
Kipraronos 15
1061 Nicosia
PO 23378
1682 Nicosia
Tel.: 22818456 Fax: 22304565
E-mail address: [email protected]
NDLGO reserves the right to revise this Privacy Policy when it deems necessary. Therefore, subjects are encouraged to consult it periodically for any changes to comply with new developments and data.
The latest version of this Policy is always posted on the NDLGO website.
Finally, you may request a copy of the most recent version of the Policy in hard copy form.
Nicosia, June 2024