Privacy Policy - Leafnet LTD

LEAFNET LTD, the “Company,” provides services in the field of Information Technology and E-learning (“Services”).

The Company and contact details

LEAFNET LTD

Phone +357 99366276

Email: company-info@leafnet.com.cy

Any data subject wishing to exercise any of their rights or who has any questions regarding the use of their personal data may contact the Data Protection Officer – DPO at the following contact details:

Data Protection Officer

Phone +357 99366276

Email: company-info@leafnet.com.cy

Commitment

The company is committed to protecting the privacy of its staff, customers, and partners and to handling their personal data transparently. The personal data that the company collects and/or processes relates to the provision of the services the company offers.

The company protects the personal data of its staff, customers, and partners, in accordance with this Policy and in accordance with the legislative and regulatory framework, including the Law on the Protection of Natural Persons with Regard to the Processing of Personal Data and the Free Movement of Such Data (Law 125(I)/2018) as amended from time to time, and the General Data Protection Regulation 2016/679 “GDPR”

The Personal Data Processed by the Company and on what basis

The Company is required to collect from customers/partners the minimum amount of personal data necessary to provide the services it is contracted to perform under the relevant agreement with the customer/partner.

The personal data collected are: First Name, Last Name, Address, contact phone numbers, email address, medical condition, date of procedure, and the supplier of materials.

This specific personal data must be collected, processed, and stored in a database for

the fulfillment of any contract between the company and the customer/partner
to improve the quality of service provided to the customer/partner
to facilitate communication between the company and the customer/partner, due to the customer relationship

If the customer/partner has given their explicit and specific consent to the processing of personal data for specific purposes other than those mentioned above, the lawfulness of such processing is based on that specific consent.

The customer/partner has the right to withdraw their consent at any time. However, any withdrawal will not affect the lawfulness of data processing prior to the withdrawal.

In addition to the above, where necessary, the company may collect and process data beyond what is necessary to fulfill its contractual and/or legal obligations, to protect its legitimate interests or the legitimate interests of third parties related to the company.

Data and/or information are processed accordingly for reasons related to the company’s business and/or commercial interests, taking into account the interests, fundamental rights, freedoms, and reasonable expectations of the company’s customers/partners.

Such processing may include:

Market and service quality surveys, provided that the customer or partner has not objected to the processing of their data for this purpose.
Implementation of security measures and procedures (closed-circuit video surveillance, access control systems, and measures against unauthorized entry into company premises).

Recipients of Personal Data

Within the company, the personal data of customers/partners is processed only by the departments and/or company personnel authorized to process it and who have signed a relevant non-disclosure and confidentiality agreement with the company, provided that such processing is necessary to fulfill the company’s contractual and legal obligations, or when consent has been given by the customer/partner for such processing, or where the company has a legitimate interest.

Under no circumstances will the company disclose the personal data of its customers/partners to third parties for their own marketing and/or advertising purposes.

The company may disclose the personal data of its customers/partners to a public authority if the company is legally obligated to do so, is permitted by specific legislation, or has the consent of its customers/partners.

Retention period for personal data

For the reasons described above, personal data will be retained by the company in physical and electronic files for as long as the contract between the client and partner remains in effect, unless other legislation requires the company to retain such data for specific reasons and if the company deems it appropriate for the establishment, exercise, and defense of legal claims.

The company undertakes to take technical and organizational measures to ensure the security of its customers’ and partners’ personal data during the period of its retention by the company.

Automated Decision-Making

Automated decision-making occurs when an electronic system processes personal data to make a decision without human intervention.

The company does not currently use such a process; however, should it be implemented in the future, the company will duly inform its customers and partners.

Rights granted by law/regulation to the company’s customers and partners

To have access to personal data. This allows them to receive a copy of the personal data held. To request and receive the relevant copy, the customer/partner may contact the Company.

To request the correction of the personal data held. This allows them to correct any incomplete or inaccurate data.

To request the erasure of their personal data (known as the “right to be forgotten”). This allows the individual to request the deletion of personal data when they believe they no longer wish the company to retain it, unless the company is otherwise legally entitled to retain it.

To object to the retention of personal data being retained (known as the “right to object”) when there is a specific circumstance regarding the customer’s/partner’s situation that causes them to wish to object to its retention for that reason. If the client/partner objects, the company will not retain the personal data held for that specific client/ partner, unless the company is able to demonstrate that the processing is carried out on legitimate grounds that override your interests, rights, and freedoms.

You also have the right to object if the processing is carried out for the purpose of promoting the company’s services.

To request the restriction of the processing of personal data. This allows you to request that the processing of personal data be restricted, meaning that the company may use it only in certain cases, if:

it is inaccurate, until its accuracy is verified,
it has been processed unlawfully, but you do not wish to have it erased,
it is no longer needed, but you wish to retain it for use in potential legal claims,
the company has already been asked to stop retaining the personal data, but is waiting for confirmation as to whether there are legitimate grounds for the company to retain it.

To request a copy of the personal data concerning them in a structured, commonly used, and machine-readable format, in order to transmit such data to other organizations and/or companies or for any of their own use. You also have the right to request that your personal data be transferred directly from the company to other organizations and/or companies that you designate (known as the right to data portability).

To withdraw the consent given regarding the processing of their personal data at any time. Please note that any withdrawal of consent does not affect the lawfulness of processing based on consent prior to its withdrawal or revocation by the customer/partner.

In order to exercise any of these rights or if there are any other questions regarding the use of the personal data of the company’s customers/partners, the customer/ partner may contact the company by phone or at the email address company-info@leafnet.com.cy

Right to file a complaint with the supervisory authority.

If any or all rights regarding the protection of personal data have been exercised and the customer/partner of the company continues to have concerns regarding how their personal data is being handled or if these concerns have not been satisfactorily addressed by the company, they have the right to file a complaint with the company’s Data Protection Officer, by calling the company’s phone number or sending an email to company-info@leafnet.com.cy

You also have the right to file a complaint with the Office of the Commissioner for Personal Data Protection.

Changes to this Privacy Policy

The company reserves the right to amend or revise this Policy at any time it deems necessary. The company recommends that its customers and partners periodically review this policy to stay informed about how the company processes and protects their personal data.

The company will update this Policy once a year.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.