“Personal data” means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. “Specific categories of personal data” means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, sex life or sexual orientation, and data relating to criminal convictions and offences.

Our company collects and processes personal data during the following activities:

1. Management of the client’s Human Resources
2. Consulting in Human Resources Management
3. Training/seminars/workshops
4. Psychometric tools
5. Project management.

Our company follows the following rules and principles regarding the collection and processing of personal data of its stakeholders:

• Personal data is processed fairly, transparently, and within the existing legal frameworks of the Republic of Cyprus.
• Only the personal data that is really needed to perform the required activity is collected.
• Personal data is not used for any other purpose than that for which it was originally collected without the individual’s consent.
• Personal data that has been collected is kept up-to-date and accurate.
• Personal data is retained only for the time needed to achieve the purpose for which it was collected.
• The processing of personal data is carried out in a way that ensures the protection of this data from unauthorized or illegal processing, accidental loss, destruction, or damage.
• Explicitly prohibited is the leakage/disposition of personal data at a friendly level, even if it concerns personal services to colleagues.
• Explicitly prohibited is the unwanted, accidental, or intentional access to files containing personal data by individuals who have not been properly authorized for this purpose.
• In case of illegal processing of data, loss, destruction, or damage, the company will report the event within 72 hours to the individuals whose data is affected.
• The company ensures that individuals whose personal data are collected are informed of all the information they need to know about the collection and processing of their personal data.
• The company recognizes that individuals whose data is being collected have the right to access, object or restrict processing, correct, delete and transfer their personal data, as well as the right to stop processing their data or report our company if they believe it is not compliant with the current regulation.

If our company processes your personal data, you have the following rights:

• Right of access to your personal data
• Right to rectification
• Right to object to processing
• Right to Restriction of Processing
• Right to erasure
• Right to data portability/transmission
• Right to object to automated individual decision-making
• Right to withdraw consent
• Right to lodge a complaint
• Right to not provide personal data.

If you wish to learn more information about how we collect and process personal data, as well as to exercise one or more of your rights regarding the processing of your personal data, you can contact us via email at central@kesea.com.cy stating your request. We, as the Center for Counseling and Professional Development (KESEA) Ltd, are obliged to reply within 30 days. If you believe that our company has not complied with its obligations arising from the law regarding the protection of your personal data, then you have the right to address the Data Protection Commissioner.

• Candidate Privacy Notice