Privacy Policy

## Privacy Policy **Introduction:** This Privacy Notice will inform you as to how “Intergo TelecomLtd” (hereinafter referred to as the “Company”, “we”, “us” and “our”) collects and processes information about you and in particular, your personal data. We hereby assure you that this Privacy and Personal Data Protection Policy (“Privacy Policy”) fully respects and complies with the EU Regulation 679/2016 (“Regulation”) and the relevant Law 125 / I / 2018 of the Republic of Cyprus. **Useful Definitions:** **Personal Data** means any information relating to an identified or identifiable natural person (‘ **data subject**’); an identifiable natural person is one who can be identified, directly or indirectly, indicatively by reference to an identifier such as a name, an identification number, address, contact details, an online identifier, etc., or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. **Personal data breach** means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed. **Controller** means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. **Processor** means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller. **Processing** means any operation or set of operations which is performed on personal data or on sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. **Third party** means a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data. **The Controller:** Regarding the personal data, and in cases, we determine the purposes and means of the processing, the Controller is the legal person: INTERGO TELECOM LIMITED, Tepeleniou Ave 17 – Afentico Anna Building – Office 102-103, Paphos 8010, Tel: +357 26 913001, [inquiries@intergotelecom.com](mailto:inquiries@intergotelecom.com). **Principles we adhere to** At INTERGO TELECOM LIMITED, we are committed to, and adhering to, the following principles of processing personal data in accordance with Article 5 of the Regulation. The personal data is: - processed lawfully, fairly and in a transparent manner in relation to the data subject (principle of ‘lawfulness, fairness and transparency’); - collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (principle of ‘purpose limitation’); - adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed (principle of ‘data minimisation’); - accurate and, where necessary, kept up to date; we take every reasonable step to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, erased or rectified without delay (principle of ‘accuracy’); - kept in a form which permits identification of data subjects for no longer than it is necessary or as required by relevant Laws (principle of ‘storage limitation’); - processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organisational measures (principle of ‘integrity and confidentiality’). Finally, we are able to demonstrate compliance with the aforementioned principles (principle of ‘accountability’). **Collection of Personal Data** We, as the Controller, collect Personal Data from you in the following cases: - When you contact us directly or indirectly (e.g., through our webpage and/or email, or through our collaborators, or through our Social Media accounts, etc.), in order to be informed regarding our services or ask relevant information; - If you receive our services, if you cooperate with us, or if you are involved in events related to the offer and delivery of our services; - If you fill in any of our documents or submit a message through our webpage, our email or when you are connected to our social media accounts; - When your personal data is disclosed to us by third parties under contracts or agreements; - When you visit our webpage or our premises; - When you are an employment candidate; - When you are one of our employees. In addition, it is noted that we process personal data, which third parties, usually legal entities, disclose to us when we act as Processors on their behalf. In such cases these third parties hold the responsibility to properly inform you. **Minors’ Personal Data** We do not collect and/or process minors’ personal data without verifiable parental consent, in cases when we are able to control it. For example, it is not possible to control information that is communicated to us without physical presence. **Categories of Data Subjects** The categories of data subjects include: Individuals or legal entities’ executives, interested in our services and contacting us; Natural persons receiving our services or are related to the delivery of our services, or natural persons and employees of our suppliers and other legal entities cooperating with us; Candidates for employment; Visitors of our premises or our webpage and our social media accounts; Our employees. Regarding the Categories of data subjects and the personal data we process when we have the role of the Processor, the Controller holds the responsibility to appropriately inform you. **Personal Data types that we may collect about you as the Controller** Data from the following categories of personal information about you, **may be collected** and **processed** **per case and not as a whole,** when we are the Controller, in order to serve the purpose of the data collection and in accordance with the relevant legal basis as described in this Policy: - Contact details with you or a natural person you may indicate instead of you (name, surname, address, telephone, email); - Occupational information (occupation, position, company); - Information related to terms of agreements (yours or persons involved) such us identification card or passport or ARC number, date and place of birth, nationality, date of issue of the passport and its expired date, terms of the service, dates, signatures and amounts; - Payment and transaction details (IBAN, account number, tax number, desired payment method, terms of payment, depositor’s details); - Incident investigation data, such as incident details, data of persons involved or related information; - Client or provider history (satisfaction, transaction details, claims, problems, terms) and information related to assessing persons and situations; - Apps / websites / social media related data (cookies, full name or nickname, information you publicly disclose and comments on social media, or email attachments); - Your image captured through our legally operating CCTV system when you are visiting our premises; - Data included within your Curriculum Vitae such as data related to studies, competencies or previous working experience, and other information included therein, if you disclose this information to us as candidate for employment. It is noted that we collect some more types of personal data about our employees; they are informed through documents, manuals, policies and procedures and information internally provided. **Purposes of Processing & t