Privacy Policy

Dedicated & Efficient

Keane Vgenopoulou & Associates LLC is a Cyprus based legal practice. We are committed to respecting and safeguarding the privacy of the information provided to us. We ensure protection of your personal information by applying high standards of conduct for privacy issues. We also ensure that our employees are provided with the appropriate training to handle personal information in accordance with the applicable laws.

The terms ”the firm” or “we” “us” or “our” is a reference to Keane Vgenopoulou & Associates LLC and our administrative services provider, Pro-Nom Services Ltd. Any reference to “partner” means a partner of Keane Vgenopoulou & Associates LLC.

This Privacy Policy sets out how we collect and use your personal information. It also describes the rights you have and control you can exercise in relation to it. In particular we set out the following information:

  1. what personal information we collect;
  2. how we obtain your personal information;
  3. how we use your personal information;
  4. what are the legal grounds for our processing of your personal information;
  5. how long we keep your personal information;
  6. who we share your personal information with;
  7. how we protect your personal information;
  8. transfer your personal information to other countries;
  9. your rights regarding your personal information.

Please read the following carefully to understand our views and practices regarding your personal information and how we treat it.

1. What personal information we collect

We may collect personal information from you (and, through you, from your directors, officers, partners, employees, representatives and agents) in the course of our business, including through your use of our website or through our screening providers who assist us with our legal obligations to conduct under anti-money laundering, sanctions screening and regulatory checks.

The personal information that we process includes:

  • Contact information: your name, position, role, company or organisation, telephone (including mobile phone number where provided) as well as email, postal address personal description and photograph;
  • Business information: information identifying you in relation to matters on which you instruct us or in which you are involved;
  • Information from public sources: e.g. professional networks, directories or internet publications;
  • Information provided in the course of the provision of legal and other services (for example, information on professional relationships and background, financial wealth and assets held, transactions entered into, tax status, disputes and court proceedings engaged in);
  • Attendance records: to record your attendance at our offices for security purposes;
  • Subscriptions/preferences: when you subscribe to receive legal briefings, updates or newsletters as well as consent preferences to help us identify which materials you are interested in receiving;
  • Supplier information: contact details and other information about you or your company or organisation where you provide services to Keane Vgenopoulou & Associates LLC;
  • Social media: posts, Likes, tweets and other interactions with our social media presence;
  • Technical information: when you access this website and our technology services being IP address, browser type and version (e.g. Internet Explorer, Firefox, Safari etc.), time zone setting, browser plugin types and versions, operating system you are using (e.g. Vista, Windows XP, MacOS, etc), device type, hardware model, MAC address, unique identifiers and mobile network information;
  • Online information: when you access this website and our technology services, information about your visit including URL clickstream to, through and from our website (including date and time), information about your network as such as information about devices, nodes, configurations, connection speeds and network application performance; pages viewed or searched for, page response times, download errors, length of visits and interaction information (such as scrolling, clicks, mouse-overs) and whether you click on particular links or open our emails. Keane Vgenopoulou & Associates LLC does not collect personal information about your online activities across third party websites or online services.
  • Special categories of personal information: such as dietary, disability or similar requirements for events and meetings. If you do not provide this information, we may not be able to respond to your particular needs or preferences;
  • Criminal record information: where permitted by national law and appropriate to do so, such as existence of prior criminal offences (or confirmation of clean criminal record).

2. How we obtain your personal information

We collect personal information from you as part of our client acceptance process in the course of providing legal and administrative services. We also collect your personal information while monitoring our technology tools and services, (including our website and email communications sent to and from Keane Vgenopoulou & Associates LLC) and we gather information about you when you provide it to us or interact with us directly or registering on one of our digital platforms. We may also collect or receive information about you from other sources, such as keeping the contact details we already hold for you accurate and up to date using publicly available sources.

Please do not send us confidential information until we have confirmed in writing that we represent or act for you or your company or organisation. Unsolicited emails from non-clients do not establish a lawyer-client relationship. They may not be privileged and, therefore, may be disclosed to others.

Cookies

We use cookies that identify your browser. They collect and store information when you visit our website about how you use it through which it is possible to record your use of the website, as well as provide you with a better service and experience when browsing and for analytics. The personal information we collect through these technologies will also be used to manage your session.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.

For more information about cookies and how we use them, please see our: Cookies Policy.

3. How we use your personal information

We use your personal information for the following purposes:

  • Service provision: providing legal advice and services;
  • Business relationship: managing and administering our relationship with you, your company or organisation including keeping records about business contacts, services and payments so we can customise our offering for you, develop our relationship and target our marketing and promotional campaigns;
  • Communication: sending emails, newsletters and other messages to keep you informed of legal developments, market insights and of our services;
  • Client surveys and feedback: including events feedback and client listening exercises as well as answering issues and concerns which may arise;
  • Client legal compliance: client due diligence (under anti-money laundering, sanctions screening and other crime prevention and detection laws and regulatory requirements) which may involve automated screening checks to ensure that clients and contacts are genuine and to prevent fraud or crime and we may not be able take instructions if you do not provide the information we need to do these checks;
  • Website monitoring: to check the website and our other technology services are being used appropriately and to optimise their functionality;
  • Site security: to provide security to our offices and other premises (normally collecting your name and contact details on entry to our buildings);
  • Online security: protecting our information assets and technology platforms from unauthorised access or usage and to monitor for malware and other security threats;
  • Regulatory: compliance with our legal and regulatory obligations as a law firm including auditing and reporting requirements;
  • Managing suppliers: who deliver services to us;
  • Any other purpose(s) which has been agreed by or notified to you.

4. What are the legal grounds for our processing of your personal information?

We will process and/or share your personal information for a number of reasons:

  • you have given us consent: for example, where you share details for particular purposes;
  • this is necessary to comply with legal or regulatory obligations: for example, anti-money laundering and mandatory client screening checks;
  • this is necessary to deal with legal claims
  • we have a legal obligation to do so, and/or when we have a good faith/ belief that such action is necessary to comply with either a court order or a legal process served on us.
  • processing is necessary for our legitimate business interests or those of a third party: provided this does not override any interests or rights that you have as an individual. Our legitimate interests are listed below.

We have legitimate business interests in:

  • providing legal services;
  • managing our business and relationship with you or your company or organisation;
  • understanding and responding to inquiries and client feedback;
  • understanding how our clients use our services and websites;
  • identifying what our clients want and developing our relationship with you, your company or organisation;
  • improving our services and offerings;
  • enforcing our terms of engagement and website and other terms and conditions;
  • ensuring our systems and premises are secure;
  • managing our supply chain;
  • developing relationships with business partners;
  • ensuring debts are paid;
  • operating suppressors to exclude you from direct marketing if you unsubscribe;
  • sharing information in connection with acquisitions and transfers of our business.

Special category information

Special category information in the EU and certain other jurisdictions refers to sensitive information such as your racial or ethnic origin, religious beliefs or health information. We may also collect information about criminal convictions. We will process this information where:

  • we have your explicit consent: for the particular processing;
  • this is necessary to protect your vital interests or those of another person: for example, in medical emergencies; you have manifestly made the information public: for example, where you have published it on social media;
  • this is necessary to deal with legal claims: for example, involving court proceedings;
  • as permitted by applicable law: outside the EU and other jurisdictions where these restrictions apply.

5. How long do we keep your personal information?

We generally keep your information as needed to provide our legal services and to deal with claims. This will depend on a number of factors such as whether you or your company or organisation are an existing client or have interacted with recent client mailings or bulletins or attended recent events. We will retain your information as necessary to comply with legal, accounting or regulatory requirements.

6. Who we share your personal information with?

We share your information as with others as follows:

  • Suppliers: who support our business including IT and communication suppliers, outsourced business support, back up and DR suppliers and LPO operations. Our suppliers have to meet minimum standards as to information security and they will only be provided information in line with their function;
  • Our employees who are acquainted with the GDPR;
  • Shared service centres: operated by Keane Vgenopoulou & Associates LLC or third parties including for client on-boarding, IT services, risk management and office support services;
  • Other law firms: including other local or international law firms, barristers, expert witnesses and arbitrators/mediators;
  • Law enforcement bodies and our regulators: or other competent authorities in accordance with legal requirements or good practice;
  • Appropriate parties in the event of emergencies: in particular to protect health and safety of our clients, staff and organisations;
  • Your company or organisation: in relation to us providing legal services;
  • Screening service providers: so that we can comply with legal obligations in relation to the prevention or protection of crime, ant-money laundering, sanctions screening and other required checks;
  • Any subcontractors, agents or service providers of us;
  • Any registrar of a public register where the information is to be included in a public registry;
  • Third parties: in the context of the acquisition or transfer of any part of our business or in connection with the business reorganisation such us:
    i) acquisitions and transfers of our business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;
    ii) if our company or substantially all of its assets are acquired by a third party, in which case personal information held by it about its clients will be one of the transferred assets;
    iii) if we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or in order to enforce or apply our terms of use; or to protect the rights, property, or safety of us, our customers or others as provided below;
  • Other delegates: where your name will appear on the attendee list for events where you have told us you plan to attend.

Personal information about others

In some cases, you may provide personal information to us about other people (such as your customers, directors, officers, shareholders or beneficial owners). You must ensure that you have given those individuals an appropriate notice that you are providing their information to us and have obtained their consent to that disclosure. In particular, you must ensure the individual concerned is aware of the various matters detailed in this Privacy Policy, as those matters relate to that individual, including our identity, how to contact us, our purposes of collection, our personal information disclosure practices (including disclosure to overseas recipients), the individual’s right to obtain access to the personal information and make objection about the handling of the personal information.

7. How we protect your personal information

We will hold your information securely in line with physical, technical and administrative security measures. However, the transmission of information via the internet is not completely secure. Although we will take reasonable measures to protect your personal information, we cannot guarantee the security of your information transmitted and any transmission is at your own risk.

If a password is used to help protect your accounts and personal information, it is your responsibility to keep your password confidential. Please also be careful to avoid “phishing” scams, where someone may send you an email that looks like it is from us asking for your personal information.

8. Transfer of your personal information to other countries

We provide client legal services within Cyprus but also worldwide, so your information may be transferred out of your local jurisdiction or region. Information protection laws vary by country and those applicable in the USA and elsewhere are not equivalent to those applicable in, for example, the EU or certain other jurisdictions. Keane Vgenopoulou & Associates LLC, take steps to protect your information in line with locally applicable information protection requirements. For those having their jurisdiction within the EU, Keane Vgenopoulou & Associates LLC has implemented Standard Contractual Clauses (SCCs) approved by the European Commission in accordance with Article 46(2)(c) of the General Information Protection Regulation. If you would like copies of the SCCs applicable to European information, please contact us.

9. Your right regarding your personal information

If you are within the jurisdiction of one of the EU Member States or in certain other jurisdictions where similar rules apply, you have certain rights in relation to your information. The availability of these rights and the ways in which you can use them are set out below in more detail.
Some of these rights will only apply in certain circumstances. If you would like to exercise, or discuss, any of these rights, please contact us.

  • Access: you are entitled to ask us if we are processing your information and, if we are, you can request access to your personal information. This enables you to receive a copy of the personal information we hold about you and certain other information about it;
  • Correction: you are entitled to request that any incomplete or inaccurate personal information we hold about you is corrected;
  • Erasure: you are entitled to ask us to delete or remove personal information in certain circumstances. There are also certain exceptions where we may refuse a request for erasure, for example, where the personal information is required for compliance with law or in connection with claims;
  • Restriction: you are entitled to ask us to suspend the processing of certain of your personal information about you, for example if you want us to establish its accuracy or the reason for processing it;
  • Transfer: you may us to help you request the transfer certain of your personal information to another party;
  • Objection: where we are processing your personal information based on a legitimate interest (or those of a third party) and you may challenge this. However, we may be entitled to continue processing your information. You also have the right to object where we are processing your personal information for direct marketing purposes;
  • Automated decisions: you may contest any automated decision made about you where this has a legal or similar significant effect and ask for it to be reconsidered.
  • Consent: where we are processing personal information with consent, you can withdraw your consent.

If you want to exercise any of these rights, please contact us in writing at the relevant email address listed at the end of the Privacy Policy.

You also have a right to lodge a complaint with an information protection supervisory authority, in particular in the Member State in the European Union where you are habitually resident, where we are based or where an alleged infringement of Information Protection law has taken place. In Cyprus you can make a complaint to the Information Protection Commissioner’s Office (Tel: +357 22 818456 or at www.informationprotection.gov.cy).

Direct Marketing

As described above, you can opt-out of receiving direct marketing from us at any time.
We may use the information you give us on our website or other means for direct marketing purposes to provide emails, newsletters and other messages to keep you informed of legal developments, market insights and of our services including events that we think may interest you.
You can opt-out of receiving direct marketing from us at any time. You can do this by changing your marketing preferences on your online accounts settings page, clicking on the “unsubscribe” link included at the end of any marketing email we send to you, or by contacting us.

Links to third party websites

Our website, newsletters, email updates and other communications may, from time to time, contain links to and from the websites of others. The personal information that you provide through these websites is not subject to this privacy policy and the treatment of your personal information by such websites is not our responsibility.
If you follow a link to any other websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.

Children

We do not knowingly collect personally identifiable information from anyone under 16 years old. If you are under 16 years old, you may not submit any personal information to us. If you are a parent or guardian and you are aware that your children have provided us with personal information, please contact us. If we become aware that we have collected personal information from children without verification of parental consent, we take steps to remove that information from us.

Changes to this Privacy Policy

We may update this Privacy Policy periodically by posting the changed Privacy Policy on our website and will note the date of its most recent revision above.

We encourage you to review this Privacy Policy frequently to be informed of how we use, protect, collect, retain, disclose, transfer your information.

How to contact us

If you would like more information about the way we manage personal information that we hold about you please contact us as per below:

Email: [email protected]
Telephone: +357 25 257900
Attention: Thomas Keane & Christina Vgenopoulou