Thank you (hereinafter the “Website visitors”, “potential clients”, “active clients”, “client”, “users”, “instructors”, “other individuals”, “individuals”, “your”, “data subjects”) for using www.icpte.com (hereinafter the “Website”). The website is owned and operated by G.P. Global Ltd, owner of the registered trade name INSTITUTE OF CONTINUOUS PROFESSIONAL TRAINING AND EDUCATION (ICPTE) (hereinafter the “ICPTE”, “Company”, “we”, “us”, “our”).
This Privacy Notice applies to all personal data relating to identifiable individuals that we collect through the Website, “Contact us” Form, email, online sign up for a user account and “Instructor Application” Form and processes.
Before proceeding to use the Website, you must read the following terms carefully. If for any reason you are dissatisfied with this Privacy Notice, you have the right either to stop browsing the Website or continue browsing the Website without submitting any personal information.
You acknowledge that you will not send us any personal data, if you do not want this information to be processed by us in the ways described in this Privacy Notice.
By using the Website, you are confirming that you understand English well enough to understand this Privacy Notice.
2. POLICY STATEMENT
ICPTE intends to fully comply with all requirements of the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter the “Regulation”) and of the Law 125(I) of 2018 Providing for the protection of natural persons with regard to the processing of personal data and for the free movement of such data (hereinafter the “Law”), in so far as they affect its activities.
ICPTE is located at 7, Alkaios Str., Alkaios Court, Flat 103, 3090 Limassol – Cyprus. You can contact ICPTE at Tel: +357-25755911, Fax: +357-25755660 and email: firstname.lastname@example.org
We need to collect and use the personal data of Website visitors, potential clients, active clients, instructors and other individuals who are accessing or using the Website and come into contact with us.
In collecting and using personal data, we are committed to protecting an individual’s right to privacy with regard to the processing of personal data, therefore this Privacy Notice is hereby adopted in compliance with the Regulation and with the Law to support this commitment.
The Privacy Notice ensures that we:
• Comply with the REGULATION (EU) 2016/679.
• Comply with the Law 125(I) of 2018.
• Protect the rights of individuals related to ICPTE.
• Are open about how we collect, use, store, access, disclose, transfer and destruct individual’s data.
• Reduce the risk of a data breach.
We respect and value your data privacy rights and make sure that all personal data collected from you are processed in adherence to the general principles of data protection as set out in the Regulation. In accordance with these principles, the personal data shall be:
• processed lawfully, fairly and in a transparent manner;
• collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
• adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
• accurate and, where necessary, kept up to date;
• kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
• processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage.
4. PROCESSING OF PERSONAL DATA
The lawfulness of collection and processing of personal data by us is based on:
• the data subject has given consent to the processing of his or her personal data for one or more specific purposes; or
• the necessity to comply with our legal obligations; or
• the performance of a contract to which we are a party or in order to take steps at the request of a prospect client or instructor prior to entering into a contract; or
• our legitimate interests, such as providing online courses through the Website and managing our business
4.1.1 Collection of personal data of Website users, clients, instructors and other individuals
We may collect different types of information from you depending on how you use the Website, including personal data. “Personal data” means information that relates to an identified or identifiable natural person.
In order to receive more information for your specific request or for any other business relationship, you are requested to complete the “Contact us” Form on the Website, send an email to email@example.com or registered to create an account. By completing the “Contact us” Form, contact us through an email or register to create an account you provide your personal information and you enable us to evaluate your request. We will use the same information to contact you regarding the offered services. The offered services include the offer of online courses. By registered to create an account you enable us to create an account for you on the Website.
We collect sufficient information of the Website users, potential clients, clients, instructors and other individuals for the evaluation of their specific request for ICPTE services. ICPTE services include the offer of online courses.
To contact us in order to send us your specific request or for any other business relationship, we collect personal data that you provide during the completion and submission of the “Contact us” Form.
This information includes:
• Personal information that you provide on the “Contact us” Form, such as your first name, last name, email, phone number, country.
• Personal information that may be included in the “Message” section of the “Contact us” Form,
To create a user account in order to be able to purchase and watch an online course, we collect personal data that you provide during the process of the online Sign up for a user account and purchasing of a course.
This information includes:
• Personal information that you provide through the online Sign up process for a user account such as your first name, last name, email, phone number, country.
• Personal information that you provide to purchase and watch a course such as your email for PayPal account and bank details for bank account.
To be registered as course(s) instructor, we collect personal data that you provide during the application and registration process.
This information includes:
• Personal information that you provide on the application and registration process such as your first name, last name, email, phone number, profession, country.
• Personal information that you provide for receiving payments.
We may ask to collect additional personal data from data subjects, update the personal data that we process and collect other additional personal data in order to provide the service of an online course or under any legal requirement that we are subject, as well as, personal data not obtained from the data subject.
We will retain the information for no longer than it is necessary for the purposes for which it was collected or for which is to be further processed. In some cases there are legal requirements to keep data for a minimum period.
We apply security measures for the protection of the personal data in use. The security measures include technical and organizational procedures.
We give access to personal information to employees who need the specific information in order to operate, develop or improve ICPTE services and online courses. These individuals are bound by confidentiality and will be subject to penalties if they fail to meet these obligations.
4.2.1 Use of personal data of clients, instructors and other individuals
Personal data of clients collected through the registration and payment process on the Website shall be used by us for providing online courses purchased by clients.
Personal data of instructors collected through the “Instructor Application” Form shall be used by us in order to establish a business relationship.
Personal data collected from other individuals through the Website will be used by us for a specific purpose. An example of such specific purpose is the use of personal data of an individual who has contacted us asking for information about the online courses.
We may use your personal information for one or more of the following purposes:
• to provide the services you have requested;
• to provide information on a specific request;
• to provide online courses upon your relevant registration and purchasing of an online course;
• to create an account in order to become an instructor;
• to inform website visitors about who are the instructors of the online courses offered;
• to inform you about products, online courses and/or services that may be of interest to you;
• to keep you updated on the issues that are relevant to your business relationship with ICPTE;
• to analyse statistical data to enable ICPTE to provide you with better products, online courses and/or services;
• to enhance the security controls of ICPTE’s networks and systems;
• to identify, assess, mitigate, prevent and investigate fraudulent activity of any kind that is forbidden by the relevant legislation;
• to defend possible legal claims;
4.3 Storage of personal data
We apply appropriate security measures to protect the personal data that we process against any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access as well as against any other unlawful processing.
We keep personal data physically/on Paper and electronically.
We may disclose personal data that we process only pursuant to a lawful purpose and to authorized recipients of such personal data. Authorized recipients may include third parties with whom we have a contractual agreement for the provision of a service and shall refer as our partners. We shall take all the necessary efforts in order our partners maintain the privacy of your personal data in accordance with the Regulation and the Law.
Where we use the services of third parties that assist us in providing services to you, that may include the transfer of personal data that we process and they are not partners as defined in the above paragraph, these third parties are required to maintain the confidentiality of such personal data and to use personal data that we may transfer to them only in the course of providing such services for the purposes that we dictate and within the ambit of the Regulation and the Law.
Authorized recipients of Personal Data may be for example:
• technological experts who are appointed to support the smooth operation of the Website and our systems;
• the Website developers;
• providers of hosting services;
• companies providing accounting services;
• companies providing legal services;
• external consultants;
• Data Protection Officer in case we decide to be outsourced;
• Governmental authorities and regulatory bodies.
4.5 Transfer to a third country or international organization
Where in case we will transfer personal data to a third country or international organization, we will ensure that:
a) there is a decision by the Commission that the third country, the territory or one or more specified sectors within that third country, or the international organization in question, ensures an adequate level of protection; or
b) in the absence of a decision as above, appropriate safeguards in accordance with the Regulation are in place and on condition that enforceable data subject rights and effective legal remedies for data subjects are available; or
c) in the absence of a decision as (a) above or appropriate safeguards, as (b) above, are not in place, the transfer shall be performed only if one of the conditions described under Article 49 of the Regulation applies; or
d) in the absence of a decision as (a) above or appropriate safeguards, as (b) above, are not in place or any of the provisions under Article 49 of the Regulation does not apply, the transfer shall be performed only if the transfer is not repetitive, concerns only a limited number of data subjects and it is necessary for the purposes of compelling legitimate interests pursued by us which are not overridden by the interests or rights and freedoms of the data subject.
4.6 Impact Assessment
We shall conduct a Privacy Impact Assessment (PIA) relative to all activities, projects and systems involving the processing of personal data prior to a type of processing that in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of data subjects.
After the storage period, as defined below under the paragraph “6. For how long we keep your personal data”, is ended, we will destroy hard copies of personal data and personal data that are kept electronically.
6. FOR HOW LONG WE KEEP YOUR PERSONAL DATA
We will retain the information for no longer than it is necessary for the purposes for which it was collected or for which is to be further processed. We will keep personal data of clients during the time of business relationship.
In some cases there are legal requirements to keep data for a minimum period, e.g. for accounting and tax purposes requirements.
7. SUBJECT TO CONSENT
By continuing using the Website you accept this Privacy Notice and the Cookies Policy and you consent to the collection and processing of your personal data as described in this Privacy Notice and the Cookies Policy.
You can withdraw your consent at any time by contacting us at firstname.lastname@example.org. Please note that the processing of your personal data is necessary in order to provide you with requested services, receive courses by instructors and to be able to purchase and watch online course(s).
8. PROCESSING FOR OTHER REASON
We will ask to receive data subject’s consent in any case we will process data subject’s personal data for a purpose other than that for which personal data has been collected.
9. DATA SUBJECTS RIGHTS
All individuals who are the data subject of personal data held by us are entitled to the below rights as these are defined in the Regulation and the Law, unless these rights are subject to a restriction under the same Regulation and Law:
• Right of access. You have the right to request a copy of your personal data which we hold about you. We will provide a copy of your personal data that is undergoing processing. For any further copies requested by you, we may charge a reasonable fee based on administrative costs.
You can send an email to email@example.com asking for a copy of your personal data that is undergoing processing.
• Right to rectification. You have the right to request the rectification of any inaccurate personal data which we hold about you.
• Right to erasure. You have the right, under certain circumstances as these are defined in the Regulation, to request the erasure of personal data which we hold about you.
• Right to restriction of processing. Where there is a dispute in relation to the accuracy or processing of your personal data, you have the right to request a restriction on further processing, in accordance with the Regulation.
• Right to data portability. Where the processing is based on consent or on a contract and the processing is carried out by automated means, you have the right to receive the personal data and to transmit this data to another controller.
• Right to object. Where applicable under the Regulation, you have the right to object to the processing of your personal data.
• Right not to be subject to a decision based solely on automated processing, including profiling.
We do not use automated decision-making, including profiling.
• Right to withdraw your consent. Where the processing is based on your consent, you have the right to withdraw your consent at any time.
To withdraw your consent, send an email to firstname.lastname@example.org asking for the withdrawal of your consent.
• Right to lodge a complaint with a competent authority.
In such case, we ask the data subject in the first instance to contact us at the email: email@example.com.
Data subjects can exercise any of the above rights by contacting us through email at firstname.lastname@example.org.
The requested information will be provided free of charge. We reserve the right to charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested or refuse to act on the request, if in case your request is manifestly unfounded or excessive.
10. IP ADDRESSES
We may collect information about your computer, including, where available, your IP address, operating system browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns. We use this information for the operation of the Website, to maintain quality of the Website and to provide general statistics regarding use of the Website.
Cookies are bits of electronic information that a website can transfer to your hard drive to help tailor and keep records of your visit to that website. Cookies are not programs that come onto your system and damage files. Cookies don’t tell us who you are or give us any personal details about you. Generally, cookies work by assigning a unique number to you that has no meaning outside the assigning site.
12. BREACH OF SECURITY AND SECURITY INCIDENTS
Breach of security leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. We are responsible for ensuring immediate action in the event of a security incident or personal data breach.
We have in place procedures to deal with any suspected personal data breach and we will notify you and the relevant competent regulator (http://www.dataprotection.gov.cy) for the breach where we are legally required to do so. If you require further information on how we deal with a Data Breach, please contact us at email@example.com.
13. MARKETING INFORMATION
We may periodically send promotional emails about new services, online courses, special offers, newsletters or other information which we think you may find interesting. From time to time, we may also use your information to contact you for market research purposes, although you do not have to respond to them. We may contact you by email, phone, fax or mail when available. We may use the information to customize the Website according to your interests.
If you don’t want to give your “Consent” to receive the information as described under paragraph “13. MARKETING INFORMATION”, please send an email to firstname.lastname@example.org requesting not to receive marketing information. When we send you a promotional email, you will have automatically the opportunity to object to the use of your contact details, free of charge and in an easy manner and you may automatically opt out of further promotional offers. In this respect, you have the right to “unsubscribe” at any time by clicking the “unsubscribe from this list” button on any of our Newsletter and marketing communication. Alternatively, please inform us in writing at email@example.com.
14. SECURITY AND CONFIDENTIALITY
We recognize the importance of guarding the security of your personal information and on-line communications. We have implemented appropriate security measures to ensure a level of security appropriate to the risk involved and we have implemented technical and physical security procedures designed to protect personal data from unauthorized access, disclosure, use, and modification.
We give access to personal data that is collected about you only to those who actually need this information for the purpose of providing to you online courses and our services. The Website operating personnel is suitably qualified, possesses the necessary technical knowledge and personal integrity for maintaining confidentiality.
We review the implemented security measures on an ongoing basis and at least once a year to consider new technology and methods as necessary. However, please understand that the implementation of security measures as described in this Privacy Notice does not guarantee the security of your personal data.
The transmission of information via the Internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data as it is transmitted and stored.
No one under 16 years of age is authorized to use the Website and we do not intentionally process personal data from anyone under the age of 16. If you are a parent or the holder of parental responsibility of a person under the age of 16 who has submitted personal data, please contact us at firstname.lastname@example.org.
16. LINKS TO OTHER WEBSITES
17. INQUIRIES AND COMPLAINTS
We have assigned a Data Protection Officer. For any type of inquiry relevant to the processing of personal data, the data subject may contact us at:
Tel: +357 25755911
Fax: +357 25755660
In case of a complaint, we ask the data subject to contact us at first instance at the email: email@example.com.
For any type of inquiry or complaint, we may request the provision of additional information necessary to confirm the identity of the data subject who makes the request or complaint.
This Privacy Notice is the version 1.0 and is effective this 23 day of April, 2021, until revoked or amended by us.
We reserve the right to change or amend this Privacy Notice without further notice to you, provided that the changes do not significantly reduce your rights under this Privacy Notice. The date that this Privacy Notice is updated will be visible at the end of this Privacy Notice. We recommend you to review this Privacy Notice frequently in order to stay updated about any possible changes.
If we make material changes to this Privacy Notice, then you will be notified by means of a notice on the Website’s homepage.
Any revised Privacy Notice will be effective immediately upon posting on the Website.
The latest and prevailing version of this Privacy Notice will at all times be available on the Website.
19. LEGAL DISCLAIMER
We reserve the right to disclose your personal data as required by the Regulation and the Law and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process served. We will not be liable for misuse or loss of personal data resulting from cookies on the Website that we do not have access to or control over. We will not be liable for unlawful or unauthorized use of your personal data due to misuse or misplacement of your passwords, negligence or maliciousness.
This “Privacy Notice” was last updated on 23/04/2021