Privacy Policy

Our Data Protection Commitment

At HR Excellence Cyprus, we are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

We adhere to the principles of the General Data Protection Regulation (GDPR) and Cyprus data protection laws. This policy was last updated in December 2025 and reflects our current practices regarding personal data processing.

Your privacy is our priority.

We implement appropriate technical and organizational measures to ensure the security of your personal data and comply with applicable data protection regulations.

Data Collection, Usage, and Protection

Information We Collect

Personal Information

  • Full name and professional title
  • Contact information (excluding direct contact details)
  • Company name and industry
  • Service preferences and requirements

Technical Information

  • IP address and location data
  • Browser type and version
  • Device information and screen resolution
  • Website usage patterns and preferences

How We Use Your Information

Service Delivery

We use your personal information to provide, maintain, and improve our HR consulting services. This includes responding to inquiries, scheduling consultations, and delivering customized solutions.

Legal Basis: Performance of contract and legitimate business interests

Communication and Marketing

With your consent, we may send you information about our services, industry insights, and relevant updates. You can opt out of marketing communications at any time.

Legal Basis: Consent and legitimate business interests

Legal Compliance and Protection

We may process your data to comply with legal obligations, protect our rights, prevent fraud, and ensure the security of our services and systems.

Legal Basis: Legal obligation and legitimate interests

Data Protection Measures

Encryption

All data transmission is encrypted using industry-standard SSL/TLS protocols

Access Control

Strict access controls ensure only authorized personnel handle your data

Regular Audits

Periodic security audits and compliance assessments ensure ongoing protection

Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We may share your data only in the following limited circumstances:

  • Service Providers: Trusted third-party vendors who assist in delivering our services
  • Legal Requirements: When required by law or to protect our legal rights
  • Business Transfers: In the event of a merger, acquisition, or asset sale

All third parties are required to maintain the same level of data protection and are prohibited from using your data for unauthorized purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this privacy policy, unless a longer retention period is required by law.

Client Data

Retained for 7 years after service completion for legal and business purposes

Website Data

Analytics data retained for 2 years, contact forms for 3 years

Your Rights and Data Management

Your Data Protection Rights

Right to Access

Request copies of your personal data and information about how we process it

Right to Rectification

Request correction of inaccurate or incomplete personal data

Right to Erasure

Request deletion of your personal data under certain circumstances

Right to Restrict Processing

Request limitation of processing your personal data in specific situations

Right to Data Portability

Request transfer of your data to another organization in a structured format

Right to Object

Object to processing of your personal data for direct marketing or legitimate interests

Right to Withdraw Consent

Withdraw consent for processing activities that require your consent

Right to Lodge a Complaint

File a complaint with the relevant data protection authority

How to Exercise Your Rights

To exercise any of your data protection rights, please contact us using the information provided on our website. We will respond to your request within one month and may request additional information to verify your identity.

1

Submit Request

Contact us with your specific request

2

Identity Verification

Provide required verification information

3

Response

Receive our response within 30 days

International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure adequate protection through appropriate safeguards such as:

  • European Commission adequacy decisions
  • Standard contractual clauses approved by the European Commission
  • Binding corporate rules for multinational companies

Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. Any significant changes will be communicated through our website or direct communication.

Notification Methods: We will notify you of material changes via website banner, email notification, or other appropriate means at least 30 days before the changes take effect.