Approved: date (Last reviewed: 16/09/2019)
DPO: Mrs Georgia Charalambidou
The main legal instruments applicable are the General Data Protection Regulation (EU 2016/679) and Cypriot Law 2018 (Ν. 125(I)/2018)
We are committed to ensuring that personal information is held fairly, lawfully and securely in accordance with privacy laws.
Areas covered by this policy
This privacy notice tells you what to expect when the Municipality collects personal information. It applies to information we collect about people, such as:
- people registered as citizens in our archive
- people participating in our events
- visitors to our website. Read our Website Privacy Notice.
- people who register for receiving communication from us
- people who contact us with an enquiry or complaint
- job applicants, associates and our current and former employees
- people who use and receive our services
- people providing services to us
- people who participate in publicity for us
- people who are recorded on CCTV operated by us.
What is personal information?
Personal information (sometimes referred to as personal data) is any information that lets us identify a living individual from that information, either directly or indirectly. For example, basic details such as your: name, address, telephone number, family information, information held in paper files, images etc.
Some information is classed as ‘special category information’ and needs more protection because it is more sensitive. It is often information you would not want widely known and is very personal to you. This is likely to include anything that can reveal your: physical or mental health, sexuality or sexual health, political opinion, religious or philosophical beliefs etc.
The information that we collect, hold, process and share may include but is not restricted to:
- name and surname
- date of birth
- phone number
- racial or ethnic origin
- data concerning health
- images of the CCTV system we have installed in the Municipality of Kyrenia premises
For employees and associates (in addition to the above) we collect, hold, process and share information that may include but is not restricted to:
- Social Security Number
- Bank account number
- Academic and work experience
How the law lets us use your personal information
There are a number of legal reasons why we need to collect and use your personal information.
For example, we may collect and use personal information where:
- it is necessary to perform our public tasks
- it is required by law
- you have entered into a contract with us
- you have given your consent (or explicit consent)
- it is necessary for employment purposes
- you have made your information publicly available
- it is to the benefit of society as a whole
- it is necessary for archiving, research, or statistical purposes
- it is necessary for legal cases.
If you have provided us with your consent to use your personal information, you can withdraw your consent at any time by contacting us.
How we use your personal information
Municipality of Kyrenia is the Controller for any personal information which we have collected.
When we ask you to provide information, we will tell you what this data will be used for and we will give you the option to choose if you would like us to send you information about what we do.
We collect information about how you use https://kyreniamunicipality.com. We do this to help make sure the site is meeting the needs of its users and to help us make improvements, for example improving site search.
For example we may need to use certain personal information about you to:
- communicate with you for future events and important issues;
- provide Municipality services;
- carry out consultations and surveys;
- help investigate any worries or complaints;
- send you our yearly periodical issue free of charge;
- publish information and images from our events on our website and periodical issues;
- maintain or correct our citizens archive;
- make or defend legal claims and other legal purposes;
- carry out corporate administration and all activities we are required to carry out as controller of personal data and as a public authority;
- manage archived records for historical and research reasons;
- carry out any other purposes in order for us to carry out our public functions, as long as this is necessary, lawful and appropriate in the circumstances
- allow the carrying out of technical maintenance, security and support of council ICT systems.
Protecting your personal information
Your trust is very important to us and we are strongly committed to keeping your personal data safe. We will take all necessary measures to ensure your personal information is properly protected and secured. This includes having appropriate technical and organisational arrangements to secure your information.
How we share your information
We will not:
- sell or rent your data to third parties
- share your data with third parties for marketing purposes
Who do we share your personal information with?
We ensure that staff within the Municipality can only access the information they need to do their job.
Associates under Data Protection Agreements:
We have data protection arrangements in place with associates who we work with and if we need to share certain personal information, the information is shared for a specific purpose. Associates must only use that information to carry out that specific purpose, and keep your data safe and secure.
We will not sell or give your personal information to a third party for marketing purposes.
Take in consideration that we might be required disclosing your personal information under the law.
By law you have rights over how your data is collected, processed and stored. These are:
- the right to be informed about how we use your personal information
- the right to ask for access to the personal information we hold about you
- the right to ask that your personal information is given to you, or another service provider of your choice, in a commonly used format
- the right to ask us to stop using or to delete your information
- to right to ask us to limit what we use your personal information for
- the right to ask us to change personal information you think is wrong
- the right to withdraw consent you have previously given us to use your personal information
- the right to object to automated decision making and profiling where this is used.
The rights above are not absolute. See Articles 15-21 of the GDPR.
You can exercise any one and all of your rights by submitting a Subject’s Rights Request Form that is provided by the Data Protection Officer and mailed to: Mrs. Georgia Charalambidou, Markou Drakou 8, 1102 Nicosia
Or electronically to the Data Protection Officer at [email protected]
If you have questions about the way we are collecting or using your personal information, please contact: [email protected]
Commissioner for the Protection of Personal Data
The public authority responsible for personal data protection in Cyprus is the Commissioner for the Protection of Personal Data.
Postal address: Iasonos 1, 1082 Nicosia, Cyprus
P.O.Box 23378, 1682 Nicosia, Cyprus
Tel: +357 22818456
Fax: +357 22304565
Email: [email protected]