Welcome to the Cyprus Payroll Management Association (“CPMA”). CPMA was founded during the end of the year 2019 by recognized professionals in the field of Payroll Management, such as taxation, law, social security, human resources and more. Our main objectives are the study and research in this field and also the constant training of our members in the field of Payroll Management.

Our privacy policy aims to inform you about the collection and the use of personal data that you provide to us. CPMA adopts and applies this privacy policy as the Data Controller of personal data in full compliance with the provisions of the General Data Protection Regulation (EU)2016/679(“GDPR”).

i. The information we collect and hold may include:

For the purposes of conducting managing CPMA and within the harmonization of CPMA with the GDPR, we collect the following types of data:

a) Contact Details (such as name, surname, home address, e-mail address, phone number, and occupation)
b) Personal Information stated in your Identity Card/Passport (such as date of birth, citizenship, identity card number, passport number)
c) Banking Information you provide us for the payment of your subscription,
d) Information collected through our website, through the use of cookies, such as browser type, language preference, referring site, and date and time of access on our website

ii. We collect and use your information under the following lawful basis:

a) when we obtain your consent;
b) where it is necessary to execute an agreement or a service;
c) where it is necessary for compliance with a legal obligation;
d) where it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
e) where it is justified for the protection of the legitimate interest of CPMA.

iii. Storage of Personal Data

Your Personal Data are securely processed and stored by CPMA, solely for the purposes that they are collected for and only for the time period required to fulfill those purposes, subject to the circumstances where required by legal or regulatory obligations and by the current legislation. For more information about the exact retention period of your personal data we kindly request to contact CPMA.

iv. Disclosure of Personal Data:

Your personal Data are not disclosed to third parties except in circumstances in which disclosure is authorized by the law, or when disclosure is required by the law in order to provide a third party with your Personal Data.

Instances in which disclosure is lawful comprise of the following:

Disclosure of Personal Information to third parties in a good-faith belief that such disclosure is reasonably necessary to:

1. take action regarding suspected illegal activities;
2. comply with the law or legal process, such as a search warrant, subpoena or court order; or
3. protect our rights, reputation, and property, or that of our users or the public

In any case, unless prohibited by the law, if we have your contact details we will notify you in the event of disclosure.

v. Under the GDPR you have the following rights:

a) The right to be informed: you have the right to be informed by anyone processing your personal data about what information they are processing, why, and with who the data may be shared,
b) The right of access: the right to know what data is held about you by CPMA;
c) The right of rectification: the right to have your data corrected or amended if the information held is incorrect in a way;
d) The right to erasure: under certain circumstances you can ask the deletion of your personal data. This right is also called “the Right to be Forgotten”. The Right to be Forgotten is not absolute. It would however apply if the personal data is no longer required for the purposes it was collected for, or your consent for the processing of that data has been withdrawn, or the personal data has been unlawfully processed.
e) The right to restrict processing: the right to ask for a temporary halt to processing of personal data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
f) The right to data portability: the right to ask for any data supplied directly to the Data Controller by him or her, to be provided in a structured, commonly used, and machine-readable format.
g) The right to object: the right to object to further processing of your data which is inconsistent with the primary purpose for which it was collected, including profiling, automation and direct marketing.
h) Rights in relation to automated decision making and profiling: the right not to object to a decision based solely on automated processing.

As a Data Subject, if you have a concern about the way we collect or use your personal information, you may contact us directly and discuss the matter. Should you feel that our discussion did not help your concern you have the right to make a complaint directly to the supervisory authority in Cyprus, the Commissioner’s Office for the Protection of Personal Data. To submit a complaint the respective form must be submitted via email at commissioner@dataprotection.gov.cy or via post to the address 1 Iasonos str. 1082, Nicosia, Cyprus.

For further information or queries regarding our Privacy Policy or Data Privacy and Data protection please contact us.

Our Contact Information:

Registered Address:
Theotoki 6,
1055, Nicosia, Cyprus
Email: payroll@cpma.org.cy

Amendments to our Privacy Policy

CPMA retains the right to review and make amendments on its Privacy Policy when it deems it necessary. Therefore, data subjects are advised to periodically revise this Privacy Policy to ensure that you remain informed about the method of protection of your Personal Data which we collect.