Privacy Policy

ΑρχικήPrivacy Policy

Introduction

Welcome to the  AMG Mylonas & Associates LLC  privacy policy.

AMG Mylonas & Associates LLC respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

This Privacy Notice sets out how AMG Mylonas & Associates LLC (the “Firm”) processes data, whether on individuals (including personal data in respect of individuals who are clients, intermediaries or other third parties that the Firm interacts with, or any individual who is connected to those parties) or otherwise. Where the data held are on individuals, this document also sets out the rights of those individuals in respect of that personal data.

This Privacy Notice has been prepared in accordance with the provisions of the EU General Data Protection Regulation (“GDPR”).

Any questions relating to this Privacy Notice or requests in respect of personal data should be directed to our Data Protection Officer (DPO) at [email protected]

Purpose of this privacy policy

This privacy policy aims to give you information on how AMG Mylonas & Associates LLC collects and processes your personal data through your use of this website, including any data you may provide through this website.

This website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.

What data do we hold?

The Firm processes data in the context of providing legal and other services to its clients. The categories of data it may collect and process, according to the particulars of each case, include:

  • contact details (including names, postal addresses, email addresses and telephone numbers);
  • information required by the Firm to meet legal and regulatory requirements, in particular in respect of anti-money laundering legislation, including information on source of funds and source of wealth;
  • information provided in the course of the provision of legal and other services (for example, information on professional relationships and background, financial wealth and assets held, transactions entered into, tax status, disputes and court proceedings engaged in);
  • financial information, such as payment related information;
  • meetings attended and visits to our offices;
  • any other information you may provide to the Firm.
  • Technical Data includes [internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website].
  • Profile Data includes [your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses].
  • Usage Data includes [information about how you use our website, products, and services].
  • Marketing and Communications Data includes [your preferences in receiving marketing from us and our third parties and your communication preferences].

Important notice on Special Category Data

In certain instances, the personal data that the Firm processes may include “Special Category Data” (which includes information on a person’s race, ethnic origin, political opinions, religious or philosophical  beliefs,  trade  union  membership,  genetic  or  biometric  data  processed  for  the

purpose of uniquely identifying a natural person, health data, data on a person’s sex life or sexual orientation or data relating to a person’s criminal record or alleged criminal activity). In such instances, legal bases for processing that data may include explicit consent (where the Special Category Data has been provided to the Firm by the data subject for any of the above-listed purposes) or the processing is being necessary for compliance with a legal obligation or for the purposes of legal proceedings or legal advice.

Why do we need them?

The Firm ensures that the data collected and processed is relevant to one or more processing activities and that the Firm does not collect or process more or less data than what is reasonably required for achieving the purpose of each processing activity. Furthermore, for each purpose of processing, there is always at least one lawful basis to secure that the rights of individuals are safeguarded by all means. The purposes of processing and the lawful basis of each processing activity are the following:

Purpose Lawful basis of processing
To   enter   into   client   relationship   and   for providing the services of the Firm In cases where an individual has been provided with this Privacy Notice and provides personal data thereafter, the processing may be carried out on the basis of consent. Consent may be withdrawn at any time by writing to [email protected]
It is in the legitimate interests of the Firm as a provider of legal services to collect and process certain personal data in the context of providing those services
The processing is necessary for legal proceedings, to provide legal advice or to establish, exercise or defend legal rights
To perform and fulfill the contract with the individual for the provision of legal services
For  identity  verification  and  record  and  for maintaining lists for correspondence Processing is necessary for compliance with a legal obligation to which the Firm is subject
To ensure the security of the Firm’s system, staff and   premises   (including   the   use   of   CCTV equipment in the public areas of the premises) It is in the legitimate interests of the Firm to protect its business environment, staff and premises from being misused or victimized in any way and to ensure that business operations run smoothly without unauthorized interruption
By entering the Firm’s premises, any individual automatically consents to the use of CCTV for monitoring purposes and to abide by the internal health and safety procedures of the Firm
To   meet   all   legal,   regulatory   and   ethical obligations applicable to the Firm Processing is necessary for compliance with a legal obligation to which the Firm is subject or for the exercise of functions of public authorities
It is in the legitimate interests of the Firm as a provider of legal services to process data to the extent necessary to ensure that it meets all legal, regulatory and ethical obligations applicable to the Firm
For  the  purposes  of  internal  know-how  and training It is in the legitimate interests of the Firm as a provider of  legal  services  to  process  data  for internal know how and staff training.
To   follow   up   on  comments,   enquiries   and complaints In cases where an individual has been provided with this Privacy Notice and provides personal data thereafter, the processing may be carried out on the basis of consent. Consent may be withdrawn at any time by writing to [email protected]
It is in the legitimate interests of the Firm as a provider of legal services to collect and process certain personal data to enable it follow up on comments, enquiries and complains in order to enhance client/user experience with the services of the Firm
To perform and fulfill the contract with the individual for the provision of legal services
To promote, improve and further the provision of the Firm’s services In cases where an individual has been provided with this Privacy Notice and provides personal data thereafter, the processing may be carried out on the basis of consent. Consent may be withdrawn at any time by writing to [email protected]
It is in the legitimate interests of the Firm as a provider of legal services to collect and process certain personal data to enable it follow up on comments, enquiries and complains in order to enhance client/user experience with the services of the Firm
For marketing purposes including sending updates on important legal developments and news about the Firm’s work and invitations to educational seminars and events In cases where an individual has been provided with this Privacy Notice and provides personal data thereafter, the processing may be carried out on the basis of consent. Consent may be withdrawn at any time by writing to [email protected] or by unsubscribing by following the appropriate procedure which can be found in the relevant marketing material (e.g. by selecting the “unsubscribe” option in the email sent to you)
It is in the legitimate interests of the Firm as a provider of legal services to process personal data to communicate with persons on topics and events which may be of interest to those individuals
Any other purpose(s) which has been agreed by or notified to you

For further information on the use and storage of your data, please visit the Firm’s Data Protection Policy at www.mylonas.law

Sources and Recipients of data

The sources of data may include clients, intermediaries, data subjects directly, third parties connected to the data subject (for example, their employer or another service provider who provides services to the data subject) or open-source material.

Reasonable endeavours are made to ensure that data is only accessible by those with a need for access to fulfil the purposes set out above. Requests for access to be restricted in any particular manner should be made to [email protected] and will be considered and, where possible with reference to legal and regulatory obligations, actioned.

The following is a list of potential recipients of data (in each case including respective employees, directors and officers):

  • employees of the  Firm  who  are  acquainted  with  the  GDPR  and  have  signed  the  Firm’s

Confidentiality and Non-Disclosure Statement of the Firm;

  • other service providers (legal, governance or otherwise, including any bank or financial institution providing services in relation to any matter on which the Firm is instructed) where disclosure to that provider of services is considered necessary to fulfil the purposes set out above;
  • any sub-contractors, agents or service providers of the Firm;
  • courts or tribunals;
  • third parties with whom the Firm engages for the hosting of events or other marketing initiatives;
  • law enforcement agencies where considered necessary for the Firm to fulfil legal obligations applicable to it;
  • regulators or other governmental or supervisory bodies with a legal right to the material or a legitimate interest in any material;
  • any registrar of a public register where the data is to be included in a public registry.
  • Service providers who provide IT and system administration services.
  • Professional advisers including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services.
  • Regulators, and other authorities who require reporting of processing activities in certain circumstances.

Unless expressly declared in this Privacy Notice or with the prior consent of the individual, personal data collected from an individual will not be disclosed to any third party other than the above-named parties.

Where the Firm is entering into an engagement with a third party pursuant to which data may be processed by that third party, the Firm will seek to enter into an agreement with that third party setting out the respective obligations of each party and it will seek to be reasonably satisfied that the third party has measures in place equal to those of the Firm to protect data against unauthorised or accidental use, access, disclosure, damage, loss or destruction.

In the event that any such third party is outside of the European Union and where the data being transferred would include personal data which would be protected under applicable Data Protection regulation the Firm will ensure that it meets the relevant requirements of that Data Protection regulation prior to carrying out any such transfer. This may include only transferring the data where the Firm is satisfied that:

  • the non-European Union country has Data Protection laws similar to the laws in the European Union;
  • the recipient  has agreed through  contract to  protect  the information  in the same Data Protection standards as the European Union;
  • we have obtained consent from relevant data subjects to the transfer;
  • if transferred to the United States of America, the transfer will be to organizations that are part of the Privacy Shield.

Rights of Data subjects

Data subjects in the European Union (or any jurisdiction with equivalent legislation to the European Union General Data Protection Regulation) have certain rights in respect of their personal data. Any such data subject wishing to exercise any rights under applicable data protection laws (including the right to withdraw any consent to processing previously given; the right of access to data; or to have data corrected, updated, rectified or erased; or for access to data to be restricted or provided to any third party; or to object to any particular processing; or to lodge a complaint with the relevant supervisory authority; or the right o data portability) should send the request in the first instance to [email protected]

In response to such requests, the Firm reserves the right to require the individual making the request to provide certain details about himself/herself so that the Firm can validate that the individual is indeed the person whom the data refers to. The Firm is required to respond to the request of the

individual within 40 days and it will endeavour to do so wherever possible. The Firm reserves the right to charge a reasonable fee to cover any expenses that may arise from the request.

In any case in which a data subject chooses not to provide any personal data, or where any of the rights set out above are exercised to limit the processing of personal data, the Firm may be unable to provide relevant services, or there may be restrictions on the services which can be provided.

Retention of data

The Firm retains personal data in accordance with the Data Retention Policy. Any personal data provided to the Firm is retained according to the Firm’s ISO procedure IMS-01, Clause 4.0 Control of Records, to fulfil the purposes for which the data was collected. After the fulfilment of the purposes for which the personal data was collected, such data will be destroyed, and a Destruction Certificate will be retained in the Firm’s records, unless destruction is prohibited for legal, regulatory or technical reasons.

Any requests for further information in relation to the continued processing of specific data and requests for destruction of data should be made to [email protected]

For further information on the retention and destruction processes of the Firm, please visit the Firm’s Data Retention Policy at www.mylonas.law

Use of Personal Data in Legal Proceedings

If it becomes necessary that the Firm has to take action against you for any reason whatsoever, including but not limited to recovering from you any money you owe to the Firm, you expressly agree that the personal data provided by you can be relied upon in identifying and taking legal action against you.

Changes to this Privacy Notice

The Firm keeps this Privacy Notice under review in order to ensure that it is in line with any changes to the laws relating to privacy and personal data. Any updates will appear on the Firm’s website at www.mylonas.law

Complaints procedure

The Firm has a Data Protection Officer and all enquiries in respect of this Privacy Notice or any requests to exercise any of the rights set out above should be directed to the Data Protection Officer via [email protected]

Αφήστε μας να λύσουμε το πρόβλημά σας

Επικοινωνήστε μαζί μας