Privacy Policy of Constantinos Markou & Co Ltd


This Privacy Statement describes when and what personal data we gather about you, how we use such personal data, and who we give such personal data to. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection. It also sets out your rights in relation to your personal data and who you can contact for more information or queries.

Who we are

We are strongly committed to protecting personal data, and this privacy statement details our approach on such issues. We refer to Constantinos Markou & Co Ltd (CMarkou&Co), the limited liability company registered in the Republic of Cyprus under registration no. HE401879 and with its registered address at 365 Agiou Andreou Street, Efstathiou Court, Office 201, 2nd Floor, 3035 Limassol, Cyprus that: (1) is a contracting party for the purposes of providing or receiving services, (2) posted a position for which you are applying, or (3) you have a role or relationship with ( “CMarkou&Co”, “us”, “our” or “we”). 

Personal data includes any information relating to an identified or identifiable living person.  CMarkou&Co processes personal data for numerous purposes, and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ. Please refer to the various provisions of this privacy statement for specific information on particular processing activities. 

Our role as Data Controller

CMarkou&Co is the data controller of any personal data collected by you. This means that CMarkou&Co is responsible for deciding how we hold and use personal information about you. We will process such data in accordance with the provisions of applicable Data Protection law. If you have any question regarding this privacy statement or how and why we process your data, please contact us at:

Data Protection Officer

Constantinos Markou & Co Ltd

365 Agiou Andreou Street, Efstathiou Court, Office 201, 2nd Floor, 3035 Limassol, Cyprus


Phone: +357 25258609

Collection of personal data

When collecting and using personal data, our policy is to be transparent about why and how we process personal data. To find out more about our specific processing activities, please refer to the relevant sections of this statement.


We have implemented generally accepted standards of technology and operational security in order to protect personally identifiable data and information from loss, misuse, alteration or destruction. In particular, we ensure that all appropriate confidentiality obligations and technical and organisational security measures are in place to prevent any unauthorised or unlawful disclosure or processing of such information and data and the accidental loss or destruction of or damage to such information and data.

Transfer to third parties

We do not share personal data with unaffiliated third parties except as necessary for our legitimate professional and business needs, for the purpose of executing your instructions or requests and/or as required or permitted by applicable legislation, professional standards or any applicable agreement between us.  When we share data with others, we may, whenever required, put contractual arrangements in place to protect the data and to comply with our data protection, confidentiality and security standards.

In common with other professional service providers, we use third parties located in other countries to help us run our business.  As a result, personal data may be transferred outside the countries where we and our clients are located.  This includes to countries outside the European Union (“EU”) and to countries that do not have laws that provide specific protection for personal data.   We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EU are done lawfully.  Where we transfer personal data outside of the EU to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will be under an agreement which covers the EU requirements for the transfer of personal data outside the EU, such as the European Commission approved standard contractual clauses.  The European Commission approved standard contractual clauses are available here.

Personal data held by us may be transferred to the following categories of persons:

Third party organisations

We use third party organisations to support us in providing services and process data on CMarkou&Co’s behalf, including providers of information technology, cloud based software as a service provider, identity management, website hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.

Law enforcement, governmental or regulatory authorities or to other third parties as required by, and in accordance with, applicable law or regulation

We may also disclose personal data to respond to requests of the courts, governmental authorities or where it is necessary or prudent for compliance with applicable legislation, for criminal investigations or security purposes, for establishing, exercising or defending legal rights

Individual’s rights and how to exercise them

Individuals have certain rights over their personal data and data controllers are responsible for fulfilling these rights.  Where we decide how and why personal data is processed, we are a data controller and include further information about the rights that individuals have and how to exercise them below.

Access to personal data

You have a right of access to personal data held by us as a data controller.  This right may be exercised by emailing us at We may charge for a request for access in accordance with applicable law.  We will aim to respond to any requests for information promptly and in any event within the legally required time limits (currently 30 days).

Amendment of personal data

When we keep personal data submitted to us, we do not assume responsibility for verifying the ongoing accuracy of the content of personal information. When practically possible, if CMarkou&Co is informed that any personal data processed by us is no longer accurate, we will make any appropriate corrections based on your updated information. If you would like to update any personal data you have submitted through this site, please do so via the original registration page or please email us at

Unsubscribe/Withdrawal of consent

Where we process personal data based on consent, individuals have a right to withdraw consent at any time.  We do not generally process personal data based on consent (as we can usually rely on another legal basis). Should visitors subsequently choose to unsubscribe from mailing lists or any registrations, we will provide instructions, on the appropriate webpage or in communications to our visitors, or a visitor may contact by email to

Additional Rights

You have the right to request the erasure of your personal data under the following circumstances and we shall endeavor to accommodate such request whenever feasible:            

  • Where your personal data is no longer necessary in relation to the specific purpose for which it was originally collected;
  • Where your consent is withdrawn (if such consent was used as a legal basis);
  • Where you object to the processing and there is no overriding legitimate interest for continuing the processing;
  • Where such erasure is necessary for compliance with a legal obligation.

You have the right to restrict processing. In the event that you choose to exercise this right, and provided that such request may not be overridden on legitimate grounds, we shall retain your data but restrict processing.

You have a right to data portability allowing you to obtain and reuse your personal data for your own purposes across different services.

Based on your right to object you have the right to object to processing based on legitimate interests or the performance of a task in the public interest and direct marketing.

If you wish to exercise any of the rights, please send an email to

Data retention

The personal data you submit to us will only be retained for as long as is required for the purposes for which it was collected and as required by applicable law, our internal policies, our contractual relationship with you (if applicable) and the legitimate interests of the parties as more specifically stated in the specific processing activities.


We understand the importance of protecting children’s privacy, especially in an online environment. The websites covered by this Privacy statement are not intentionally designed for or directed at children, and all users should be above the age of majority in their local country.  We adhere to laws regarding marketing to children. We will not knowingly collect or maintain personal information about individuals under the age of 14, except as part of an engagement to provide professional services and only following the express consent of their legal guardian or parent.


If you have any questions or complaints about this Privacy Statement or the way we process your personal data, or would like to exercise one of your rights set out above please send an email with the details of your complaint to

You also have a right to lodge a complaint with the Data Protection Commissioner (the Cyprus data protection regulator). For further information on your rights and how to complain to the Data Protection Commissioner please visit this page.


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.


If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Please see our Cookie Policy.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.