PRIVACY POLICY

Your privacy is important to us!

Please take some time to read this Privacy Policy (hereinafter called “the Policy”) and find out how IMH CSC Ltd, collects, uses and generally processes your personal data when you visit or use its websites and social media pages.

IMH CSC Ltd, hereinafter “we”, “us”, “our” or the “Company”, is committed to privacy and secure processing of the personal data it maintains for its customer and collaborators, in an open and transparent manner.

It is also committed to the collection and processing of this personal data in full compliance with the General Regulation on the Protection of Personal Data of the European Union (Regulation 2016/679) (hereafter referred to as "the Regulation" and/or “GDPR”) and the legislation in force in Cyprus, providing for the Protection of Natural Persons with regard to the Processing of Personal Data and for the Free Movement of such Data of 2018 (Law 125(I)/2018), that governs the collection and processing of Personal Data of Individuals.

Thus, we have developed this Privacy Policy that governs the collection, use, disclosure, transfer and storage of personal data. Please read our privacy practices carefully to understand our policies regarding your data and how we will treat them and do not hesitate to contact us for any questions.

IMH CSC Ltd offers a wide range of services creating a rich portfolio of online news and other media services:

www.imhbusiness.com: IMH is a leading Corporate Events and Media organization. Through the website, you can be informed on IMH services which include the organization of conferences, summits, client events, exhibitions, business and mainstream media. Newsletter service is also supported.

www.inbusinessnews.com: The website offers comprehensive information on all sectors of the economy and on what is happening in the business world. Newsletter service is also supported.

www.cbn.com: CBN is the only English-language international investment, finance & professional services published media in Cyprus.

www.reporter.com.cy: is a news portal dedicated to providing informed and independent journalism to the audience, delivering the latest local and international news and headlines, with continuous updates on politics, economy, sports. The website also offers daily newsletter service.

www.superfmradio.com: the website of one of the most popular radio stations in Cyprus which offers continuous live shoes and entertainment

www.techcareerfair.com: a website promoting the Tech Career Fair, a major event and the first of its kind, and one which aims to help Cyprus by re-orienting its talent towards technology.

www.cyprusfundssummit.com: the dedicated website for the promotion of the annual International Funds Summit

www.cyprusfamtrip.com: A specialised website promoting the annual Real Estate and Property Fam Trip event.

www.israelinvestmentsummit.com: the website promotes the annual Israel Investment Summit.

www.inbawards.com: The online platform is dedicated to facilitate the voting platform for the annual INBusiness Awards

www.gaeaproject.com: The website offers information regarding the EU-funded project Gaea.

www.demetra-project.com: A website offering information regarding the EU-funded project Demetra.

Under the Regulation, IMH CSC Ltd may be operating as the Data Controller or Data Processor for all the personal data it maintains and processes.

As a Data Controller, IMH CSC Ltd in certain cases is allowed to collect, maintain and process the personal data of all customers and collaborators.

As a Data Processor, IMH CSC Ltd will process personal data as per the means and purposes defined by the Data Controller. We collect information under the direction of the Data Controller and have no direct relationship with the individuals whose personal data we process inn connection with the use of our Services.

If you are an individual who interacts with a customer using our Services, that customer is the Data Controller of your personal data and you should contact them directly for assistance with any requests or inquires to your personal data.

This Privacy Policy applies to Data we collect:

• directly from you when we collaborate, or you use our Services
• directly from you when you register to our newsletter and /or push notification alerts
• through third parties in the standard course of the business we do in order to provide you with the service you requested
• through our collaborators in the standard course of the business we do in order to provide you with services our Collaborator has requested
• through our websites, such as through cookies or by using the Contact us to communicate with us
• through our Social Media accounts
• through our newsletters

Sometimes our websites may contain links to third party websites and services, which are not controlled by us. These sites have their own privacy policies and in no case IMH CSC Ltd lies responsible for the Terms of Protection of the Personal Data of the visitors / users that these sites follow.

We collect and use several types of data, including Data by which subjects may be identified ("Personal Data" means any Data relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person).

Such data might include your first and last name, identity number, e-mail address, address and post code, contact number, education details and training records, employment data, financial and/or banking data, photographs and videos, as well as other Data related to cookies, online identifiers, demographics and other (online) contact Data, always in regards to the relationship we have with you.

Further to other media of collection, we collect and use Data, on or through our Websites and/or Social Media Accounts, including:

• Data that you provide by filling in forms, in particular at the time of first contact with us.
• Data when you fill in a participation form for an event / conference / seminar we organise.
• Data when you enter a contest or promotion sponsored by us, and when you report a problem with our Websites.
• Employment data when you contact us through email for an employment opportunity.
• Records and copies of your correspondence (including e-mail addresses).

Our Services may include social media features, such as the Facebook “Like” button and widgets, and the “Share” button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our site. Your interactions with these features are governed by the privacy policy of the providing company.

In general, we might process your personal data for the following purposes:

• Communication with you in respond to your requests, complaints and enquiries;
• Provision of services in order to provide you data, products or services that you request from us;
• Provide you with our newsletters subject to your subscription to our Newsletter services;
• Send you push notifications following your consent;
• To manage your account, to provide you with customer support, notices about your account and information about changes and/or updates to any products or services we offer to you;
• Following explicit consent to communicate with you about products or services that may be of interest to you
• To manage your account, to provide you with customer support, notices about your account and information about changes and/or updates to any products or services we offer to you;
• Detection, prevention and response to actual or potential fraud, illegal activities, or intellectual property infringement;
• To enforce our Terms and Conditions and to comply with our legal obligations as these derive from the applicable laws or our regulators;
• for any other purpose with your consent;
• Communication in respond to your application or inquiry for an employment opportunity.

We do not share your Personal Data with third parties except as indicated below:

• Affiliates. We share Personal Data with our subsidiaries and affiliates to the extent this is necessary for the purposes of provision of services, customer management, customization of content, advertising (if you have consented), security and compliance, or to the extent you have provided your consent.
• Service providers. To our authorized service providers that perform certain services on our behalf, including for purposes of provision of the services you requested from us, customer management and security. These service providers may have access to Personal Data needed to perform their functions but are not permitted to share or use such data for any other purposes. We have taken all reasonable steps to ensure that they comply with the current data protection regulations.
• Legal successors. To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal Data held by is among the assets transferred. Should such a sale or transfer occur, we will use reasonable efforts to try to ensure that the entity to which we transfer your personal Data uses it in a manner that is consistent with this privacy policy.

We also disclose your Personal Data to other third parties, including official authorities, courts, or other public bodies:

• In response to a subpoena or similar investigative demand, a court order or other judicial or administrative order, or a request for cooperation from a law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; to comply with applicable law or cooperate with law enforcement, government or regulatory agencies; or to enforce our Website Terms and Conditions or other agreements or policies; or as otherwise required by law (including responding to any government or regulatory request). In such cases, we may raise or waive any legal objection or right available to us, in our sole discretion.
• To the extent a disclosure is necessary in connection with efforts to investigate, prevent, report or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of our Company, our users, our employees, or others; to maintain and protect the security and integrity of our Website or infrastructure.

We may disclose aggregated Data about subjects, and Data that does not identify any individual, without restriction. In particular, we may transfer non-Personal Data and process it outside your country of residence. We may combine non-Personal Data we collect with additional non-Personal Data collected from other sources. We also may share aggregated Data with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis.

The Data that we collect about you, including Personal Data, is safely stored and processed in Cyprus and/or in remote cases in Countries within the European Economic Area (EEA).

In case we need to disclose personal data to a third party in another country outside the European Economic Area (EEA), rest assure we put safeguards in place to ensure your personal data remains protected.

European Economic Area (EEA) users: This means that your information may be transferred outside of the EEA. Where your personal information is transferred outside the EEA, it will only be transferred to countries that have been deemed to provide adequate protection for EEA information, or to a third party where we have approved transfer mechanisms in place to protect your personal information – i.e., by entering into the European Commission’s Standard Contractual Clauses (SCCs).

The period for which we keep your Personal Data that is necessary for compliance and legal enforcement purposes varies and depend on the nature of our legal obligations and claims in the individual case.

To the extent we have collected your Personal Data for the purposes mentioned in Section 5, we keep your Personal Data for as long as you have an active relationship with us, as needed to provide you with our respective services and in compliance with relevant laws of Cyprus. For further Data regarding specific retention period please contact us at dpo@imhbusiness.com or 22505555.

There are different legal bases that we rely on to collect, use and disclose your Personal Data, namely:

• Consent: We will rely on your consent to use (i) your Personal Data for marketing and advertising purposes; (ii) your Personal Data for other purposes when we ask for your consent and for which the purpose of the process does not relate to the services, we offer to you.
• Performance of contract: The use of your Personal Data for purposes of providing the services, customer management and functionality and security as described above is necessary to perform the services provided to you under our term and conditions and any other contract that you have with us.
• Compliance with legal obligation: We are permitted to use your Personal Data to the extent this is required to comply with a legal obligation to which we are subject.
• Protection of your vital interests: The processing of your Personal Data is necessary to protect your vital interests, if you are physically or legally incapable of giving consent.
• Protection of our legitimate interests: The processing of your Personal Data is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where suck interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data, in particular where the data subject is a child.

We take appropriate security technical and organizational measures (including physical, electronic and procedural measures) to safeguard your Personal Data from unauthorized access, unlawful use, intervention, modification or disclosure under the requirements of the Regulation. For example, only authorized employees are permitted to access Personal Data, and they may do so only for permitted business functions. In addition, we have trained our employees on how to handle, manage and process personal data, applied upgraded technical measures and transformed our policies and procedures in a way that will comply with the General Data Protection Regulation.

We reserve the right to use automated decision-making in the following cases: When deemed necessary to provide services to you, with your written, express consent, and if the appropriate measures have been taken to safeguard your rights.

We strive to provide you with choices regarding the Personal Data you provide us.

You can choose not to provide us with certain Personal Data, but that may result in you being unable to use certain services.

When you collaborate with us, you may be given a choice as to whether you want to receive email messages, newsletters or advertising material about our services, improvements, performance, special offers, or containing special distributions of content by us. If consented yet later on you decide you no longer want to receive commercial or promotional emails or newsletters from us, you will need to avail yourself of the unsubscribe mechanism set out in the applicable communication or submit to us your request through email. It may take up to thirty days for us to process an opt-out request.

If you provided Personal Data, you may terminate your relationship with us at any time as per the provision of the between us agreement or engagement. If you choose to do so, your Personal Data will be deleted in accordance with our retention policy.

Subject to the provisions of the General Data Protection Regulation, you have the following rights in regard to your Personal Data: (Please note, these rights are not absolute and in some cases, they are subjected to conditions as defined by law)

1. Right of Access – You have the right to access your own Personal Data, as well as the right to request a copy of your personal data that is maintained and processed by our Company.
2. Right of Rectification - You have the right to request the correction of any incomplete and / or inaccurate Personal Data we hold for you.
3. Right to Erasure - You have the right to request the deletion of Personal Data only if one of the following reasons is true:

(i) Personal Data are no longer necessary in relation to the purposes for which they were collected or processed.

(ii) If the processing is based on your consent and you have withdrawn this consent (on which processing is based) in accordance with Articles 6.1.a and 9.2.a of the Regulation and if no other legal basis, for processing, applies.

(iii) If you object to processing in accordance with Article 21.1 of the Regulation and there are no compelling and legitimate reasons for processing.

(iv) If Personal Data have been processed illegally.

(v) If Personal Data should be deleted in compliance with a legal obligation under Union law to which our Company is subject to.

(vi) If the personal data have been collected in relation to the provision of referred to in Article 8.1 of the Regulation.

1. Right to Object - You have the right to oppose the processing of your Personal Data at any time and for reasons related to a specific situation, unless there are compelling legitimate reasons for processing that override your interests, rights and freedoms.
2. Right to Restriction of Processing - You reserve the right to request the restriction of processing on your Personal Data so that we may no longer process the specific Data until the restriction is lifted (for example, the data have been corrected).
3. Right to Data Portability - You have the right to request the transfer of your personal data, that you have provided to our Company. These data will be given to you in a format that is structured, widely used and machine readable and, in certain cases you may also have the right to request for us to send the Data to another organization, provided that such a transfer is technically feasible.
4. Right to Object and Automated Individual Decision-Making (Including Profiling) - You have the right to request that we do not make any decision, regarding you, solely on the basis of automated processing, including profiling, only in the case that this decision has legal or significant consequences on you.

In addition to the rights listed above, you have rights to:

Updating your Personal Information via our Services: You may access, change, or correct information about you by logging into your account(s) at any time or by making a request to us using the contact details below, in which case we may need to verify your identity before granting access or otherwise changing or correcting your information.

Account Information and Deactivating your Account(s): If you wish to deactivate your account(s), you may do so by emailing us using the contact details provided in this Privacy Policy.

Opting out of Promotional Communications: You may opt out of receiving promotional communications by IMH CSC Ltd by using the unsubscribe link within each email or by contacting us via our home page(s) or dpo@omhbusiness.com email. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding Services (e.g., account verification, purchase and billing confirmations and reminders, technical and security notices).

If you have any questions in regard to the kind of personal data we hold for you, or if you want to exercise any of your personal data rights, please send a written request to the email dpo@imhbusiness.com or to the postal address provided at the bottom of this Privacy Policy. However, we reserve the right to reject any requests for access or for imposing restrictions or other claims if required or permitted by the law.

Our websites are not directed to individuals under 16 years of age (for Cyprus citizens is under 16 years of age (for Cyprus citizens is under 14 years). We do not knowingly collect personal information from children. If we become aware that a child under the specified age has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact us at the contact details listed below.

IMH CSC Ltd through its websites and social media pages may publish personal data as part of its journalistic purposes, pursuant to Art. 85 of the GDPR, for the freedom of expression and information, including processing of journalistic purposes and the purposes of academic, artistic or literary expression.

We have adopted technical, administrative and physical procedures to collect, manage, maintain and store information in a manner designed to help protect your information from loss, misuse, unauthorised access, and alteration. Unfortunately, no security system is impenetrable and due to the inherent nature of the Internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers.

We may modify or revise our Privacy Policy from time to time. Although we may attempt to notify you when major changes are made to this Privacy Policy, you are expected to periodically review the most up-to-date version found at our website https://www.imhbusiness.com/ so you are aware of any changes, as they are binding on you.

If we change anything in our Privacy Policy, the date of change will be reflected in the “last modified date” below. You agree that you will periodically review this Privacy Policy and refresh the page when doing so. You agree to note the date of the last revision to our Privacy Policy. If the “Last Modified” date is unchanged from the last time you reviewed our Privacy Policy, then it is unchanged. On the other hand, if the date has changed, then there have been changes, and you agree to re-review our privacy policy, and you agree to the new ones. By continuing to use the Website(s), subsequent to us making available an amended version of our privacy policy in a way that you can easily take notice of it, you thereby consent to such amendment.

This Privacy Policy does not create rights enforceable by third parties or require disclosure of any Personal Data relating to users of the Website.

We do not guarantee error-free performance under this privacy policy. We will use reasonable efforts to comply with this Privacy Policy and will take prompt corrective action when we learn of any failure to comply with our privacy policy. We shall not be liable for any incidental, consequential or punitive damages relating to this privacy policy.

Last Modified date: 30 January 2023