Keytree Limited (hereinafter “The Company” and/or “Keytree”) gather and process your personal information in accordance with this Privacy Policy (hereinafter the “Policy”) and in compliance with the General Data Protection Regulation (“GDPR”(EU) 2016/679), the Data Protection Act, the Privacy and Electronic Communications Regulations and in general with Cypriot law.

The Company has prepared this Policy in order to provide information to our past, current and potential customers, associates, employees, website users and in general any individual for whom we require personal information in order to provide and/or promote our services. This Policy provides you with the necessary information regarding your rights and obligations, and explains how, why and when we collect and process your personal data. Your privacy is important to us and we are committed to protecting and safeguarding your personal data and rights.

If you have any questions regarding this Policy or any request regarding personal data please contact us either by post at Keytree Ltd, 5 Esperidon, 4th Floor, 2001 Strovolos, Cyprus, or by email at info@keytreecy.com

Who we are

Keytree is a company developing a project consisting of a luxury Hotel Resort and a high-end hospital in the Municipality of Sotira of the Famagusta District. The Company is incorporated and registered under the laws of the Republic of Cyprus with registration number HE 372478. Its registered address is located at 5 Esperidon, 4th Floor, 2001 Strovolos, Cyprus.

Your Legal Protection

Subject to the provisions of the GDPR, you have certain rights regarding your personal data that we collect, process or disclose including the right:

• To receive access to your personal data (right to access).
• To rectify inaccurate personal data concerning you (right to data rectification).
• To request deletion/ erasure of your personal data (right to erasure/deletion and/or right to be forgotten).
• To receive the personal data provided by you in a structured, commonly used and machine-readable format and to transmit it to another data controller (right to data portability).
• To object to the use of your personal data where such use is based on our legitimate interests or on public interests (right to object).
• In some cases to request the restriction of processing your personal data (right to restriction of processing).
• To withdraw the consent that you might have given us regarding the processing of your personal data at any time. Please note that any withdrawal of consent will not affect the lawfulness of processing based on consent before it was withdrawn.

If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the relevant request. This is to ensure that your data is protected and kept secure. Please note, however, that we might be unable to comply with your request based on other lawful grounds, such as AML (anti-money laundering) legislation.

To exercise any of the above rights or for any questions regarding how we process your personal data please contact us either by post at Keytree Ltd, 5 Esperidon, 4th Floor, 2001 Strovolos, Cyprus, or by email at info@keytreecy.com.

Types of personal data processed by the Company

We collect and use several types of information, including information by which an individual may be personally identified and thus defined as personal data under the applicable law, concerning past, current and potential customers, associates, employees, website users and in general any individual for whom we require personal information in order to provide and/or to promote our services. Such personal data includes, but is not limited to, your first and last name, gender, marital status, address, contact details (e.g. telephone and email), identification data (e.g. passport, ID and your signature), date and place of birth, employment status, curriculum vitae, taxation and other related financial details and information, reference letters, information whether you hold or held a prominent public functions, correspondence (e.g. letters and emails) and any other personal information that you choose to provide us with.

How, why and when we collect and process your personal data?

Your personal data might be collected directly from you but also from third parties, such as representatives, agents and intermediaries, and publicly available sources.

Please also note that we monitor the traffic of our website through the use of cookies and similar tracking devices. For example, we may monitor how many times you visit, which pages you go to, location data and the originating domain name of a user’s internet service provider, however, this data will be aggregated or statistical, therefore, we will not be able to identify you individually.

We collect and process your personal data:

• For the purposes of establishing a business relationship with you in order to provide our services and products.
• Because it might be necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract.
• To manage and to provide you with the requested services and/or products.
• Because it might be necessary for compliance with a legal obligation to which we are subject.
• Because you have freely given us your consent to process your personal data.
• Because it might be necessary in order to protect your vital interests or of another individual.
• For the purposes of legitimate interests pursued by us except where such interests are overridden by your fundamental rights and freedoms which require protection of your personal data.
• To provide you with information about our services and products and/or with news which we have reasons to believe that you are interested in.
• For any other purpose we may describe when you provide the information.

Disclosure of Personal Data

In the course of performing our business we may disclose your personal data to various departments within our Company and/or to our affiliated companies and employees and/or to our authorized service providers and their employees to whom we may have delegated part of the services that you have requested from us.

Furthermore, under certain circumstances, the following third parties may also be the recipients of your personal data:

• Supervisory and other regulatory and public authorities, whereby a statutory obligation exists.
• Credit and financial institutions, lawyers, accountants and any other third party provided that you have specifically instructed us to do so and/or have given us your consent.
• Any third party according to a court order.

Data Storage

Your personal data will be stored and processed in Cyprus and/or in the countries in which our online storage services are located for a period that will not exceed 10 years from the date of termination/completion of the purposes for which it was collected. Please note that personal data processed for the purposes of sending newsletters shall be kept with us until you notify us that you no longer wish your personal data to be used for this purpose

Notwithstanding the above, the above-mentioned period may be extended in certain cases to pursue our legitimate interests, to enable us to use the data for defending potential legal claims or to comply with Anti-Money Laundering, Anti-Bribery/Corruption and Tax laws and regulations.

In an effort to minimize the non-public personal data we collect which may identify you, we anonymize the data in the cases where it is no longer necessary to identify you from the data we hold.

Security

We implement every reasonable measure and precaution to ensure the security of your personal data and to protect it from unauthorized access, loss, theft, copying, unauthorized disclosure, alteration or destruction. Such measures include the training of our staff to comply with the GDPR, password enabled terminals, storing data on secure servers and physical security of our premises.

No error performance

We do not guarantee error-free performance under this Privacy Policy. We will use all reasonable efforts to comply with this Privacy Policy and will take immediate rectification actions when we identify any breach, nevertheless, we shall not be liable for any incidental, consequential or punitive damages relating to a breach of this Privacy Policy.

Changes to our privacy policy

This Privacy Policy was last updated on the 8th of September 2023.
We reserve the right to modify or update the contents of this Privacy Policy from time to time, therefore, please visit our website periodically to be updated about any changes.

Complaints

We only process your personal data in compliance with this Policy and in accordance with the relevant data protection laws. If, however you wish to raise a complaint regarding the processing of your personal data or are unsatisfied with how we have handled your information, please contact us either by post at Keytree Ltd, 5 Esperidon, 4th Floor, 2001 Strovolos, Cyprus, or by email at info@keytreecy.com.
Complaints may also be lodged with the supervisory authority in Cyprus by post at “Office of the Commissioner for Personal Data Protection, 1 Iasonos Street, 1082 Nicosia, Cyprus”. For more information, please visit their website (www.dataprotection.gov.cy)