1. Data Protection at a glance
Data Collection on our Website
Who is responsible for the data collection on this website?
The data processing is carried out by the website operator, whose contact details can be found in the Legal Details section on this website.
How do we collect your data?
One way we collect your data is when you share personal information with us, for example by entering data in the contact form.
Other data is collected automatically by our IT systems when you visit this website. These are mostly technical data (for example, internet browser, operating system and time of the page request). The collection of this data happens automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure that the website is kept in good working order. Other data can be used to analyse your browser behaviour.
What rights do you have regarding your data?
You retain the right to obtain information, free of charge, about the origin, recipient and purpose of your stored personal data at any time. You also have the right to request correction, blocking or deletion of this data. For this purpose, and in case you have further questions about data protection, you can contact us at the address given in the Legal Details page at any time. Furthermore, you have the right to appeal to the responsible regulatory agency.
2. General and Mandatory Information
Please note that there are potential security gaps in data transmission over the internet (for example, communication via e-mail). Absolute protection of the data provided from access by third parties is therefore not possible.
Notes Regarding the Responsible Authority
The responsible Authority for the processing of data linked to this website is:
Privacy Management GroupLtd.
Lawyers | Chartered Accountants | Management Consultants
European Service Centre
61-63 Lord-Byron-Street, 5th Floor
6023 Larnaca, Cyprus
Phone: +357 240 20 400
The responsible authority is the natural or legal person who, alone or in connection with others, decides on the purposes and means of processing personal data (such as, names, email addresses, etc.).
Withdrawing your Consent to Data Processing
Many data processing operations are only possible with your express consent. You can revoke your consent at any time. To do this, an informal message sent to us by email is sufficient. The legality of the data processing carried out until the time consent is revoked remains unaffected by the withdrawal.
Right of Complaint to the Responsible Regulatory Authority
In the event of any violations of data protection law, the person concerned has the right to lodge a complaint with the responsible regulatory authority. The responsible authority for any data protection issues is the Data Protection Officer of the country in which our company is based - alternatively, if other legal regulations apply, the data protection regulations of the respective country in which the client resides or the company headquarters are based, will be in effect. A list of Data Protection Officers of the EU Commission can be found by following this link: https://edps.europa.eu/data-protection/eu-institutions-dpo/network-dpos_de.
Right to Transfer Data
You have the right to have any data that we process automatically on the basis of your consent or to fulfil the contract, handed over to you or to a third party in a regular, machine-readable format. Should you request the direct transfer of data to another responsible person, this will only be done if it is technically feasible.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential information, such as orders or requests that you send to us as the site operator. You can recognise an encrypted connection by checking the address line of the browser: when encrypted the “http://” changes to “https://” and the lock symbol appears in the browser line.
If SSL or TLS encryption is enabled, the data you submit to us cannot be seen by any third parties.
Encrypted Payments on this Website
If, after the conclusion of a fee-based contract, there is a need to provide us with your payment details (for example, the account number for direct debit authorisation), this data will be required for payment processing.
Payment transactions made by regular means of payment (Visa/MasterCard, direct debit) are processed exclusively via an encrypted SSL or TLS connection. You can recognise an encrypted connection by checking the address line of the browser: when encrypted the “http://” changes to “https://” and the lock symbol appears in the browser line.
When encryption is enabled, the payment details you submit to us cannot be seen by any third parties.
Enquiry, Blocking and Deletion
Within the framework of the applicable statutory regulations, you have the right to request (free of charge) information about your stored personal data, its origin and recipient as well as the purpose of the data processing and, if necessary, a right to correct, block or delete this data. You can contact us at any time at the address given in the Legal Details section if you have any further questions on the subject of personal data.
Objection to Promotional E-mails
We hereby object to the use of the contact details published within the framework of the obligation to provide contact details in the imprint for sending unsolicited advertising and information materials. The operators of the pages expressly reserve the right to take legal action in the event of any unsolicited advertising, such as spam mail.
3. Data Protection Officer
Statutory Data Protection Officer
We have appointed a data protection officer for our company.
4. Data Collection on our Website
The internet pages partly use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files, which are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognise your browser the next time you visit.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, block cookies in certain situations or in general, and activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
Server Log Files
Data that your browser transmits to us is automatically collected and stored in so-called server log files by the provider of the pages. These are:
- Browser type and browser version
- Operating system in use
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
The data collected will not be merged with data from other sources.
The basis for data processing is Art. 6 Para. 1 lit. b GDPR, which allows the processing of data in order to fulfil contractual obligations or perform pre-contractual measures.
Our organisation analyses the activities on our website through Google Analytics and the collected data is used for the optimisation of our site as well as advertising.
Google Analytics is a web analytics service, operated and provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States), who process the collected data on our behalf and are contractually bound to ensure the confidential treatment of the data.
The following data will be collected during a visit to our website:
- Pages accessed
- Location (country and city – approximate location)
- Data related to orders
- Site activities such as clicks, scrolls and length of visit
- Information such as browser used, internet provider, display resolution as well as other technical data
- The origin of your visit, for example which website was used to reach our site
We then send the collected data for analysis to a Google server in the United States - Google conforms to the regulations of the ‘EU-US Privacy Shield’.
The cookies collected from your web browser are stored with Google Analytics for 2 years (from your last visit) and should you visit our website again you will be recognised through the use of a randomly generated user ID, which is contained in the cookies.
Through the use of these cookies and the user ID it is possible to establish a user profile, although any user specific data will be automatically deleted after 14 months, with general data being permanently stored in aggregated form.
Should you be in disagreement with the collection and use of your data, you can deactivate this process through the one-time installation of Google Analytics Opt-out Browser Add-on.
Use of Google Remarketing
In addition to Google Analytics we also use the remarketing function provided by Google. This function allows us to personalise advertising on other websites, based on the interests shown through your activities on our pages. You can find additional information on Google Advertising Privacy and Terms and you can prevent personalised advertising through the installation of these Browser-Plugins.
When you send us enquiries via the contact form, the information you provide in the form, including any contact details, will be stored in order to process the request and in case of follow-up questions. We will not share this information without your consent.
The processing of the data entered into the contact form therefore takes place exclusively based on your consent (art. 6 (1) lit. GDPR). You can revoke this consent at any time. An informal message sent to us by email is sufficient. The legality of the data processing operations carried out until the time consent is revoked remains unaffected by the withdrawal.
The information you provide in the contact form will remain with us until you ask us to delete it, revoke your consent for us to store it, or until the time that the purpose for data storage expires (for example, when your request has been processed). Mandatory legal provisions – specifically storage periods – remain unaffected.
Processing of Data (Client and Contract Data)
We collect, process and utilise personal data only insofar as they are necessary for the establishment, substance or adjustment of the legal relationship (stock data).
The basis for data processing is Art. 6 Para. 1 lit. b GDPR, which allows the processing of data in order to fulfil contractual obligations or perform pre-contractual measures. We collect, process and utilise personal data related to the use of our website (usage data) only insofar as this is necessary to enable the user to use the service, or for billing purposes.
The customer data collected will be deleted after the order has been completed or the business relationship has ended. Statutory retention periods remain unaffected.
Data Transfer Related to the Conclusion of a Contract for Services and Digital Content
We only transfer personal data to third parties if this is necessary for contract processing, for example to the credit institute commissioned to process payments. A further transmission of any data does not take place unless you have expressly consented to such a transfer. Your data will not be passed on to third parties without your express consent, such as for advertising purposes.
The basis for data processing is Art. 6 Para. 1 lit. b GDPR, which allows the processing of data in order to fulfil contractual obligations or perform pre-contractual measures.
Password Protected Client Account – PMG Alpha-Client Connect Centre
With the conclusion of a contractual relationship between us and yourself, a personal account (password protected client account) will be created for you that will provide you with the best possible user experience. With this password protected client account/user account or Apple/Android application, we offer you a permanent storage facility for your personal data as well as direct access to contractually relevant information and documentation. The processing of the client and related company data follows the applicable data protection regulations.
A SMS verification and activation process has to be completed before the client first accesses the client account. For this purpose we send a SMS containing the automatically generated code to the mobile phone number provided by the client. By entering the provided code, the client activates the client account and is consequently registered in our system. After activation of the client account, it is not necessary to input any data again. Additionally, the client can view and amend any stored client and company data by accessing the client account.
We recommend that you, at the account activation stage, immediately change the automatically generated personal password of the client/user accounts or Apple/Android applications as this is used in conjunction with the email address to access the client account.
You are obliged to keep any data used to access client accounts confidentially so as to avoid any unauthorised access by third parties. You herewith acknowledge that unless you actively log out of the system, you remain logged in even when leaving the page. You have the option of deactivating and deleting the client account at any point in time by contacting the Data Protection Officer. The deactivation and removal of the client account does not automatically ensure that the data, previously given to us at contract/order stage, is deleted. In principle, the deletion of client data occurs only after the expiry of commercial and tax retention obligations applicable to us.
The legal basis for these continued data retention procedures are the data protection requirements of the Republic of Cyprus whereby the legitimate interest lies in making the data available for future legal necessities.
The provision of the client/user account or Apple/Android application does in no case pose a legally binding component to the offer of services through the contractual relationship between yourself and us. We therefore have the right, at any time and without an obligation to provide a reason, to partly or fully suspend the offer of the client/user account or Apple/Android application. In such cases we will notify you in writing. For you the use of the client/user account or the Apple/Android application is completely voluntary. You may send a written request, by email, upon which all communication and exchange of documents and information will be conducted electronically.
If you would like to receive the newsletter offered on the website, we need an email address from you, as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive these newsletters. Further data shall only be collected on a voluntary basis, if at all. We use this data exclusively for the transmission of the requested information and do not pass it on to third parties.
The processing of data entered into the newsletter registration form takes place exclusively on the basis of your consent (art. 6 (1) lit. GDPR). The consent to the storage of data and email address, as well as their use for sending the newsletter can be revoked at any time, via the “unsubscribe” link in the newsletter. The legality of already completed data processing actions remains unaffected by the withdrawal of consent.
Data left with us for the purpose of receiving the newsletter will be stored until such a time that you unsubscribe from the newsletter and will be deleted thereafter. Data that has been stored by us for other purposes (for example, email addresses for the members-only area) remains unaffected.
This website uses the services of MailChimp in order to send newsletters. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave. NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service with which the dispatch of newsletters can be organised and analysed. When you enter data for the purpose of newsletter subscription (for example, an email address), this will be stored on MailChimp’s servers in the United States.
MailChimp is certified under the ‘EU-US Privacy Shield’. The ‘Privacy Shield’ is an agreement between the European Union (EU) and the US to ensure compliance with European privacy standards in the United States.
With the help of MailChimp we can analyse our newsletter campaigns. When you open an email sent by MailChimp, a file included in the email (a so-called web beacon) connects to MailChimp’s servers in the United States. Through this it can be determined if a newsletter message has been opened and which links have been clicked on. In addition, technical information is collected (for example, time of retrieval, IP address, browser type and operating system), although this information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better tailor future newsletter to the interests of the recipients.
If you do not want to expose your data to analysis by MailChimp, you must unsubscribe from the newsletter. To do this, we provide a corresponding link in each newsletter. Furthermore, you can directly unsubscribe from the newsletter on the website.
Data processing is based on your consent (Article 6 (1) (a) GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the already completed data processing operations remains unaffected by the withdrawal of consent.
The data deposited with us for the purpose of receiving the newsletter will be stored with us until such a time that you unsubscribe from the newsletter and will be deleted from both our servers and MailChimp’s servers once you unsubscribe from the newsletter. Data which has been saved by us for other purposes (for example, email addresses for the members-only area) remains unaffected.
6. Plugins and Tools
Our website uses Plugins from the Google-powered website ‘YouTube’. The site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our YouTube plugin-enabled sites, you will be connected to YouTube’s servers. As a result, the YouTube servers are informed about which of our pages you’ve visited.
If you are logged into your YouTube account, this will allow YouTube to link your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is utilised in the interest of an attractive presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.
This site uses the mapping service Google Maps via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.To use the features of Google Maps, it is necessary to save your IP address. This information is usually transmitted to and stored by Google on servers in the United States. The provider of this site has no influence on the transmission of this data.
Google Maps is used in the interest of an attractive presentation of our online offers and to make it easy to locate the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. a GDPR.
7. Payment Service Provider
On our website we offer amongst others, payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. etCie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).
If you choose to pay via PayPal, the payment details you have entered will be transmitted to PayPal.
The transfer of your data to PayPal is based on Art. 6 Para. 1 lit. a GDPR (consent) and Art. 6 Para. 1 lit. b GDPR (processing to fulfil a contract). You have the option of withdrawing your consent regarding data processing at any time. A withdrawal does not affect the legality of past data processing operations.