CYTA POLICY ON DATA PROTECTION AND CONFIDENTIALITY-PRIVACY POLICY

Cyta is committed according to the law on the protection of personal data (Act 138 of 2001) to take all necessary measures for the protection of the subscribers’ personal data and the respect of their private life.

This document aims to inform Cyta’s subscribers about their rights and about Cyta’s data protection policy.

I. Which information is Personal Data
Personal Data is any information relating to a live identified natural person or an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his identity.

More specific, with regard to Cyta’s subscribers, Personal Data are:

(a) The details provided by a subscriber during the application/ordering for the provision of a telecommunications service, i.e. name, surname, address or identity number.
(b) The subscriber’s calling data which are kept for billing purposes.
(c) The subscriber’s access codes, which are given by Cyta during the provision of various services.

Even though data relating to legal entities are not protected as personal data by the law, Cyta equally protects the data of all the legal entities, which are Cyta’s customers.

II. Cyta’s obligations
· Cyta collects and processes the subscriber’s personal data only for the purpose of providing a telecommunications service to them. Personal data are confidential, are stored in secure filing systems and are not transferred to third parties. Processing of personal data is done only by authorised Cyta employees.

· Personal data are kept only for the period necessary for completing the activity for which they were collected.

· In the case that Cyta processes personal data for which the subscribers’ consent is required, it shall seek their written consent.

· In the case that Cyta processes personal data for which an authorisation is required by the Commissioner of Data Protection, such authorisation shall be requested before any processing takes place.

III. The subscriber’s Rights and obligations
· Cyta’s subscribers have the right to be informed in writing about the purposes of processing of their personal data, by applying to the Secretariat, Legal Services and Public Relation’s Department, Telecommunications Street, P O Box 24929, Nicosia

· Cyta shall inform its subscribers in the case that their personal data is legally transferred to third parties.

· The subscribers are obliged to protect all the confidential data that are granted to them. Access codes and secret codes are strictly personal and Cyta shall not be responsible in case of loss or theft. In case of loss or theft of the above codes, the subscribers are obliged to inform Cyta as soon as possible.

IV. Exemptions
· Cyta can process personal data without the subscribers consent in the following cases:

(a) For reasons of protecting the vital interests of the subscribers
(b) For reasons of compliance with a legal obligation
(c) For the performance of a task of public interest
(d) For the purposes of a legitimate interest
(e) For statistical purposes.