PRIVACY POLICY
Introduction
Pittas + Koullouros LLC (“P+K”, the “Firm”, “we” or “us”) is a limited liability company incorporated in Cyprus under company number HE 410046 and is located at 1 Menandrou Street, Nicosia 1066.
This Privacy Policy explains how P+K collects, uses, discloses and protects personal data obtained through this website or provided to us, directly by you or by others. We may use your personal data provided to us only for the purposes described in this Privacy Policy.
We are committed to protection your privacy and handling your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Cyprus Data Protection Law 125(I)/2018 and other applicable laws and regulations.
By visiting our website, you acknowledge that you have read and understood this Privacy Policy.
Collection and Use of Personal Data
Personal data may be collected through the website or directly from or on your behalf when we are engaged to act as lawyers or legal advisors in connection to a specific transaction, legal proceedings or otherwise or in connection to an application for employment with the Firm.
The personal data we collect depends on the nature of our engagement and services provided. We may also collect your personal data from our clients (for example, through due diligence exercises or in connection to a counterparty in a transaction).
Where we provide services to a legal person or corporate client, we may collect personal data of individuals who are connected with the client such as personnel, representatives, associates, beneficial owners, counterparties, customers, suppliers and others. Collection of personal data is limited to the extent necessary and relevant for the purposes for which they are processed.
P+K collects your personal data: (a) directly from you; (b) from your intermediaries, agents and/or representatives; and (c) from public and online sources.
On the basis of the above, we may collect and process a number of categories of personal data including, but not limited to: (i) contact information (such as name, email address, telephone number, and company name (when you contact us through the website or email), financial and payment information and information collected for anti-money laundering and know-your-client purposes (including economic profile, source of fund, wealth, relation with client etc.)); (ii) technical data (including IP address, browser type, operating system, and referring website URLs, collected automatically through cookies and analytics tools); (iii) communication data (such as any information you choose to provide in correspondence with us); and (iv) business and financial information (such as business activities, economic profile information, investments and other financial interests).
We do not intentionally collect sensitive personal data (such as health data, political opinions etc.) through this website.
We process personal data for the following purposes:
– to respond to your queries, requests, or messages;
– to manage and improve our website and online services;
– to comply with our legal and regulatory obligations;
– to protect our rights, security, and property, and those of others;
– to provide our services in accordance with the terms of our engagement; and
– to consider job applications.
We process personal data only when we have a lawful basis to do so, including:
– consent, where you have provided it;
– performance of a contract, or steps taken at your request prior to entering into one (including engagements for professional services);
– compliance with a legal obligation;
– legitimate interests, such as improving our website and maintaining network security.
Personal Data about Third Parties
Where you provide us with the personal data of third parties, such as your employees, representatives or counterparties, you must ensure that you are entitled to do so and that, without any further actions, we can collect, use and disclose such data in accordance with our Privacy Policy. The individual whose personal data you are sharing with us must be aware of the matters discussed in this Privacy Policy, including details of the Firm, the purposes for which we collect data, and the rights of the induvial in relation to the collection and processing of such data.
Disclosure of Your Personal Data and International Transfers
We may share you personal data only with: (i) our employees and partners who require access for legitimate business purposes; (ii) professional advisers, service providers, and IT support personnel who assist us in operating our business; and (iii) regulatory, governmental, or law enforcement authorities, if required by law or to protect our legal rights.
We do not sell personal data to any third parties.
As a general rule, we do not transfer your personal data outside the European Economic Area (EEA). If such a transfer is necessary, we will ensure that appropriate safeguards are in place to protect your data.
Data Retention
We maintain and store your personal data processed by us for as long as is considered necessary for the purpose for which it was collected as required by applicable law or regulation.
Data Security
We have implemented appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction.
Your Rights and Complaints
You have the following rights under the GDPR, subject to certain limitations:
– Access: to obtain a copy of your personal data.
– Rectification: to correct inaccurate or incomplete data.
– Erasure: to request deletion of your data (“right to be forgotten”).
– Restriction: to limit how we process your data.
– Data portability: to receive your data in a structured, machine-readable format.
– Objection: to processing based on legitimate interests or for direct marketing purposes.
– Withdrawal of consent: where processing is based on your consent.
To exercise any of these rights or to complaint for the use of your personal data, please send an email with the details of your complaint to contact@pk-legal.com. We will look into it and respond to any complaints we receive.
You have also the right to file your complaint with the Commissioner for the Protection of Personal data (the Cyprus data protection regulator). For further information on your rights and how to file a complaint to the Commissioner, please refer to www.dataprotection.gov.cy.
Changes to this privacy statement
Our ongoing responsibility to transparency requires us to keep this privacy notice updated through regular review.
This privacy notice was last updated on 10 October 2025.
