Privacy Policy

At Aylin Zeybek Law Firm, we handle personal data in compliance with the EU General Data Protection Regulation (GDPR) and the applicable laws of the Republic of Cyprus. In our capacity as data controller, we ensure that all personal information is processed lawfully, fairly, and with appropriate security safeguards in place.

When and How We Collect Data

We collect personal data when you:

Request legal advice or other services from us;
Communicate or engage with us, including via our website;
Provide services to us.

We may also obtain personal data from third parties or publicly available sources where necessary for legal, regulatory, or professional purposes.

What Data We Collect

Depending on the circumstances, we may collect and process personal data in the course of providing legal and related services to our clients.

The categories of data may include:

Contact details, such as names, postal addresses, email addresses and telephone numbers;
Identification information, including ID or passport details;
Information required to comply with legal and regulatory obligations, particularly anti-money laundering requirements, including details relating to source of funds and source of wealth;
Information obtained during the provision of legal services, such as details concerning professional background, financial assets, transactions, tax status, disputes or court proceedings;
Financial and billing information, including payment-related data;
Records of meetings or visits to our offices;
Sensitive personal data, where strictly necessary and with your consent;
Any other information you may provide to the Firm.

Why We Use Your Personal Data

We process your personal data for the following purposes:

To enter into a client relationship and to provide legal and related services to you;
To verify your identity and maintain accurate records, including correspondence lists;
To comply with applicable legal, regulatory, and professional obligations;
To respond to enquiries, comments, or complaints;
To manage and strengthen our client relationships and improve our services;
To pursue or defend legal claims where necessary;
With your consent, to send updates on legal developments and firm news;
For any other purpose that has been agreed with or properly notified to you.

Data Security and Retention
We implement appropriate technical and organisational measures to safeguard your personal data against unauthorised access, loss, or misuse. Personal information is retained only for as long as necessary to fulfil the purposes for which it was collected, or as required under applicable legal and professional obligations.

Your Rights

Data subjects in the European Union (or in any jurisdiction with data protection legislation equivalent to the EU General Data Protection Regulation) have certain rights in relation to their personal data. These rights include the right to withdraw previously given consent; the right of access; the right to rectification, updating, or erasure of data; the right to restrict processing; the right to data portability; the right to object to specific processing activities; and the right to lodge a complaint with the relevant supervisory authority. Any data subject wishing to exercise these rights may do so in accordance with the applicable legal framework.

If a data subject chooses not to provide personal data, or exercises their rights in a way that restricts processing, the Firm may be unable to provide certain services or may be limited in the services that can be provided.
Changes to this Privacy Policy
This Privacy Policy is reviewed periodically to ensure compliance with applicable data protection laws and may be updated from time to time. Any changes will be posted on our website.