General Data Protection Regulation

  1. Introduction

Trustank Corporate Services Ltd respects your privacy and is committed to protecting your personal data in accordance with the General Data Protection Regulation EU 2016 679 and applicable Cyprus data protection laws.

This policy explains how we collect, use, store and protect your personal data when you visit our website or engage our services.

  1. Data Controller

For the purposes of data protection law, Trustank Corporate Services Ltd acts as the Data Controller.

If you have any questions regarding this policy or your personal data, you may contact us at:

Email: greg@trustank.cy

  1. What Personal Data We Collect

We may collect and process the following categories of personal data:

Contact information
Name, email address, phone number, company name

Identification and due diligence data
Passport copy, proof of address, tax numbers, beneficial ownership information, source of funds documentation, where required by law

Financial information
Banking details, billing information, transaction data

Technical data
IP address, browser type, device information, website usage data

Communication data
Emails, messages, call notes and correspondence

We only collect personal data that is necessary for legitimate business or legal purposes.

  1. How We Collect Your Data

We collect data when:

You complete a contact form
You communicate with us by email or phone
You request a proposal or services
You enter into an engagement agreement
You browse our website
We conduct mandatory compliance checks

  1. Legal Basis for Processing

We process personal data on the following legal bases:

Performance of a contract
To provide corporate, administrative or related services

Compliance with legal obligations
Including Anti Money Laundering and regulatory requirements

Legitimate interests
To operate, improve and protect our business and services

Consent
Where required, such as for certain marketing communications

  1. Why We Process Your Data

Your personal data may be used to:

Provide and manage services
Conduct regulatory due diligence
Communicate with you
Issue invoices and manage payments
Comply with legal and regulatory requirements
Improve website functionality and user experience
Prevent fraud and unlawful activity

We do not sell personal data.

  1. Data Sharing

We may share personal data with:

Regulatory authorities and competent authorities where required by law
Banks and financial institutions
Auditors and professional advisers
Government departments
Service providers such as hosting or IT providers
Payment institutions

All third parties are required to respect the security and confidentiality of personal data.

  1. International Transfers

If personal data is transferred outside the European Economic Area, we ensure that appropriate safeguards are in place, including:

Standard contractual clauses
Transfers to jurisdictions with adequate protection decisions

  1. Data Retention

We retain personal data only for as long as necessary to:

Fulfil the purposes for which it was collected
Comply with legal and regulatory obligations

Under Anti Money Laundering regulations, client records may be retained for a minimum statutory period after termination of the business relationship.

  1. Data Security

We implement appropriate technical and organisational measures to protect personal data against:

Unauthorised access
Loss
Destruction
Misuse

Access to personal data is restricted to authorised personnel only.

  1. Your Rights Under GDPR

Under the GDPR, you have the following rights:

Right of access
You may request a copy of your personal data.

Right to rectification
You may request correction of inaccurate or incomplete data.

Right to erasure
You may request deletion of your data where legally permissible.

Right to restriction
You may request that we limit how your data is processed.

Right to data portability
You may request transfer of your data to another controller where applicable.

Right to object
You may object to processing based on legitimate interests.

Right to withdraw consent
Where processing is based on consent, you may withdraw it at any time.

Right to lodge a complaint
You may file a complaint with the Office of the Commissioner for Personal Data Protection in Cyprus.

To exercise your rights, contact:
greg@trustank.cy

We may request identity verification before responding to your request.

  1. Automated Decision Making

We do not make decisions solely based on automated processing that produce legal or significant effects.

  1. Cookies

Our website uses cookies and similar technologies. Please refer to our Cookie Policy for full details.

  1. Updates to This Policy

We may update this policy from time to time. The latest version will always be published on our website.