The MAP S.Platis Group (as defined below) is committed to protect individuals’ personal data in line with the requirements of applicable law.
The MAP S.Platis Group commitment applies to all individuals whose personal data it may process. “Personal Data” means any information relating to an identified or identifiable natural person.
The MAP S.Platis Group comprises of M.A.P. BUSINESS SOLUTIONS LTD, MAP FINANCIAL TECHNOLOGIES LTD, MAP INFORMATION TECHNOLOGY SUPPORT LTD, EIMF HOLDINGS LIMITED, EIMF TECHNOLOGY INSTITUTE LTD, MAP RISK MANAGEMENT SERVICES LTD, MGR HUMAN RESOURCES LTD and MAP INNOVATION LTD (each referred to as the “MAP S.Platis Entity” and collectively together with respective affiliates the “MAP S.Platis Group”).
M.A.P. BUSINESS SOLUTIONS LTD provides various services including, financial services advisory, internal audit and business consultancy services.
MAP FINANCIAL TECHNOLOGIES LTD provides various services including transaction reporting and other technology services.
MAP INFORMATION TECHNOLOGY SUPPORT LTD provides IT solutions and support, IT outsourcing and managed services options, cybersecurity services and IT consultancy services.
EIMF HOLDINGS LIMITED and EIMF TECHNOLOGY INSTITUTE LTD provide premium courses, professional and executive education, e-Learning and tailored learning solutions with a strong emphasis on the financial and professional services sector.
MAP RISK MANAGEMENT SERVICES LTD provides solutions in risk management and capital adequacy as well as consultancy services in relation to risk management related matters.
MGR HUMAN RESOURCES LTD provides HR Consulting and acts as a Recruitment and Temporary Placements Agency.
MAP INNOVATION LTD is a digital strategy boutique, with an expertise in harnessing Open Innovation to drive corporate Innovation.
As the Controller, each MAP S.Platis Entity determines the purpose and means of processing individuals’ personal data. In each case, the personal data controller will be the MAP Member:
Each MAP S.Platis Entity processes different personal data for a variety of reasons. These may include:
Personal data for contact, service provision and other purposes:
These may include, name and surname, position, residential address, identification details (e.g. passport or ID), postal or residential address, business address, mobile number, email address, proof of source of income, signature, employment status and company of employment, login and other account data where you may be provided such data by an MAP S.Platis Entity to logon to any platform by which an MAP S.Platis Entity may offer its services.
For being able to offer its services, MGR HUMAN RESOURCES LTD collects, in addition to the above, the following data: date of birth, contact details (i.e. telephone number, email, home address), academic and professional qualifications, employment history, remuneration history, photo identification (e.g ID card, passport or other) social media profile and information, referees contact details or any other information an individual chooses to share with us. In some cases and where applicable by the law, we may also collect information related to diversity, immigration status, health, criminal convictions, etc.
For being able to offer its services, EIMF HOLDINGS LIMITED processes, in addition to the above, the following data: details of person authorising attendance, AAT registration and membership number.
Information necessary to make payments:
This may include bank account details and other relevant details.
In offering its services to its clients, each MAP S.Platis Entity may process personal data relating to individuals such as proof of residence documentation, source of income, tax identification numbers.
Publicly available information:
Each MAP S.Platis Entity may also process personal data from public sources including from databases for compliance checks.
Appointment to office:
Each MAP S.Platis Entity may process personal data in relation to individuals that may be appointed to an official position such as directors, shareholders or the secretary to a company or officers or persons involved in any other legal entity.
Compliance with statutory obligation:
Each MAP S.Platis Entity may process personal data where obliged to do so under the law (e.g. employment records, company records, tax reporting obligations, personnel recruitment laws, contractual duties).
Information collected during the registration for an event or conference organised by an MAP S.Platis Entity:
Each MAP S.Platis entity may organise different kind of events or conferences either for promoting and marketing its services to existing and potential clients, for networking purposes or for finding potential candidates for employment.
In this respect, each MAP S.Platis Entity may process personal data (e.g. name, surname, contact details and if relevant details in regard to academic and/or professional qualifications (including, but not limited to, name of University, subject of study, year of study) for efficient organisation and management of an event or conference. This information may be used for future contact, only with your consent, in order to market the Entity’s services to you or in order to inform you for similar events or in regard to possible employment opportunities that are tailored to you if appropriate. This information will be held by the MAP S.Platis Entity until you choose to unsubscribe/withdraw your consent, in accordance with article 7(3) of the General Data Protection Regulation (Regulation EU 2016/679).
Photographs/pictures, presentations, audio and video recording of speakers and participants and live web streaming of the events or conferences may be taken. They may be reproduced in various media including MAP S.Platis’ publications, the MAP S.Platis website, social networks, TV channels and the press, in connection with the event or conference as well as for promotional activities of MAP S.Platis Group.
If you wish that your image or voice is not recorded and published, for compelling and legitimate grounds relating to your particular situation, please follow the procedure described below at paragraph 11 for making a request.
Personal data may be collected by an MAP S.Platis Entity where you or an organisation with which you are related in any capacity (e.g. employee, officer, representative) contact the MAP S.Platis Entity in relation to any services that it may provide. Your personal data may also come to our possession in case you express any interest to and/or become an employee of any MAP S.Platis Entity. Your data may also be processed if you sign up to receive any informative or marketing material including our Regulatory Alerts and Group News. Your personal data may also be processed if you sign up to participate in an event or conference organised by an MAP S.Platis Entity. Your data may also be collected when an organisation engages an MAP S.Platis Entity to provide services and you are engaged in the organisation in any capacity that is relevant (for example, director, representative, employee of such entity with which the MAP S.Platis Entity deals in providing any services.)
An MAP S.Platis Entity may also collect personal data from other sources including client entities, government agencies and risk intelligence service providers (e.g. World-check).
Each MAP S.Platis Entity will process personal data to:
Each MAP S.Platis Entity may process the personal data set out above on one or more of the following:
The MAP S.Platis Group takes the appropriate measures (physical, organisational and technical) to ensure the safety of your personal data. Your personal data may be stored electronically or in paper form.
Where you or a Client Entity provides to any MAP S.Platis Entity personal data of other individuals (e.g. officers, secretary, employees, other individuals that the Client Entity interacts with or persons related to you) you or the Client Entity (as the case may be) represent to such MAP S.Platis Entity that you or the Client Entity are duly entitled to do this.
You or a Client Entity also represent and that the individual in question is aware of the relevant MAP S.Platis Entity’s data protection practices as stated in this policy which may be relevant to the individual, how such MAP S.Platis Entity may be contacted as well as such information that you or a Client Entity are obliged to provide to such individual under applicable laws in relation to any MAP S.Platis Entity.
Each MAP S.Platis Entity stores personal data for no longer than is reasonably necessary for its processing purposes. Where an MAP S.Platis Entity stores personal data based on your consent, it will delete such personal data when you withdraw your consent and provided that it is not obliged under law to maintain such data. In case of recruitment activities, the MAP S.Platis Entity will delete your personal data if you are not employed unless you expressly consent for to the storing of your personal data for potential future roles and/or other purposes. Consent will be updated on an annual basis. If you accept an offer of employment by the MAP S.Platis Entity, any relevant personal data collected during your pre-employment period will become part of our personnel records and will be retained during your employment and as long as is required by the applicable laws after the end of employment. Each MAP S.Platis Entity may in any case, keep personal data as long as is necessary for the defending or making of legal claims as provided by applicable limitation laws in Cyprus.
Each MAP S.Platis Entity may transfer personal data to third countries outside the EU/EEA where required for any of the purposes stated above including for storage purposes. In each such case, the relevant MAP S.Platis Entity will ensure that such transfers will comply with the General Data Protection Regulation (Regulation EU 2016/679 based on a Commission Adequacy decision, or appropriate safeguards (e.g. standard contractual clauses) or other grounds provided by the GDPR. You may contact the relevant MAP S.Platis Entity in order to be informed of the appropriate or suitable safeguards (as the case may be).
You can make a request or exercise these rights by completing the Data Subject Access Request Form and sending this by e-mail to the following e-mail address:
We may request you to provide us information for the purpose of verifying your identity and residency in order for us to comply with our security obligations and to prevent unauthorised disclosure of data.
We will answer your request, or request additional information form you within 1 (one) month. Occasionally, it may take us longer than 1 (one) month if your request is particularly complex or you have made a number of requests. In this case, we will notify you within 1 (one) month of the receipt of your request about the extension and keep you updated.
Each MAP S.Platis Entity may charge you a reasonable fee when a request is manifestly unfounded, excessive or repetitive, or we receive a request to provide further copies of the same data. In this case we will send you a fee request which you will have to accept prior to us processing your request. Alternatively, we may refuse to comply with your request in these circumstances.
If an MAP S.Platis Entity requests you to provide to it personal data and you fail to do so such MAP S.Platis Entity may not be in a position to provide a service and/or enter into an agreement with you, in which case it will inform you accordingly.
MAP S.Platis GDPR Unit will endeavour to promptly respond to your requests and complaints. In the event that you are unsatisfied, with the way we have handled your personal data or any privacy query or request that you have raised with us, you may submit a complaint to MAP S.Platis GDPR Unit in writing at the following email address:
We will try to respond to all requests within 1 (one) month. Occasionally, it may take us longer than 1 (one) month if your request is particularly complex or you have made a number of requests. In this case, we will notify you within 1 (one) month of the receipt of your request and keep you updated.
If you are not satisfied with our response to your complaint, you have the right to lodge a complaint with the Cyprus Data Protection Commissioner. You can find details about how to do this on the following website: