GP ALora is a sole practitioner business founded and run by Georgia Pamboris, a licenced Legal Consultant by the Law Office of the Republic of Cyprus. Learn more here

This Privacy Notice explains how we handle personal data we may process in the context of our professional activities in line with the General Data Protection Regulation ("GDPR"). Please read this Privacy Notice thoroughly and if you have any questions, we strongly recommend that you reach out to us before acknowledging acceptance to it.  

Guidance note on GDPR definitions 

What is personal data? 

Personal data is any information that relates to an identified or identifiable living individual. What identifies an individual could be as simple as a name or a number or can include other identifiers such as an IP address or other factors. 

Special categories of personal data

There are certain special categories of personal data (also referred to as sensitive data) which are considered more sensitive and as such, require special attention and protection. This includes personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. It also extends to genetic data, biometric data used for uniquely identifying a person, data concerning health, and data concerning a person’s sex life or sexual orientation. 

What information we process

The type and extent of information we may process varies depending on our relationship and/or the service provided. When we provide you with services, we most commonly collect:

  • Identification and contact details
  • Payment / Bank Account details
  • Business / Professional details 
  • Any other information you may entrust us with.

Sensitive data

Unless you voluntarily elect to share with us sensitive information or is publicly available, the only information that we may process and may fall under this category is an individuals nationality. 

When you browse this website www.gpalora.com: 

  • Please know that we do not collect any personal data of website visitors, including IP addresses. We only receive an anonymous statistic of visitors per country.
  • Our current hosting provider is Webador.

When you contact us for information using our online form or other means (e.g. email, telephone): 

  • We will only process the information provided to us. Usually that is name, surname, contact details, subject matter and message details.
  • We process the above to communicate with you and service your request (e.g. set up a meeting you asked for, resolve your queries, provide you with required information or a quote for services, etc.)

Children Data 

We do not provide services to individuals under the age of 18 and this website is not to be used by children. See also our Terms  of Use . 

Why we need it and how we use it

We only process personal data within the ambit permitted by  law and we only use it for the purpose(s) it was collected in the first place.  Most commonly, it will be for the following reasons:

  • To communicate with you or service your request
  • To respond to your queries
  • To assess needs and provide tailored solutions and quality professional services
  • To fulfil our contractual obligations 
  • To provide you with services 
  • To comply with laws and regulations that may require us to identify individuals and/or retain specific information for a certain period of time
  • To maintain our books, accounts and records
  • To receive compensation for provided services. 

In some occasions, we may also process information if necessary to protect the vital interests of an individual (e.g. in the event of an emergency) or to pursue legitimate interests - provided that your fundamental rights and freedoms are not prejudiced (e.g. to prevent crime/fraud, to receive professional advice, to exercise /defend our legal rights, etc.) or on the basis of consent provided to us - which you may of course withdraw at any time. 

Data Sharing

  • We do not sell data to any third party and we do not use it for marketing purposes or automated decision making.
  • We will not share your information with other third parties unless you  ask us to or we are permitted or compelled by law to do so (e.g.  reporting to competent authorities, to exercise / defend legal rights, to comply with a court order, to receive professional advice, etc.).
  • We do not share personal data with third parties located outside the EU/EEA unless you ask us to, in which case, we will only do so when there are appropriate safeguards in place -such as standard contractual clauses- to ensure an adequate level of data security and protection.

How long we keep it

For as long necessary to fulfil the purpose(s) for which it was collected or to comply with any legal obligation(s) requiring data retention for a specific period of time. When determining the appropriate retention period, we consider various factors such as, legal requirements, the type, nature, and sensitivity of the data, the potential risks of harm, and whether the intended purposes can be achieved via other means. If we no longer need your data, we will delete it  securely. 

Your rights 

Under the GDPR, you have certain rights in relation to your personal data that we want you to be aware for. These are in brief set out below. While you can exercise any of these rights at any time, please note that, by law, certain limitations and exceptions may apply in relation to certain rights. 

You have the right to:

  • access
  • rectify
  • erasure
  • object
  • restrict processing
  • data portability
  • withdraw your consent, and
  • file a complaint with your local data protection authority. We are governed by the Office of the Commissioner for Personal Data Protection which is the competent Data Protection Authority of Cyprus.

    About your right to Withdraw Consent 

    If you have previously given us consent to process your personal data, you can withdraw it at any time by writing to us at info@gpalora.com

    About your right to officially complaint

    If, for any reason, you are not satisfied with the way we handle your information,  you  can lodge an official  complaint with  the Data Protection Authority of Cyprus  or your local data protection authority.  For the Data Protection Authority of Cyprus more information - including contact details - is available on their website - see here

    How to exercise your rights with us

    Just send us a message at info@gpalora.com  and we will take care of the rest free of charge.  In exceptional case ( i.e. for repetitive or excessive requests) a reasonable fee may apply based on administrative costs and within the parameters permitted by law. We will ensure that any such charges are justifiable and that you are informed in advance. 

    Need more info? 

    For a better understanding on what is personal data and what are your rights check these sites: 

    Should you need additional guidance, we are only an email away. 

    Still have questions? 

    Leave non unanswered. 

    We will be more than happy to assist