Polimnios & Antoniou Law
Website: polimnios.com
Last Updated: 20 February 2026

1. Introduction

Polimnios & Antoniou Law (“we,” “us,” “our,” or the “Firm”) respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website polimnios.com (the “Website”), communicate with us, or use our services.

We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Cyprus data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

Polimnios & Antoniou Law
Address (EN): 30A Agias Zonis, 3027, Limassol, Cyprus
Email: michaelides@polimnios.com
Phone: 99 040895

If you have any questions about this Privacy Policy or the processing of your data, you may contact us using the details above.

3. What Personal Data We Collect

Depending on how you interact with our Website or Firm, we may collect the following personal data:

3.1 Data You Provide to Us
  • Full name
  • Email address
  • Phone number
  • Address (if provided)
  • Company name (if applicable)
  • Details included in your enquiry or message
  • Any documents or information you voluntarily submit
3.2 Data Collected Automatically

When you visit our Website, we may automatically collect certain technical information, such as:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited and time spent on the Website
  • Referring URL (the website that directed you to us)
  • Website usage and navigation behaviour

This data may be collected through cookies or similar tracking technologies.

4. Special Category Data

In certain legal matters, we may receive or process special category personal data (also known as “sensitive data”), such as:

  • Health-related information
  • Criminal record information
  • Data revealing racial or ethnic origin, religion, or political opinions

We only process such data when it is strictly necessary for legal services and when GDPR requirements are met.

5. How We Use Your Personal Data

We may use personal data for the following purposes:

  • To respond to enquiries submitted through the Website
  • To provide legal services and professional assistance
  • To arrange consultations or appointments
  • To manage our relationship with clients and prospective clients
  • To comply with legal and regulatory obligations
  • To improve the Website’s performance, security, and functionality
  • To prevent fraud, abuse, or misuse of the Website
  • To maintain internal records and administrative operations

6. Legal Basis for Processing

We process personal data under one or more of the following legal bases, as required by GDPR:

6.1 Consent

When you submit an inquiry, subscribe, or otherwise voluntarily provide information, we may process your data based on your consent.

6.2 Contractual Necessity

We may process data where it is necessary to perform a contract with you or to take steps before entering a contract.

6.3 Legal Obligation

We may process data where required to comply with applicable laws, including legal, regulatory, and anti-money laundering obligations.

6.4 Legitimate Interests

We may process data where necessary for our legitimate business interests, such as:

  • improving our Website and services
  • ensuring Website security
  • responding to requests and communications
  • maintaining professional operations

Where we rely on legitimate interests, we ensure that your rights and freedoms are not overridden.

7. Sharing and Disclosure of Personal Data

We do not sell, rent, or trade personal data.

However, we may share personal data with trusted third parties where necessary, including:

  • IT service providers and hosting providers
  • Website maintenance providers
  • Email and communication service providers
  • Professional advisers, auditors, or consultants
  • Courts, regulators, or public authorities, where required
  • Banking institutions or payment service providers (where applicable)
  • Law enforcement agencies are legally obligated

All third parties are required to handle personal data securely and only for authorized purposes.

8. International Transfers

Your personal data may be transferred outside the European Economic Area (“EEA”) if necessary for technical or operational reasons (such as hosting or cloud-based services).

Where such transfers occur, we ensure appropriate safeguards are in place, including:

  • transfers to countries approved by the European Commission
  • Standard Contractual Clauses (SCCs)
  • other lawful GDPR-compliant safeguards

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy.

Retention periods may vary depending on:

  • legal obligations and professional requirements
  • the nature of the enquiry or client relationship
  • regulatory and compliance obligations
  • limitation periods for legal claims

Once the retention period expires, personal data is securely deleted or anonymized.

10. Cookies and Tracking Technologies

Our Website may use cookies and similar technologies to improve user experience and performance.

Cookies may help us:

  • remember user preferences
  • understand Website traffic and usage
  • ensure proper Website functionality
  • enhance security

You can manage cookie preferences through your browser settings. Disabling cookies may affect the functionality of the Website.

For more information, please refer to our Cookie Policy.

11. Website Contact Forms and Communications

If you contact us through our Website contact form, email, or phone, we may store and process your communication details to:

  • Respond to your request
  • maintain professional records
  • provide legal advice where applicable

Please avoid sending confidential information through the Website unless you have been instructed to do so by the Firm.

12. Confidentiality and Legal Professional Privilege

As a law firm, we handle client information with strict confidentiality and in accordance with professional legal obligations.

Certain communications may also be protected by legal professional privilege, where applicable.

13. Data Security

We take reasonable technical and organizational measures to protect personal data against:

  • unauthorized access
  • accidental loss
  • misuse or unlawful disclosure
  • alteration or destruction

Security measures may include access controls, secure storage, encryption (where applicable), and internal confidentiality procedures.

However, no internet-based system is completely secure, and we cannot guarantee absolute security.

14. Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

  • Right of access (to request a copy of your data)
  • Right to rectification (to correct inaccurate data)
  • Right to erasure (to request deletion of your data)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent (where consent is the basis of processing)
  • Right to lodge a complaint with the relevant supervisory authority

To exercise your rights, you may contact us at: michaelides@polimnios.com.

We may request proof of identity before processing your request.

15. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the relevant authority.

In Cyprus, the competent supervisory authority is the:
Office of the Commissioner for Personal Data Protection (Cyprus).

Please contact us first so we can resolve the matter directly.

16. Third-Party Links

Our Website may contain links to external websites. We are not responsible for the privacy practices, content, or policies of third-party websites.

We encourage you to review the privacy policies of any third-party websites you visit.

17. Children’s Privacy

Our Website is not intended for children under 16, and we do not knowingly collect personal data from children.

If you believe a child has provided us with personal data, please contact us immediately so we can take appropriate action.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our practices.

Any updates will be posted on this page with an updated revision date.

We encourage users to review this Privacy Policy periodically.

19. Contact Us

If you have any questions about this Privacy Policy or how we handle personal data, please contact us:

Polimnios & Antoniou Law
Email: michaelides@polimnios.com
Phone: 99 040895
Address: 30A Agias Zonis, 3027, Limassol, Cyprus