Personal Data Protection and Privacy Policy

This Privacy Policy has been prepared in accordance with Regulation (EU) 2016/679 (GDPR), the ePrivacy Directive, and the applicable laws of the Republic of Cyprus, and is fully aligned with other legal documents of QualExperts.

1. Data Controller
   The Data Controller is Q.E. QualExperts LTD, VAT No. 10404205A, Registration No. 404205,
   headquartered at 5 Kosta Ourani Street, 3085 Limassol, Cyprus.
   Email: info@qualexperts.gr | Tel.: +30 694 679 2547
   
2. Categories of Personal Data
   The Company collects and processes:
   – identity and contact information,
   – educational and professional data,
   – assessment, certification, and participation data,
   – files submitted via forms (e.g., applications, CVs, supporting documents),
   – data stored in internal information systems and databases (CRM),
   – technical data (IP address, logs).
   
3. Collection Methods
   Data is collected through:
   – contact and application forms,
   – file uploads via the website,
   – email correspondence,
   – internal management systems (CRM / databases).
   
4. Purposes of Processing
   Processing is carried out exclusively for:
   – managing applications, uploads, and candidate records,
   – providing TEFL and Quality Endorsement Scheme (QES) services,
   – managing educational and certification processes,
   – maintaining collaboration and communication records,
   – complying with legal and regulatory obligations.
   
5. Legal Basis
   Processing is based on:
   – the data subject’s consent,
   – the performance of a contract or pre-contractual obligations,
   – a legal obligation,
   – the legitimate interests of the Company.
   
6. Storage in Systems & CRM
   Data may be stored in secure electronic databases and CRM systems, with limited access and enhanced security measures.
   
7. Transfer & Subcontracting
   Data is shared only with:
   – partner certification bodies,
   – IT service providers under contractual guarantees,
   – competent authorities where required by law.
   
8. Retention Period
   Data is retained only for as long as required for the processing purpose or by applicable law.
   
9. Data Subject Rights
   Data subjects have the right to access, correct, delete,
   restrict, transfer, object to processing, and withdraw consent.
   Requests: info@qualexperts.gr
   
10. Security & Data Breach
    The Company implements technical and organizational security measures.
    In the event of a data breach, Articles 33 and 34 of the GDPR apply.
    
11. Applicable Law
    This Policy is governed by the laws of the Republic of Cyprus.