This website “www.zambartaslegal.com” is for general information purposes only.  The content of the website is not intended to provide and does not provide any legal or other professional advice.  You should always seek and consult a qualified lawyer for legal issues.

Michalis C. Zambartas does not accept any responsibility for loss which may arise from relying on the information contained on this website.  Although we hope this website will be of interest to users, we accept no liability and offer no warranties in relation to it and its content, to the fullest extent such liability can be excluded by law.  Michalis C. Zambartas does not accept any responsibility or liability in relation to any content or any website of any third party a link to which may be view-able on this website, of which Michalis C. Zambartas does not endorse nor accept.

Michalis C. Zambartas takes all reasonable steps to exclude viruses from the website but such exclusion cannot be ensures and consequently no liability is accepted for viruses.  Thus, you are recommended to take all necessary safeguards before downloading information from the website.

All use of this website is subject to the Laws of the Republic of Cyprus and jurisdiction and is subject to our terms and conditions.

Copyright Notice

© Michalis C. Zambartas 2014-2022
All Rights Reserved

The material on this website is protected by copyright and/or database right throughout the world and is owned by Michalis C. Zambartas or its licensors.

You may read, print and download it to a local hard disk for private use.

You may not copy, reproduce or otherwise make use of the content of this website without Michalis C. Zambartas’s permission.  Linking and framing of this website, or part of it, is also prohibited without Michalis C. Zambartas’s express consent.

Privacy Policy


Michalis C. Zambartas is an Advocates, Legal and Tax Advisors and corporate services provider.  This privacy policy gives an explanation of how we process your data as part of conducting our business.

Data Controller
Michalis C. Zambartas is committed to protecting the privacy and security of your personal information.  The following statement sets out our privacy policy which is issued on behalf of Michalis C. Zambartas and which we are required under data protection legislation to notify you of. 

Who do we collect information on?
This privacy notice applies to the following individuals whom we collect personal information from or about:

  1. those who have entered into, or are contemplating entering into, a contract for the provision of services (Individual Client); those who are connected to Individual Clients (such as family members); and those who are connected to a client who is not an Individual Client (such as owners, investors, controllers, employees, directors and officers of a corporate client or other legal or non-legal body) (together Clients);
  2. third parties with whom we interact as part of providing our services to our Clients (Intermediaries);
  3. those who may be party to, or connected to party to, a legal transaction or legal proceedings involving our Client and/or the services which we have been engaged to provide to our Clients.
  4. those who are, work for or are agents of, suppliers or service providers who provide goods and services to us;
  5. those who apply for or express an interest in an employment or other similar position with Michalis C. Zambartas, whether existing at the time or not;
  6. those who request newsletters, marketing material or other publications from us; and
  7. visitors to our website www.zambartaslegal.com

What is Personal Information?
Personal information, means any information about you from which you can be identified. This includes but is not limited to, name, address, date of birth and gender.  There are “special categories” of more sensitive personal information which require a higher level of protection. These include information regarding race, health, genetic information and biometric data, religious beliefs, sexual orientation, criminal convictions and political opinions.

How do we collect and use information about you
We collect personal information either directly from you when you engage us to provide services or through your use of our website or client portals,  our Clients, Intermediaries, providers of independent or background checks or publicly available sources.

By using our Website or otherwise contacting us, obtaining services from us or by providing your personal information to us via the forms or contact options on this Website you acknowledge that you have read and understood this Privacy Policy. 

General visitors to the website
No personal information is collected about general visitors to our website.  However, in addition to the information collected by us in accordance with this Privacy your browser supplies some basic information about your visit.  The collection of this information is common practice and is used to analyse and understand how the website is being used. The following information is logged: IP address (the internet address of your computer), date and time of your visit, the type of computer, browser and operating system you are using, the URL’s of websites that referred you to the website and the path you take through the website. 

Personal information provided via the website

In certain areas of our Website, you can choose to provide personal information by completing any of the forms or using any of the email addresses which are included in the following pages:

  • Contact Us

The Personal Information we hold

We collect a variety of information from you and about you.  The extent of the information collected will depend on a variety of factors including the nature of the relationship between us and the extent of the contact with you.

The type of information we may process are set out below:

  • Your contact details including (but not limited to) your full name, postal address, email or other electronic communication addresses and telephone numbers. In certain circumstances we may also record your job title and other identification information as set out below.
  • KYC information and documentation which is required for Michalis C. Zambartas to fulfil its legal and regulatory requirements. This may include, but is not limited to, identity information such as your passport or other identity document details, date of birth, nationality, place of birth and country of residence, job title, source of wealth or funds and other information concerning your background (which may include sensitive information such as criminal records);
  • Information provided in the course of the provision of legal and corporate services for example information on professional relationships and background, financial wealth and assets held, transactions entered into, legal advice given (and any actions taken as a result of such advice) tax status, disputes and court proceedings engaged in which may also include sensitive information such as marital status, mental and physical health and criminal allegations or convictions;
  • Financial information such as payment related information;
  • Professional interests and preferences with respect to marketing interactions, attendance at conferences, events or seminars;
  • Information provided to us in respect of an application for, or expression interest in, a job with Michalis C. Zambartas such as personal information relating to your education and employment history, any professional qualifications, your nationality, your immigration, right to work or residential status.  We may also collect information from third parties.  This may include information such as references, or background checks provided by agencies such as credit reference agencies. In addition we may also obtain information about you from public sources, such as information published on social media accounts;
  • Any other information which you may provide to us.

How and Why Do We Use Personal Information?

For each of the purposes for which we process information, we rely on one or more of the following five legal justifications:

  • Contractual Necessity.  Personal information is processed in order for us to discharge our contractual relationship with our Client. 
  • Legitimate Business Interest.  Personal information is processed in circumstances where can balance our legitimate interests with your own legitimate interests.  We consider our legitimate interests to include: (a) providing legal and corporate services; (b) carrying out such services effectively; and (c) communicating with you in respect of those aspects of our services which we consider to be of relevance to you.   
  • Legal and Regulatory Requirement.  Personal information is processed in order for us to comply with a legal obligation (other than one imposed by a contract). 
  • Consent.  Personal information is processed on the basis of consent given by you. 
  • Legal proceedings, etc. Personal information is processed on the basis that it is necessary for (a) any legal proceedings; (b) obtaining legal advice; or (c) establishing, exercising or defending legal rights.

    We process personal information for the following purposes. 

    Purpose: Provision of services (including client relationship management) and developing those services
  • Delivering our services to you, developing those services and managing, maintaining and developing our relationships with our Clients.
  • Performing the service which we have been engaged to provide.
  • Facilitating effective client and matter management including collation of know-how materials, and generating internal financial and marketing reports; facilitate administrative or operational processes within our business, for example assessing legal and financial risks to our business and debt management including credit control and collecting debt;
  • Engaging other service providers to provide services to you where necessary to facilitate the provisions of services to you in connection with the engagement;
  • Improving and developing our products and services including carrying out analysis on Michalis C. Zambartas’s performance to ensure that our client care is of the highest standard
  • respond to requests, enquiries or complaints received

    Legal justification: contractual necessity and legitimate interests

    Purpose: Legal and regulatory requirements
  • Undertaking internal conflict of interest checks
  • Respond to requests, enquiries or complaints received

    Legal justification:  Legal and Regulatory Requirements

    Purpose: Marketing
  • To promote Michalis C. Zambartas’s services and provide newsletters, marketing material or other publications to our contacts and to invite you to conferences, events or seminars which may be of interest to you.  This may involve contacting you or, where applicable, individuals within your organisation using the contact details that you have provided to us;
  • To manage Michalis C. Zambartas’s  circulation lists for such marketing material and events.
  • To compile anonymous statistics, for example, website usage statistics;

    Legal justification: Legitimate interests.  

    Individuals have the right to unsubscribe from mailings or manage their preferences via a link in such marketing material or by emailing  at any time.
    Purpose: To review and process CVs or applications for positions with Michalis C. Zambartas (whether available now or in the future). 

    Legal justification: Consent, Legitimate Interest, Contractual Necessity

    Purpose: To ensure security of Michalis C. Zambartas’s  systems, staff and premises.  Crime prevention
  • undertake maintenance, testing or development of any of our systems or processes

    Legal justification: Legal proceedings and legitimate interest of protecting Michalis C. Zambartas’s business, staff, systems

Automated Decision Making

Michalis C. Zambartas does not have systems or procedures that make a decision without human intervention. Therefore there are no circumstances where decisions will be taken about you using fully automated means. 

Transfer of information within the Michalis C. Zambartas and with third parties

We may transfer your Personal Information to others where it is necessary to fulfil one or more of the purposes outlined above and this may also include sharing your information with a third party as part of an outsourcing or other data processing arrangement.

The following is a list of the potential recipients of your information:

  • any sub-contractors, agents or service providers providing services to any member of Michalis C. Zambartas, including without limitation, our information technology and telecommunications providers, auditors, consultants, insurers, providers of background checks and business risk screening, third parties for marketing or business development purposes and so on;
  • other professional advisers, agents or third parties providing services in relation to any matter on which the Michalis C. Zambartas has been instructed to oversee in respect of providing corporate services.This may include those who may be party to, or connected to party to, a legal transaction or legal proceedings involving you and/or the services which we have been engaged to provide to you.
  • Other members or associates of your organisation;
  • A regulatory, governmental or judicial authority with whom we are legally obliged to share your information.

We reserve the right to share your information with other third parties in the context of a possible sale or restructuring of the business or part thereof.

We will seek to ensure that our suppliers and service providers are contractually bound to process your personal information in line with our policies and that they have adequate measures in place to protect your information from unauthorised access, disclosure, loss or destruction. We do not allow our third party service providers to use your personal information for their own purposes. We only permit them to process your personal information only in accordance with our instructions.

Transfer of Information outside of Europe
As part of the transfer of information within the Michalis C. Zambartas or with third parties, your Personal Information may be transferred to or accessed from countries who may not be the subject of an adequacy decision under Article 45 of the GDPR and therefore may not have the same level or type of statutory (or other legal) protection as countries within the European Economic Area (EEA). We will seek to ensure that transfers of data outside of the EEA comply with all applicable laws and regulations by ensuring that:

  • you have expressly consented to the cross border transfer;
  • the recipient is in a country which has been deemed to have an adequate level of protection under GDPR or equivalent legislation or if the recipient is in the United States of America, that they are part of the Privacy Shield; or
  • the recipient is contractually bound to protect the information to the same or higher standards as those within the EEA.

Rights of access, correction, erasure, and restriction
Under GDPR and equivalent legislation you have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it. You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on our legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it. You can also object to us using your information for direct marketing purposes.
  • Request the transfer of your personal information to another party.
  • Right to withdraw consent. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification in writing that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Please note that the rights set out above are subject to certain exemptions and conditions. We may decline to comply with any request to delete or restrict the use of your information if we still require that information for any legal or contractual reasons. Where we are processing your information on the basis of Contractual Necessity or Legal and Regulatory Requirement, it is likely that the provision and processing of such information will be mandatory. In addition, in the event that you choose not to provide any personal information or to exercise one or more of the rights above to restrict the processing of your information, this may restrict the services which Michalis C. Zambartas is able to provide or we may have to decline to act on your behalf.


Michalis C. Zambartas takes its responsibility to secure your information very seriously.  We have put in place robust systems and policies and procedures to prevent and detect any incidents where your information may be subject to an unauthorised access, use or disclosure. 

In the unlikely event that there is a security breach, we will take all necessary steps to identify the cause and mitigate the effects. Where necessary, we will also notify you of such a breach in accordance with our obligations under GDPR or equivalent legislation.


Michalis C. Zambartas will keep your personal information for at least as long as necessary to fulfil the purpose for which we have collected it.  In relation to client matters it is Michalis C. Zambartas policy to retain data for 5 years from the conclusion of the matter subject to the following exceptions:

  • where the matter relates to trust, wills and probate, or property in which case the data may be kept indefinitely;
  •  where we consider it necessary to protect ourselves from a legal claim or potential dispute in connection with any services we have provided, we will keep the data for the relevant limitation period;
  •  where the data cannot be deleted for legal, regulatory or technical reasons.

Who can I contact

If you have any questions in respect of this privacy policy, or would like to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, withdraw your consent, or request that we transfer a copy of your personal information to another party, please send your request by email to