PRIVACY POLICY

We always put the protection of privacy and the security of personal data as a top priority of our daily activity. Moreover, we respect our clients' right to privacy and we do not transmit any information submitted to us, to any other third party, unless it is reasonably considered (and/or allowed by the client) for the matter of the services we provide to our clients. We will keep information securely and process data relating to our clients and their counterparties, customers, and to its suppliers and its staff.

The privacy policy applies to the following persons:

• i. visitors of our Website(s);
• ii. clients, either actual or potential;
• iii. recipients of our emails; and
• iv. any other persons whose personal data we process.

We process the data about identified or potentially identifiable natural and legal persons (during our work on the cases) and data that each person has provided to us (while signing an agreement with us, by visiting our Website and filling in contact forms or applying for a job).

We process the following categories of data:
(a) identification data (data related to the receivables and outstanding balances provided by our clients or potential clients (also referring to as the creditor);
(b) data related to the claims and/or unpaid invoices and/or outstanding balance;
(c) data related to the payment (s);
(d) letters, e-mails and other correspondence and information exchanged with customers, counterparties and partners (if required) of our client;
(e) data which is required by our lawyers to handle cases;
(f) data which is entered in online contact forms, such as name, phone numbers, e-mail address, case description and other data that was entered and might include personal data;
(g) technical / statistical information about the type of computer the person is using; information about the visits to, and use of, this Website and other sites by the person before landing on our site e.g. the Google search engine. We may also process other technical or statistical data about the computer being used to visit our Website including but not limited to things like: IP addresses (dynamic or static), geographical location, browser type, length of visit and the number and type of pages viewed.
(h) e-mail address needed to send newsletters and other correspondence;
(i) data that we have obtained via public platforms;
(j) data which the person has disclosed to us in the context of a job application;
(k) data related to a third party, which was provided to us by the latter, or which we can obtain in relation to any legal proceedings, etc.

We use anonymous or personal data to:

1. General Workflow
(a) investigate for a potential conflict of interests;
(b) deal with a case and/or to invoice the provided services;
(c) maintain contact with our clients regarding the provided services and for marketing communications;
(d) update the client with recovery process situation;
(e) gather statistics data and reporting for analysis;
(f) improve, analyze, develop and administer our Website;
(g) improve browsing experience by personalizing the Website;
(h) enable the use of the services available on the Website;
(i) provide third parties e.g. Google with statistical information about our Website visitors. This information will not identify any specific individual and will not contain any specific information regarding the personal data of the visitors; and
(j) deal with inquiries and complaints made by any person regarding the Website.

2. Dispute Resolution and Legal Services
(a) process claims regarding issues of unpaid invoices or outstanding balances entrusted to us by our clients concerning their customers and/or counterparties and/or partners, and proceed to the recovery of these claims;
(b) communicate and/or negotiate with customers and/or counterparties and/or partners of our clients either orally or by written communication, and support them in understanding of their claims and promote faster recovery of outstanding balances and dispute resolution;
(c) provide our lawyers with access to the data about customers and/or counterparties and/or partners of the client for filling claims to the corresponding authorities, required by our clients.

We process personal data:
(a) on the basis of a contract to provide legal and/or alternative dispute resolution services;
(b) to comply with statutory obligations as stated above;
(c) in connection with a legitimate interest of CISDRS to process personal data (as per article 6f of General Data Protection Regulations in Europe (EU Regulation 2016/679), hereinafter referred to as "GDPR"), as far as we assist our client in recovery of outstanding balances. As a creditor, our client also has a legitimate interest in recovering his claim.

We also ensure that the appropriate guarantees are put in place to respect the balance of the interests of the involved parties.

To the extent that we process any sensitive personal information relating to you for any of the purposes outlined above, we will do so because either: (i) you have given us your explicit consent to process that data; (ii) the processing is necessary for the establishment, exercise or defense of legal claims or (iii) you have made the data manifestly public.

In case we are legally required to obtain your explicit consent to provide you with certain marketing materials, we will only provide you with such marketing materials where we have obtained such consent from you. If you do not want to continue receiving any marketing materials from us, you can unsubscribe from receiving of such materials.

To provide our services, we:
(a) share data with the creditor and other controllers or processors for the sole purpose of recovering the outstanding balance: lawyers, assignees, collection agents, other service providers and third parties which are important and can affect for our legal services, including but not limited to courts, regulatory, enforcement or government agencies, etc.; and
(b) share data with local or foreign subcontractors according to the needs of claims management; and
(c) use the services of a provider of hosting services for the application and IT tools.

We will not retain personal data for longer than is strictly necessary to achieve the purposes referred to in this Privacy Policy. We will retain administrative data for one (1) year after a case file is closed.

We have taken the necessary technical and organizational measures to protect personal data against, among other things, loss, destruction or damage and to prevent prohibited or unlawful processing or disclosure of data.

Data transfers outside the European Union are based on standard contractual clauses when the country to which the data is transferred does not offer adequate protection as required by GDPR.

All data subjects have the right of access, rectification and right to object.

In accordance with GDPR, data subjects have the right to obtain access to and rectification of their personal data, and if the legal conditions allow it, erasure of personal data.

Data subjects have the right to object, for legitimate reasons, to the processing of their data, unless the processing meets a legal obligation.

CISDRS is at your disposal to examine your requests; please contact us by email at support@cisdrs.com. We will get back to you within one month.

We use cookies on the Website to help us understand how our Website is being used and to develop it for a better experience. A cookie is a computer file that is sent by a web server to a web browser when someone logs onto a website. Cookies are stored by the website visitor's browser – e.g. Chrome, Internet Explorer, Safari – until they automatically expire or until they are deleted by the website visitor.

The information collected by the cookies is sent back to the web server each time the browser requests a page from the server. This enables the web server to identify and track how the web browser is using our Website.

The cookies we use allow us to understand things such as which pages a visitor views, for how long and how a visitor came to the Website (from which source e.g. Google, Twitter, Facebook or from a review Website). They cannot identify a specific person's identity. They only collect anonymous data about how a person is using our Website.

If you are concerned about allowing cookies to be stored on your browser, even temporarily, most browsers now recognize when a cookie is offered and will permit you to refuse or accept them.

You can, by default, set your browser to permanently block cookies from any Website from being placed on your browser, but doing this may cause some functionality to be lost and the Website may not look as intended in your browser.

You might also wish to visit the Information Commissioner's website to find out more about cookies.