Privacy Policy for Cyprus Hospitality Jobs (Panimax Recruitment Ltd)

PANIMAX RECRUITMENT LTD is a limited liability company registered in the Republic of Cyprus with registration number HE 372564 and registered address at 4 Arh. Makariou III Ave, Shop 1, Polis Chrysochous, 8820, Paphos, Cyprus, which aims to connect Job Seekers and Employers through available positions posted on our website.


  •  We are committed to complying with the General Data Protection Regulation of the EU (“GDPR”) and the Cypriot laws and regulations, in regards to the processing of the personal data.
  • Personal data means any data relating to an identified or identifiable natural person.
  • Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • We, our, us, the firm, mean: PANIMAX RECRUITMENT LTD, HE 372564.
  • You, your mean: the users of our website and services.


  • Basic data about you such as your name, surname, address, e-mail address, telephone number, date of birth, job title, work experience, skills, academic qualifications, preferences, interests and any other data that can be extracted from the CV you may provide to us.
  • Data from your responses to surveys and/or assessments administered through our website.
  • Data about your hardware and software such as your IP address, the web pages which you have viewed and other technical data.
  • Generally, any data that you provide to us.

We collect your personal data:

  • when you seek or use our services,
  • when you contact or request data from us,
  • when you apply for employment,
  • when you use our website or other technology tools, via cookies, server logs and other similar technologies,
  • when you provide to us such data,
  • when you offer services to us.

i. Purposes

  • To provide our services to you and/or to accept your services offered to us.
  • To communicate with you for marketing and sales purposes.
  • To inform you about our terms and conditions and/or our privacy policy and/ or to respond to you when you contact us and/or when you apply for employment, so as to ensure that we provide the very best services to you.
  • To ensure security in our IT and communication systems, for a smooth and safe environment.
  • To provide and improve our website (e.g. to determine how effective is the content of our website, how it is used by the visitors, which pages are more attractive etc.) so that we can provide to you the very best services and identify ways to grow our business.
  • To comply with court orders, other judicial process and/or similar process, the requirements of a regulating/supervising/public authority and/or defend our legal rights or to protect the rights of third parties.
  • For any other relevant or ancillary purpose to the above and/or any other purposes agreed by or notified to you.

ii. Legal Grounds for Processing

  • The performance of the contract which we are about to enter or we may have entered into with you.
  • When you have given your consent.
  • For the purposes of the legitimate interests pursued by us or by a third party, and they are not overridden by your interests or fundamental rights and freedoms which require protection of personal data.
  • To comply with a legal obligation to which we are subject.

Failure or refusal from you to provide the personal data requested by us on any of the aforesaid
circumstances may render us unable to respond to your request or provide you with our services
and you will be informed accordingly.

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it.
The criteria we use to determine whether we should retain your personal data includes:

  • the nature of the personal data
  • its perceived accuracy
  • our legal obligations
  • the potential risk of harm from unauthorised use or disclosure of your personal data;

In any case, we will not keep your personal data for more than 7 years. However, there are cases that we may keep your personal data for longer than 7 years to preserve evidence that may be needed for the establishment, exercise or defence of legal claims or other proceedings that are about to start or have not come to a conclusion.

You have the following rights:

  • To access your personal data. This enables you to receive a copy of the personal data we hold about you and check that we are lawfully processing it. We may charge you a reasonable administrative fee for any additional copy of the data you may request.
  • To request rectification of inaccurate personal data concerning you. Please note that we will not be responsible for any loss to you and/or any third party that may arise due to any inaccurate, incomplete or misleading data which you provided to us.
  • To request erasure of your personal data. This enables you to ask us to delete or remove personal data where:
    • i. there is no good reason for us continuing to process it.
    • ii. You withdraw your consent when the processing is based on your consent and there is no other legal ground for the processing.
    • iii. you have successfully exercised your right to object to processing (see below),
    • iv. we may have processed your data unlawfully.
    • v. where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • To restriction of processing when:
    • i. you contest the accuracy of your personal data for a period enabling us to verify the accuracy of the personal data or
    • ii. the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead
    • iii. we no longer need the personal data for the purposes of the processing, but we are required by you for the establishment, exercise or defence of legal claims
    • iv. you have objected to processing but we need to verify whether we have overriding legitimate grounds to use it. Note, however, that we may not always be able to comply with your request of restriction for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • To data portability. Briefly you have the right to receive the personal data concerning you, which you provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party without hindrance. Please note that this right only applies where the processing is based on your given consent or is necessary for the performance of a contract to which you are a party and the processing is carried out by automated means.
  • To object on grounds relating to your particular situation, at any time to processing of personal data concerning you, based on
    • i. processing which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
    • ii. processing which is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data. In these situations, we no longer process the personal data except if there are compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Additionally, where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
  • To request withdrawal of your consent at any time where the processing is based on your given consent. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
  • To lodge a complaint with the supervisory authority in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that your rights under the GDPR are infringed. In Cyprus the supervisory authority is the Commissioner of the Protections of Personal Data in Nicosia.

Please note that some of the above rights are subject to exceptions under the GDPR, the EU law and the national law and the firm reserves fully its rights to refuse exercising your requests and inform you accordingly (e.g. in connection with establishing, exercising and defending legal claims and/or meeting our legal obligations and/or protecting other natural or legal persons).Please also note that as a rule, we do not make decisions based solely on automated processing, including profiling, without human intervention, which produces legal effects concerning you or similarly significantly affects you. If we use automated procedures in certain cases, we will inform
you of this separately to this privacy notice provided that is prescribed by law.
To exercise your rights, please contact us at [email protected]

We can share your personal data with our employees, associates or affiliates and certain third
parties, like:

  • Intended employers, businesses, agencies, organizations, human resources consultants, etc. who seek or use our services (hereinafter for the purposes of this paragraph called ‘the party’). In the case where you apply for a job though our website, your personal data may become part of the database of ‘the party’ and will be processed according to their privacy policy.
  • Any service providers to the firm including professional advisors, auditors, lawyers, professional indemnity or other relevant insurers, bank or financial institutions, IT service providers or software providers, document and data storage providers, word processing providers, translation providers, photocopying providers, etc. In such a case, we do not permit them to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

We might also share your personal data with:

  • Government or regulatory or supervisory authorities, courts, or the police, when we are required by the laws and regulations or judicial or official requests to do so, or when required for the investigation of actual or suspected fraudulent or criminal activities.

Please note that this is not an exhaustive list and there may be other parties we need to share your personal data with in order to provide our services as effectively as we can.
In case your personal data will be transferred to a country outside the EU, we will ensure that they will remain protected in accordance with the GDPR.

We may change our privacy policy from time to time. If so, we will post it on this page. If we make any material changes we will notify you personally by e-mail. However we do encourage you to periodically review our privacy policy.

We endeavour to take the appropriate organizational and technical measures for the security and protection of the data. We do our best to ensure that the data are secure by preventing unauthorized access, disclosure, copying, use or modification and loss or theft using reasonable electronic and physical security safeguards and procedures.

The laws of the Republic of Cyprus apply to any matter related with the privacy policy and the
Cypriot Courts shall have exclusive jurisdiction for any issue that might arise.

Please send us an email to [email protected] or call us on +357 26101026.