Confidentiality & NDA Policy

Effective Date: October 2025

1 / Purpose and Principles

ZY IMMO Capital Ltd (“we”, “us”, “our”) maintains the highest standards of confidentiality, transparency, and data security across all collaborations. As a SaaS PropTech platform, we handle information shared by investors, developers, legal professionals, and partners exclusively for legitimate business and operational purposes, in line with the General Data Protection Regulation (EU 2016/679) and the Cyprus Data Protection Law 125(I)/2018.

2 / Definition of Confidential Information

“Confidential Information” refers to all non-public, proprietary, or sensitive data exchanged during cooperation, including:

• Business, financial, or investment information;
• Operational, marketing, and client data;
• Technical and infrastructural details of the ZY IMMO digital ecosystem;
• Partnership documentation, NDAs, or investor materials;
• Personal data within the meaning of GDPR Article 4(1).

3 / Mutual Obligations

• Each party must protect Confidential Information and refrain from disclosure to unauthorised third parties without prior written consent, unless legally required.
• Information may be used solely to fulfil contractual or collaborative purposes defined by the parties.
• Both parties must apply a level of care equal to or greater than that used to protect their own confidential information.
• Any unauthorised access, loss, or disclosure must be reported immediately to the disclosing party.
• Personal data are processed lawfully, fairly, and transparently in accordance with GDPR Articles 5 and 6.

4 / Duration of Confidentiality

Confidentiality obligations apply throughout the cooperation and remain effective for at least three (3) years after its termination, unless a different period is agreed in writing.

5 / Use in Marketing or Communication

Where confidential data include personal or corporate information used for communication or marketing, all processing shall follow:

• GDPR Articles 6, 7 and 21 – lawful basis and right to object to direct marketing;
• Cyprus Electronic Communications Law 112(I)/2004 – consent for electronic communications;
• All EU/Cyprus rules on unsolicited communication and cross-border data transfers (GDPR Articles 44–49).

6 / Cross-Border Data Transfers

Any transfer of Confidential Information or personal data outside the EEA follows GDPR Chapter V and, where required, is governed by EU Standard Contractual Clauses. Prior notification to the Office of the Commissioner for the Protection of Personal Data (Cyprus) may be required for specific data categories.

7 / Return or Deletion of Data

Upon completion or termination of cooperation, each party must return or permanently erase all Confidential Information, unless legal retention obligations apply.

8 / Breach and Liability

Any breach of confidentiality may result in civil and criminal liability under Cyprus and EU law. ZY IMMO Capital Ltd reserves the right to seek injunctive relief and damages. Sanctions for violations of data-protection obligations may be imposed under Article 83 GDPR and the Cyprus Data Protection Law 125(I)/2018.

9 / Contact

All confidentiality and data-protection communication is handled through the official Telegram environment of ZY IMMO Capital Ltd. No email correspondence is required or accepted for sensitive matters.

© 2025 ZY IMMO Capital Ltd · Reg. No. HE 475591 · Limassol, Cyprus · All rights reserved.