Global Compliance
Discover More

Privacy Policy

Effective Date: December 9, 2025

This Privacy Policy explains how GCBS LTD (the “Company,” “We,” “Us”), acting as a GLEIF-accredited Registration Agent (RA), collects, uses, stores, and protects Personal Data in accordance with the General Data Protection Regulation (GDPR) (EU 2016/679), the Law providing for the Protection of Natural Persons with regard to the Processing of Personal Data and for the Free Movement of such Data of 2018 (Law 125(I)/2018), and the GLEIF Registration Agents Governance Framework.

1. Data Controller

1.1. Data Controller Details

The Data Controller responsible for the processing of your Personal Data is:

  • Company Name: GCBS LTD
  • Company Number: HE 469314
  • LEI: 6367000JXG942DHDPK43
  • Registered Address: 34 Makarios III Avenue, 2nd Floor, Flat 203, Hadjiyiannis Building, 3065 Limassol, Cyprus.
  • Website: www.g-cbs.com
  • Data Protection Contact: support@g-cbs.com

1.2. Global Operations

GCBS LTD operates globally and serves as the headquarters for our local specialist branches (such as LEI Registry Ltd in the UK and LEI Register GmbH in Germany). This policy applies to all data processing activities conducted by GCBS LTD in Cyprus and globally, unless a specific local policy states otherwise.

2. Data Collection, Purpose, and Legal Basis

We collect Personal Data solely for the purpose of initiating, maintaining, and renewing Legal Entity Identifier (LEI) services in compliance with global financial regulations.

2.1. Categories of Data Processed

We process the following specific categories of data based on the defined legal grounds:

  • Contact Person Data:
    • Data: Name, Title, E-mail address, and Phone number of the entity’s authorized representative.
    • Legal Basis: Contract (Article 6(1)(b) GDPR – necessary for the performance of the LEI service agreement) and Legal Obligation (Article 6(1)(c) GDPR – required by GLEIF validation protocols).
  • Legal Entity Data:
    • Data: Official Company Name, Address, Registration Number, and Level 2 (Parent) Data.
    • Legal Basis: Legal Obligation (Article 6(1)(c) GDPR – compliance with ISO 17442 standards and GLEIF regulatory mandates).
  • Payment & Billing Data:
    • Data: Transaction details, billing address, and VAT numbers.
    • Legal Basis: Contract (Article 6(1)(b) GDPR) and Legal Obligation (Article 6(1)(c) GDPR – compliance with Cyprus tax and VAT laws).
  • Technical Data & Cookies:
    • Data: IP address, browser type, device information, and cookies.
    • Legal Basis: Legitimate Interest (Article 6(1)(f) GDPR – ensuring security and functionality) and Consent (Article 6(1)(a) GDPR – for non-essential cookies, managed via our Cookie Banner).

3. Data Sharing and International Transfers

3.1. Sharing with Our Partner LOU

To issue an LEI, we must share the necessary Contact Person Data and Legal Entity Data with our accredited partner, the Local Operating Unit (LOU):

  • Partner LOU: Nasdaq CSD SE
  • LEI: 485100001PLJJ09NZT59
  • Address: Vaļņu iela 1, LV-1050, Riga, Latvia.

This sharing is strictly necessary for the validation and issuance of the LEI code.

3.2. Public Disclosure (Global LEI Index)

The Client acknowledges that strictly defined Legal Entity Data (including the LEI code, official name, address, and Level 2 parent relationships) is mandated by the GLEIF framework to be publicly available via the Global LEI Index. The Client is obligated to report accurate Level 2 data unless a valid exemption applies. Personal data of contact persons is NOT published in the public index.

3.3. Transfers Outside the EU/EEA

As GCBS LTD is based in Cyprus (EU), most operational data processing occurs within the European Economic Area (EEA).

  • Transfers to GLEIF (Switzerland): Data is transferred to the Global Legal Entity Identifier Foundation in Switzerland. Switzerland is recognized by the EU Commission as providing an adequate level of data protection (Adequacy Decision).
  • Other Third Country Transfers: Any other transfers to countries outside the EEA are performed based on Standard Contractual Clauses (SCCs) approved by the EU Commission to ensure the security of your data.

4. Data Security and Retention

4.1. Security Commitment

We maintain high technical and organizational security standards (TOMs) to protect your Personal Data against unauthorized access, loss, or alteration. Our practices align with the ISO 27001 standards and the security requirements of the GLEIF Governance Framework, including the use of encryption for data in transit and at rest.

4.2. Retention Period

We retain Personal Data only for as long as necessary to fulfill the purposes outlined in this policy and to comply with our contractual obligations towards Nasdaq CSD SE and statutory retention periods.

  • LEI Service Data: Due to regulatory requirements and our agreement with the LOU (Nasdaq CSD SE), data related to LEI issuance and maintenance is retained for a period of 10 years following the termination of the service.
  • Financial Records: In accordance with Cyprus tax and companies law, invoices and financial records are retained for 7 years.

5. Your Rights (GDPR)

As a data subject, you have the following rights concerning your Personal Data under the GDPR:

  1. Right to Access (Art. 15 GDPR): To obtain confirmation about the processing of your data and a copy thereof.
  2. Right to Rectification (Art. 16 GDPR): To have inaccurate or incomplete data corrected.
  3. Right to Erasure (Art. 17 GDPR): To request deletion of your data (“Right to be Forgotten”), provided that legal obligations (such as the mandatory 10-year retention for LEI audit trails) do not require us to keep it.
  4. Right to Restriction (Art. 18 GDPR): To request temporary limitation of processing.
  5. Right to Portability (Art. 20 GDPR): To receive your provided data in a structured, machine-readable format.
  6. Right to Object (Art. 21 GDPR): To object to processing based on legitimate interests, including direct marketing.

5.1. Filing a Complaint

We are committed to resolving any data privacy concerns you may have. We encourage you to contact us first at support@g-cbs.com.

If you believe your rights have been violated and we have not addressed your concern, you have the right to lodge a complaint with the Cyprus Supervisory Authority: Office of the Commissioner for Personal Data Protection Address: Iasonos 1, 1082 Nicosia, Cyprus Website: www.dataprotection.gov.cy

6. Policy Updates

GCBS LTD reserves the right to amend this Privacy Policy at any time to reflect changes in legal requirements or our service. The most current version will always be posted on the www.g-cbs.com website.

Amir Mechouk

CTO

Innovative and results-driven technology leader with over 20 years of experience transforming global organizations through strategic technology initiatives and digital transformation. With a proven track record of leading cross-functional teams, I excel at bridging the gap between business and technology to drive operational efficiency, scalability, and growth. My expertise spans across cloud-native solutions, AIpowered platforms, and customer-centric roadmaps, all aimed at optimizing performance and creating longterm value.

Mats Forsenberg

Owner & Founder

Mats Forsenberg is an experienced IT and technology professional with a strong track record in digital transformation, software development, and business strategy.

Over his career, he has held senior leadership roles, driving innovation and delivering complex projects for international clients. Having spent most of his life in tech, Mats founded GC after recognising that the fast‑growing compliance sector was lagging in digitalisation and automation, yet needed to remain diligent and thorough in an increasingly complex regulatory landscape.

Elena Petrova

Independent Director

Elena is a multilingual legal expert with two decades of experience advising on international structuring, corporate law, and tax frameworks. She has acted as legal counsel to several multinational firms and served on the advisory boards of compliance-focused startups.

  • Key experience: EU business law, AML/KYC, offshore/onshore structuring
  • Jurisdictions: Cyprus, Malta, UK, and UAE

Dennis Huber

Managing Director for DE

Dennis Huber, 39 years old and born in Düsseldorf, has been active as an entrepreneur in various business sectors for more than a decade. Through the continuous leadership, expansion, and strategic management of multiple companies, he has built a broad portfolio of expertise that significantly contributes to the strength, resilience, and sustainable development of his corporate group. His professional experience includes strategic business development, operational management, organizational design, and the systematic optimization of business processes. With a strong entrepreneurial mindset, sharp analytical thinking, and a comprehensive understanding of modern market dynamics, he develops sustainable corporate structures and high-performing business models. By combining multidisciplinary expertise with a solution-oriented, results-driven approach, he leads his companies with clarity, consistency, and a forward-looking vision.

CURRENT POSITION
Head of German Operations – LEIregister.de (2025 – present)
– Responsible for the German LEI registration and renewal business
– Ensuring compliance with international regulatory standards (MiFID II, EMIR)
– Implementation of technology-driven processes
– Partnerships with financial institutions and authorities
– Management of customer acquisition and long-term retention

ENTREPRENEURIAL EXPERIENCE
Founder & Managing Director – IQ Rent GmbH (2015 – present)
– Platform for real estate and mobility leasing
– Development of digital contract and payment systems

Founder & Managing Director – IQ Facility UG (2022 – present)
– Smart tech–based facility management
– IoT maintenance and monitoring systems

Founder & Managing Director – IQ ToyStore GmbH (2024 – present)
– E-commerce for educational toys
– Platform management and customer experience

Founder & Managing Director – IQ Creatives UG (2024 – present)
– Branding, design, and digital agency
– UX/UI projects in the tech environment

CORE COMPETENCIES
– Financial & compliance expertise (LEI, MiFID II, EMIR)
– SaaS / CRM integration
– Process optimization & automation
– Strategic business development
– RegTech & digital business models
– Leadership & entrepreneurship

LANGUAGES
German (native)
English (fluent)

Polina Bojilova Taliana

Managing Director for UK

Polina is a seasoned expert in corporate governance and compliance, with extensive directorship experience across the UK and Europe.

She has led governance and regulatory frameworks in the health-tech, med-tech, and financial services sectors — ensuring transparency, accountability, and adherence to industry standards.

Her career includes senior roles at leading LEI issuers, as well as organizations such as:

  • Europe Health Tech
  • PTMeditech
  • FactorChoice.net

In these positions, she has overseen compliance, risk management, and international corporate expansion.

Beyond corporate leadership, Polina is an entrepreneur — the founder of a regulated aesthetics franchise and an investor in cross-border property development.

Fluent in English, Bulgarian, Spanish, and Russian, she combines strong technical expertise in compliance and governance with the ability to navigate complex international business environments.

[TBA]

Head of Legal & Compliance

We are also recruiting a Head of Legal with expertise in EU regulatory frameworks, corporate law, and digital compliance. This role will anchor GCBS’s legal credibility and ensure best-practice governance across all client engagements.

Profile example:

  • 10+ years in legal and compliance roles, ideally in legal tech, advisory, or financial services
  • Experience with AML, GDPR, and cross-border formation/filing processes
  • Background in managing external counsel and supervising client onboarding frameworks
  • Strong communication skills with a pragmatic, solution-oriented approach

Shane Healey

Chief Financial Officer

Highly experienced professional accountant with over forty years involvement in regulated finance and accounting positions in both private and publicly listed companies in Australia, the United States and the United Kingdom.

Dr Healy has worked as employee, partner, consultant, company secretary and director in a number of firms and multi-national entities across diverse industries holding CFO, Finance Director, CEO and Chairman positions.

Darko Brzica

CMO

Darko brings over 20 years of deep technical expertise to Global Compliance, with a background in infrastructure design, cybersecurity, and artificial intelligence. He’s built scalable platforms for financial services, logistics, and SaaS businesses, and has been at the forefront of applied AI for over a decade.

  • Expert in AI workflow automation, document parsing, and compliance tech
  • Former lead architect for enterprise-grade systems in finance and e-commerce
  • Passionate about bridging the gap between automation and human service
  • Driving the technical core of Global Compliance compliance-as-a-service vision

Robert Andersson

Chief Executive Officer

With more than 15 years in executive leadership at public companies, Robert has driven IPOs, major M&A deals, and cross-border expansion in sectors like iGaming, fintech, and digital media. His leadership is built on real-world compliance experience, a passion for transparency, and a deep understanding of operational scaling in regulated industries.

  • Former CEO of Catena Media, Enlabs, and Acroud
  • Led €100M+ in funding and exits
  • Specialist in strategic growth, governance, and business transformation
  • Founded Global Compliance to simplify and modernize global compliance