Questions about preventive measures for covid-19
24 November 2020
The Commissioner of Personal Data Protection has answered in a recent announcement frequently asked questions about preventive measures for covid-19.
Read MoreFines under the GDPR: The Danish example
05 November 2020
General Data Protection Regulation (GDPR) governs the collection of data related to people in the EU and it imposes obligations on EU countries but is applicable to any and all organisations that target or collect data on EU persons.
Read MoreThe right to be forgotten is once more violated by Google
27 October 2020
The right to be forgotten provided under Article 17 of the General Data Protection Regulation (GDPR) was found by the Swedish Data Protection Authority (DPA) to be violated by the famous search result giant Google.
Read MoreInvestigations on private companies for data protection compliance purposes
24 July 2020
On 13 July 2020 the Commissioner for Personal Data Protection announced that she will soon commence investigations on private companies in order to evaluate whether the General Data Protection Regulation (EU) 2016/679 is properly applied.
Read MoreEuropean Commission publishes evaluation report on the General Data Protection Regulation
01 July 2020
The European Commission (Commission) published on 24 June 2020, just over two years of its entry into application, the first evaluation report on the General Data Protection Regulation (GDPR).
Read MoreBlockchain and GDPR: Compliance or Tension?
07 May 2020
Fundamental aspects of the blockchain technology seem to be incompatible with the data protection regulation. Before its widespread adoption and implementation these aspects shall be considered.
Read MoreFirst Standard Contractual Clauses for Contracts between Controllers and Processors
20 March 2020
The European Data Protection Board (the EDPB) has been actively cooperating with the National Supervisory Authorities in an effort to implement a more harmonized approach regarding standard contractual clauses (SCCs) for contracts between controllers and processors used internationally.
Read MoreFirst Standard Contractual Clauses for Contracts between Controllers and Processors
20 March 2020
The European Data Protection Board (the EDPB) has been actively cooperating with the National Supervisory Authorities in an effort to implement a more harmonized approach regarding standard contractual clauses (SCCs) for contracts between controllers and processors used internationally.
Read MoreFirst Standard Contractual Clauses for Contracts between Controllers and Processors
20 March 2020
The European Data Protection Board (the EDPB) has been actively cooperating with the National Supervisory Authorities in an effort to implement a more harmonized approach regarding standard contractual clauses (SCCs) for contracts between controllers and processors used internationally.
Read MoreThe GDPR: new opportunities, new obligations
10 January 2020
What every business needs to know about the EU's General Data Protection regulation.
Read MoreThe Outcome of the Assessment in GDPR Compliance in the Public Sector
16 December 2019
On October 11th, 2019, the Commissioner for personal data protection announced the results of an assessment conducted on the level of compliance with the provisions of the Regulation (EU) 2016/679 and the Law 125(I)/2018 in the Public Sector.
Read MoreGDPR violation concerning consent declarations
16 September 2019
On 30th July 2019 the Greek Data Protection Authority has published an important decision on consent declarations concerning the processing of employees’ data. Our GDPR discusses the guidance issued by the Greek Data Protection Authority and its possible ramifications for Cyprus businesses.
Read MoreAdministrative Arrangements under GDPR
12 September 2019
On 12 February 2019, the European Data Protection Board (EDPB) adopted its first opinion (the Opinion) on an administrative arrangement, which provides a new mechanism for the transfer of personal data between European Union (EU) financial supervisory authorities and securities agencies and their non-EU counterparts.
Read MoreInterplay Between the ePrivacy Directive and the GDPR
01 July 2019
The European Data Protection Board published an opinion on the interplay between the EU Directive on Privacy and Electronic Communications and the General Data Protection Regulation to generally clarify whether the processing of personal data triggers the material scope of both the GDPR and the ePrivacy Directive.
Read MoreGuidance on Protection of Non-personal Data
25 June 2019
The European Commission has published a guidance to help to clarify the interaction between two sets of rules for free flow of personal and non-personal data as well as mixed data sets.
Read MoreReport of the Personal Data Protection Commissioner for the Insurance Sector
24 June 2019
Following an audit carried out in the insurance sector, the Commissioner for Personal Data Protection (the Commissioner) published her findings about the improvements to be made and accomplished before the end of June.
Read MoreElectronic direct marketing and the issues arising from GDPR and the e-Privacy Directive
13 May 2019
Companies are increasingly using marketing to promote their products and services not only to their existing customers but also to potential ones. This is the purpose of the electronic marketing, to target individuals using digital methods, such as text messages or emails.
Read MoreKey Steps to protect your business from a personal data breach
11 January 2019
Read MoreAnnouncement by the Commissioner for Personal Data Protection
28 December 2018
Read MoreCCTV monitoring and the GDPR: Opinion 2/2018 of the Personal Data Protection Commissioner
22 November 2018
Read MoreData Subjects' Consent: Announcement published by the Commissioner for Personal Data Protection
05 November 2018
Read MoreERA Summer Course on the European Data Protection Law
08 October 2018
Read MoreLaw 125(I)/2018, officially published in the Cyprus Government Gazette
21 August 2018
Read MoreCyprus to regulate online gambling
31 October 2016
Read MoreData Processing in the Re-opening of Businesses
25 May 2020
On May 11, 2020, the UK Information Commissioner’s Office (ICO) published guidance on how employers should handle data in the event they choose to test their employees for COVID-19 on return to work.
Read More28 March 2020
Governments, public and private organisations throughout Europe are taking measures to try to contain and mitigate COVID-19 and its consequences including processing sensitive personal data. However, they should still keep GDPR and its obligations in mind in the time of COVID-19.
Read MoreCasual electronic communications at the workplace concerning business issues
25 February 2020
Our Data Protection and Cyber Law team discusses a number of legal risks arising from communications at the workplace which do not adhere to proper data and communication policies.
Read MoreProcessing Activities subject to a Data Protection Impact Assessment
24 February 2020
Our GDPR team discusses the opinion issued by the European Data Protection Board on the list of processing activities that are subject to a requirement of data protection impact assessment.
Read MoreTransfer of Personal Data in the UK after Brexit
18 February 2019
As already known, on the 30th March 2019, the United Kingdom (UK) is leaving the European Union (EU)
Read MorePost GDPR: Cyprus Supreme Court directions on the Online Publication of Court decisions
10 December 2018
Right after the new General Data Protection Regulation (“GDPR”) came into force, many debates were initiated regarding its limits
Read MoreNew European legal framework on Processing of Personal Data
09 May 2016
Read MoreChapter on Cyprus Telecommunications Laws
20 January 2016
Read MoreBetter protection for trade secrets in the EU
13 December 2013
Read MoreWe advise on matters related to software and hardware licensing, development, procurement, governance, e-commerce, information technology projects, data privacy and dispute resolution. We produce client briefings covering the Cyprus jurisdiction and assist on multinational projects.
In addition, we represent clients in matters related to violations or investigations pending before the Commissioner for Personal Data Protection and we pursue related complaints on behalf of aggrieved clients. In that respect, we also advise on the protection of both personal and sensitive business data against its unauthorised and illegal collection, use, storage, disclosure, transfer and destruction and further use. We counsel clients on complex issues associated with legal compliance and business strategy relating to privacy and security risk management, developing internal policies and procedures, and cyber security and technology transactions.
Our clients include large corporate, government and specialist internet or data-rich companies operating across a broad range of sectors both in Cyprus and abroad.
Follow us