Latest News

DORA - Digital Operational Resilience Act
18 February 2022
EU introduces a comprehensive regulatory framework on digital operational resilience in the financial sector.

Read More
Complaint for lack of organizational security measures
26 January 2022
Complaint for lack of organizational security measures by former employee results in violation of the GDPR Regulation.

Read More
Developments on penalties imposed for GDPR violations in 2021
20 January 2022
This article briefly sets out general overview of the fines imposed for GDPR violations in 2021 and how they increased compared to 2020.

Read More
CCTV Surveillance within Private Properties
21 December 2021
This article briefly sets out the guidelines of the Commissioner for Personal Data Protection, Irini Loizidou, for the use CCTV surveillance in private properties.

Read More
The World of Cookies and Data Protection Rules
29 September 2021
As we live in the information era, it is becoming ever more difficult to protect our personal data as they are accessed by countless of websites.

Read More
Cost of Cyberattacks: Protecting Businesses in the Age of Digitalisation
28 September 2021
This article briefly examines what businesses can and should do to prevent cyberattacks and sufficiently limit their damages from cyberattacks and ensure GDPR compliance.

Read More
Issues surrounding GDPR compliance of Blockchain Technologies
16 September 2021
Blockchain technology, has come to prominence since the creation of Bitcoin back in 2009. In sum, Blockchain is a decentralized, distributed ledger system that stores and records information in blocks.

Read More
Harris Kyriakides announces three new partners, effective September 1, 2021
15 September 2021
The new partners are Andrea Newton, Eleni Neoptolemou and Ioanna Leonidou.

Read More
Virtual Voice Assistants: Allowing for technological advancement while maintaining GDPR compliance
13 September 2021
The European Data Protection Board recently issued guidelines regarding requirements of Virtual Voice Assistants (VVA) to be GDPR compliant (the Guidelines).

Read More
International agreements of EU Member States and the transfer of personal data - an obligation under review
09 June 2021
This article reviews the announcement of the European Data Protection Board on the transfer of personal data on the basis of legal obligations deriving from international agreements.

Read More
Imposition of an administrative fine on the Board of Registered Realtors
04 June 2021
This article briefly discusses the imposition of an administrative fine by the Cyprus Data Protection Commissioner on the Board of Registered Realtors for failure to meet data subject request.

Read More
Targeting Social Media Users and GDPR
31 May 2021
With the increased use of social media and developing targeting techniques offered by social media providers, the European Data Protection Board (EDPB) has updated its guidelines on the targeting of social media users issued in 2020.

Read More
Issuance of a 'Green Digital Certificate' and Use of Sensitive Personal Data
20 May 2021
The present article examines the suggested issuance of a "Digital Green Certificate" by the European Community and addresses certain data protection concerns regarding the issuance of such certificates.

Read More
EU-US Privacy Shield invalidated by the Court of Justice of European Union
02 March 2021
On July 16, 2020, the Court of Justice of the European Union (the CJEU) in the case of Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems (the Schrems Case) issued a landmark ruling invalidating EU-US Privacy Shield.

Read More
Developments on penalties imposed on financial institutions for GDPR violations in Cyprus
09 February 2021
Due to significance of the violations under GPDR, the Commissioner considered that imposition of a fine to the financial institution is appropriate in the situation.

Read More
Two-tier System of Cooperation for Effective Enforcement of GDPR
02 February 2021
On November 26, 2020, Belgian Data Protection Authority (DPA) and DNS Belgium, the organization managing the “.be” domain, signed a cooperation agreement.

Read More
The Right of Access to Public Sector Information Law of 2017 (184(I)/2017)
25 January 2021
The Right of Access to Public Information Law of 2017 (184(I)/2017) (the Law) has entered into force on the 22^nd of December 2020.

Read More
Questions about preventive measures for covid-19
24 November 2020
The Commissioner of Personal Data Protection has answered in a recent announcement frequently asked questions about preventive measures for covid-19.

Read More
Fines under the GDPR: The Danish example
05 November 2020
General Data Protection Regulation (GDPR) governs the collection of data related to people in the EU and it imposes obligations on EU countries but is applicable to any and all organisations that target or collect data on EU persons.

Read More
The right to be forgotten is once more violated by Google
27 October 2020
The right to be forgotten provided under Article 17 of the General Data Protection Regulation (GDPR) was found by the Swedish Data Protection Authority (DPA) to be violated by the famous search result giant Google.

Read More
Investigations on private companies for data protection compliance purposes
24 July 2020
On 13 July 2020 the Commissioner for Personal Data Protection announced that she will soon commence investigations on private companies in order to evaluate whether the General Data Protection Regulation (EU) 2016/679 is properly applied.

Read More
European Commission publishes evaluation report on the General Data Protection Regulation
01 July 2020
The European Commission (Commission) published on 24 June 2020, just over two years of its entry into application, the first evaluation report on the General Data Protection Regulation (GDPR).

Read More
Blockchain and GDPR: Compliance or Tension?
07 May 2020
Fundamental aspects of the blockchain technology seem to be incompatible with the data protection regulation. Before its widespread adoption and implementation these aspects shall be considered.

Read More
First Standard Contractual Clauses for Contracts between Controllers and Processors
20 March 2020
The European Data Protection Board (the EDPB) has been actively cooperating with the National Supervisory Authorities in an effort to implement a more harmonized approach regarding standard contractual clauses (SCCs) for contracts between controllers and processors used internationally.

Read More
First Standard Contractual Clauses for Contracts between Controllers and Processors
20 March 2020
The European Data Protection Board (the EDPB) has been actively cooperating with the National Supervisory Authorities in an effort to implement a more harmonized approach regarding standard contractual clauses (SCCs) for contracts between controllers and processors used internationally.

Read More
First Standard Contractual Clauses for Contracts between Controllers and Processors
20 March 2020
The European Data Protection Board (the EDPB) has been actively cooperating with the National Supervisory Authorities in an effort to implement a more harmonized approach regarding standard contractual clauses (SCCs) for contracts between controllers and processors used internationally.

Read More
The GDPR: new opportunities, new obligations
10 January 2020
What every business needs to know about the EU's General Data Protection regulation.

Read More
The Outcome of the Assessment in GDPR Compliance in the Public Sector
16 December 2019
On October 11th, 2019, the Commissioner for personal data protection announced the results of an assessment conducted on the level of compliance with the provisions of the Regulation (EU) 2016/679 and the Law 125(I)/2018 in the Public Sector.

Read More
GDPR violation concerning consent declarations
16 September 2019

On 30th July 2019 the Greek Data Protection Authority has published an important decision on consent declarations concerning the processing of employees’ data. Our GDPR discusses the guidance issued by the Greek Data Protection Authority and its possible ramifications for Cyprus businesses.

Read More
Administrative Arrangements under GDPR
12 September 2019

On 12 February 2019, the European Data Protection Board (EDPB) adopted its first opinion (the Opinion) on an administrative arrangement, which provides a new mechanism for the transfer of personal data between European Union (EU) financial supervisory authorities and securities agencies and their non-EU counterparts.

Read More
Interplay Between the ePrivacy Directive and the GDPR
01 July 2019

The European Data Protection Board published an opinion on the interplay between the EU Directive on Privacy and Electronic Communications and the General Data Protection Regulation to generally clarify whether the processing of personal data triggers the material scope of both the GDPR and the ePrivacy Directive.

Read More
Guidance on Protection of Non-personal Data
25 June 2019

The European Commission has published a guidance to help to clarify the interaction between two sets of rules for free flow of personal and non-personal data as well as mixed data sets.

Read More
Report of the Personal Data Protection Commissioner for the Insurance Sector
24 June 2019

Following an audit carried out in the insurance sector, the Commissioner for Personal Data Protection (the Commissioner) published her findings about the improvements to be made and accomplished before the end of June.

Read More
Electronic direct marketing and the issues arising from GDPR and the e-Privacy Directive
13 May 2019
Companies are increasingly using marketing to promote their products and services not only to their existing customers but also to potential ones. This is the purpose of the electronic marketing, to target individuals using digital methods, such as text messages or emails.

Read More
Key Steps to protect your business from a personal data breach
11 January 2019
Read More
Announcement by the Commissioner for Personal Data Protection
28 December 2018
Read More
CCTV monitoring and the GDPR: Opinion 2/2018 of the Personal Data Protection Commissioner
22 November 2018
Read More
Data Subjects' Consent: Announcement published by the Commissioner for Personal Data Protection
05 November 2018
Read More
ERA Summer Course on the European Data Protection Law
08 October 2018
Read More
Law 125(I)/2018, officially published in the Cyprus Government Gazette
21 August 2018
Read More
Cyprus to regulate online gambling
31 October 2016
Read More

View All

COVID-19

Data Processing in the Re-opening of Businesses
25 May 2020
On May 11, 2020, the UK Information Commissioner’s Office (ICO) published guidance on how employers should handle data in the event they choose to test their employees for COVID-19 on return to work.

Read More
COVID-19 and GDPR
28 March 2020
Governments, public and private organisations throughout Europe are taking measures to try to contain and mitigate COVID-19 and its consequences including processing sensitive personal data. However, they should still keep GDPR and its obligations in mind in the time of COVID-19.

Read More

View All

PUBLICATIONS & COMMENTARIES

Casual electronic communications at the workplace concerning business issues
25 February 2020
Our Data Protection and Cyber Law team discusses a number of legal risks arising from communications at the workplace which do not adhere to proper data and communication policies.

Read More
Processing Activities subject to a Data Protection Impact Assessment
24 February 2020
Our GDPR team discusses the opinion issued by the European Data Protection Board on the list of processing activities that are subject to a requirement of data protection impact assessment.

Read More
Transfer of Personal Data in the UK after Brexit
18 February 2019
As already known, on the 30th March 2019, the United Kingdom (UK) is leaving the European Union (EU)

Read More
Post GDPR: Cyprus Supreme Court directions on the Online Publication of Court decisions
10 December 2018
Right after the new General Data Protection Regulation (“GDPR”) came into force, many debates were initiated regarding its limits

Read More
New European legal framework on Processing of Personal Data
09 May 2016
Read More
Chapter on Cyprus Telecommunications Laws
20 January 2016
Read More
Better protection for trade secrets in the EU
13 December 2013
Read More

View All

Data Protection & Cyber Law

We advise on matters related to Data Privacy, GDPR (General Data Protection Regulation 2016/679) and Cyprus Cyber Law compliance, software and hardware licensing, development, procurement, governance, e-commerce, information technology projects, data privacy and dispute resolution. We also provide cyber risk advisory and clarity on how manage cyber risk and regulations, so that organizations adapt to the new challenges and risks that they may face. We produce client briefings covering the Cyprus jurisdiction and assist on multinational projects. We have serviced many GDPR compliance projects for businesses of every sector of the economy. GDPR compliance is great importance nowadays and help organizations build trust with clients, so the compliance must be first priority to every company.

As Privacy Minders we draft organizations policies and guidelines (e.g data protection and security policies, privacy notices, data breach notification procedures), advising on implementing the appropriate organizational and technical measures to demonstrate compliance. We also provide GDPR training sessions customize to the needs of your company, so employees can handle the personal data in the right manner and requirements of the GDPR.

In addition, we represent clients in matters related to violations or investigations pending before the Commissioner for Personal Data Protection and we pursue related complaints on behalf of aggrieved clients. In that respect, we also advise on the protection of both personal and sensitive business data against its unauthorised and illegal collection, use, storage, disclosure, transfer and destruction and further use. We counsel clients on complex issues associated with legal compliance and business strategy relating to privacy and security risk management, developing internal policies and procedures, and cyber security and technology transactions.

Our clients include large corporate, government and specialist internet or data-rich companies operating across a broad range of sectors both in Cyprus and abroad.

BACK TO EXPERTISE

Expertise

Cross Border Insurance Claims following Brexit, time for Insurers to turn to arbitration?

Establishment of the Commercial Court and Admiralty Court

Assistance to seafarers affected by the situation in Ukraine in opening bank accounts in Cyprus

The Purchase and Sale of Credit Facilities and Related Matters (Amended) Law of 2021

Cyprus issues guidance to banks, professionals and individuals concerning economic sanctions

EVENTS

Harris Kyriakides organises webinar on Termination of Employment during the COVID -19 Pandemic

Harris Kyriakides and Epsilaw organise a webinar on Termination of Employment during the COVID -19 Pandemic

NPL Management Greece Summit

Book presentation - Cyprus Banking Law

Harris Kyriakides organises webinar on recent decisions of the Cyprus Tender Review Authority

PUBLICATIONS & COMMENTARIES

International Comparative Legal Guide - Drug & Medical Device Litigation 2022

New Publication On Alternative Sentencing

The International Comparative Legal Guide – Environment & Climate Change Law 2022

Harris Kyriakides contributes to World Bank Global Indicators Survey

Legal 500 Cyprus Public Procurement Guide 2022

Latest News

COVID-19

PUBLICATIONS & COMMENTARIES

Data Protection & Cyber Law

TEL:

TEL:

TEL:

TEL:

TEL:

TEL:

Nicosia

Larnaca

Limassol

Paphos

Paralimni

Expertise

EVENTS

PUBLICATIONS & COMMENTARIES

Latest News

COVID-19

PUBLICATIONS & COMMENTARIES

Data Protection & Cyber Law

Key People

TEL:

TEL:

TEL:

TEL:

TEL:

TEL:

Nicosia

Larnaca

Limassol

Paphos

Paralimni