On the 29th of November 2018, the Commissioner for Personal Data Protection in Cyprus, made an official announcement, noting the following:
A. Organisations have proceeded to the appointment of Data Protection Officers (“DPOs”) but they neglected to educate them or inform them regarding their duties and responsibilities;
B. Public authorities and organisations have not completed the relevant registry of Article 30 of GDPR.
Taking the above into consideration, the Commissioner has announced the commencement of a campaign targeting both public and private organisations. The aim is to verify that every organisation, obliged by the relevant clauses, has appointed a DPO and that the completed Registry is available in both hard copy and electronic format.
More information can be accessed here.