The 4-year anniversary of the GDPR Regulation (EU) 2016/679, a short overview from the Office of the Cyprus Commissioner for Personal Data Protection.
It has now been four years since the day the GDPR entered our lives, on May 25, 2018. The GDPR contributes to the implementation of uniform and harmonized data protection rules in the Member States of the European Union and to the strengthening of citizens' rights and to the strengthening of their cooperation with related supervisory authorities.
At a European level, the European Data Protection Council, which is the collective body of supervisors, has issued a number of guidelines and opinions on the uniform application of the GDPR.
The office of the Commissioner for Personal Data Protection (the Office), from May 2018 until the end of April 2022, has handled 1616 complaints, of which 415 were related to unsolicited advertising messages, 305 to notifications of violations and 74 related to impact assessments.
There were 425 audits carried out, 163 Decisions were issued and administrative fines totaling €1,378,100 were imposed. In addition, the Office consulted on 143 bills and bills related to personal data and a variety of questions were answered in writing, of which 1357 were answered promptly.
It can be safely deduced from the numbers that citizens are informed about their rights, exercise them and do not hesitate to submit complaints as well as concerns about whether or not something is a legal processing of their personal data.
The Institution of the Commissioner for Personal Data Protection, which has completed 20 years of operation in our country, has the burden of monitoring the implementation of the GDPR.
The Office will continue to carry out its responsibilities and duties, with a focus on its primary goal, which is to cultivate a genuine respect for privacy in Cypriot society.