Privacy (GDPR) and Data Protection
Data protection refers to the right to privacy and the right to determine how your personal data is used. On 25 May 2018 new data protection regulations entered into force in Cyprus with the adoption of the EU’s General Data Protection Regulation (GDPR). The Regulation will impose new and more stringent requirements on enterprises.
Companies doing business with or in the EU or marketing goods and services to EU residents must update how they collect, handle and secure information that identifies a natural person, such as name, address or email address, or they risk facing heavy fines and penalties. Penalties may even be criminal in nature and even companies that are not located in the EU may be impacted as their EU client companies and suppliers may require compliance as a condition of continued business. Breaches of data protection regulations can result in loss of reputation, being reported to the authorities, liability to pay compensation, and fines from the Cyprus Data Protection Authority. The EU’s new Data Protection Regulation will increase these fines to the greater of EUR 20 million and 4 per cent of a company’s global sales.