GDPR Cyprus | GDPR Website Compliance

When you are considering the registration process for your e-shop, you always need to remember the word why. This means that you always have to ask why you need this data or the other. Make yourself questions about the personal data you are collecting, like: Is the data important to acquire, will these data help to process the customers' order, otherwise you might consider not asking for it. Always inform your client about the use of their data and how it will be used (i.e. to provide better services for their prospective customers).
If third parties are participating in the design of the e-shop, inform your clients to read their privacy policy, hence, increasing their data protection.
Always be ready to answer your clients’ question concerning the transfer of data, what happens in the case of a data breach, erasing data, etc.
Finally, make sure that the consent given by the customer to collect their personal data is clearly evidenced if asked for.

Update your privacy policy to comply with GDPR Cyprus. You will read more about this in the following section.
Proceed with data encryption to better enhance the protection of data. Remember that all consent boxes in forms have to be unchecked so that it can be proven that the users willingly opt-in. Always be ready to act in case there has been a breach of conditions, notify your client and thus, enhance trust for your business.

Let your privacy policy be clearly and simply updated including all information regarding the new GDPR Cyprus. Inform your clients about the Data Protection Officer (DPO), a person always available to be contacted by your customers should they have any questions, requirements or complaints.
If you have an app connected to your business, make sure you extend data protection to better secure their online experience.
Should your business no longer need data that was initially acquired by the user, proceed to erase them, thus activating the right to be forgotten. State clearly how long you keep your user’s data, how they are used and if there is a case of them being sold or transferred to third parties.

Every website uses cookies to enhance the user’s experience. Under GDPR Cyprus cookies are still used while you visit a website and data such as your IP address, your browser’s type, your actions on the website are all stored in a small file. Such data is considered personal and as previously mentioned a minimum of them should be used.
It is a nice idea to inform users about the use of cookies on your website, especially for the first time they are visiting. If you are using cookies for different purposes regarding your website, the user must be clearly be informed in the cookies policy of your website.
Visitors of your website should be given an option to browse without their activities being recorded by cookies. In this way, based on the GDPR cookie consent policy you should give users the choice to accept or reject cookies and have a way to block both local and third-party cookies until the visitor consents to their use. Even if the user consents to the use of cookies he must be given the right to edit and modify his choice while browsing. This applies to both website guest and registered users and their consent to cookies policy should be recorded by the system in logs.

You can use the internet marketing Cyprus services of JCSL Ltd to establish efficient remarketing. This will allow your business to create targeted ads to your customers and increase your revenue. A cookie is established in the computer of the user that should comply with the aforementioned cookies policy. Remember that remarketing also falls under the GDPR Cyprus.

Regarding your email campaigns, update the contacts of your customers to see where they are geographically located. Ask for their consent while using their data and see if you are authorized to continue sending them emails. Always keep in mind that the GDPR Cyprus also refers to data acquired before 25 May 2018 so you should review them as well.

For Eshops and websites which have users registering on their website Logs of User modifications must be kept and presented when required to the GDPR authorities. User Profile modifications have to be recorded and exported in appropriate format when requested.
Furthermore, the ability must be given to the users to export their profile, delete it ( right to be forgotten GDPR regulation) and together with it all content they have created on the website.

( Contact forms, application forms e.t.c)
All website forms have to include a privacy policy checkbox to ensure that visitors completing the forms accept the privacy policy concerning the use and handling of their personal data. This consent must also be recorded and be presented if requested by GDPR authorities.
We hope to have given you an overview and some key points on the new GDPR Cyprus regulation, how your company can take measures to comply with it and continue providing an excellent experience for your customers.