GDPR Cyprus | GDPR Website Compliance

Is your business GDPR compliant ? Your Website GDPR Compliance is a must! After all most of nowadays visitors to your business visit your website to learn and interact with you rather than your physical premises.
Contact Us
GDPR CYPRUS - Overview
Welcome to a new era of a more protected Internet World. As of 25 May 2018, the European Union issued the GDPR (General Data Protection Regulation) which is automatically implemented in all 28 member states, including Cyprus. As part of our online services, we wish to give you an overview of this new regulation and how it will affect your business. Having GDPR website compliance an essential part for your company being GDPR compliant.
The new regulation is already in force in Cyprus and affects every business and organisation. Businesses that have a website or an e-shop must give even more emphasis to the GDPR regulation as there are more issues that meet the eye that have to be considered. GDPR has revolutionised the use of data by giving the individual (data subject) more control over them.
As every reputable business should respect their clients, the new regulation
should be viewed as an opportunity for improvement rather than a regulation that has to be followed. The new regulation mainly assures that the data of the user is lawfully collected, processed and controlled. A supervisory authority is in charge of helping you solve issues regarding the new regulation and to oversee that every business complies. It is important that you take every aspect of the GDPR into consideration as fines could be up to 20 million Euros or 4% of a company’s turnover.

What is collected and why!

GDPR gives emphasis to the accuracy of the data collected as well as the safe keeping and maintenance of that data. Furthermore you need to have a clear purpose for collecting customer personal info.

Show More

Data Processing

How you process data is crucial for GDPR compliance. This must be according to the law and always by obtaining user consent. Retaining data only for the period of time needed is equally important.

Show More

Security

Data must be secured while collected and while processed. The company in question must place the necessary procedures to assure this and be able to prove that data is processed and collected securely.

Show More

How GDPR protect Personal Data

Personal data includes the person’s name, age, birth date, interests as well as their IP address. When a user logs on to your website, you automatically receive such data and this is when the GDPR comes into force.
User Consent!
Since the power is now transferred to the user, they always have to give their consent regarding their data and have access to them. Your company should inform them why their data is used, for which purposes (e.g. for a better user experience) and how long they are stored.
The Right to erase data
The users now also have the opportunity to have their data erased exactly when they wish to do so. Last but not least, they have the right to be notified in case there has been a breach of conditions of the GDPR.
Transparency
Your company should keep a record of the user’s data it holds, as transparency is crucial for adhering to this regulation.
All you should Know!

When you are considering the registration process for your e-shop, you always need to remember the word why. This means that you always have to ask why you need this data or the other. Make yourself questions about the personal data you are collecting, like: Is the data important to acquire, will these data help to process the customers' order, otherwise you might consider not asking for it. Always inform your client about the use of their data and how it will be used (i.e. to provide better services for their prospective customers).
If third parties are participating in the design of the e-shop, inform your clients to read their privacy policy, hence, increasing their data protection.
Always be ready to answer your clients’ question concerning the transfer of data, what happens in the case of a data breach, erasing data, etc.
Finally, make sure that the consent given by the customer to collect their personal data is clearly evidenced if asked for.

Update your privacy policy to comply with GDPR Cyprus. You will read more about this in the following section.
Proceed with data encryption to better enhance the protection of data. Remember that all consent boxes in forms have to be unchecked so that it can be proven that the users willingly opt-in. Always be ready to act in case there has been a breach of conditions, notify your client and thus, enhance trust for your business.

Let your privacy policy be clearly and simply updated including all information regarding the new GDPR Cyprus. Inform your clients about the Data Protection Officer (DPO), a person always available to be contacted by your customers should they have any questions, requirements or complaints.
If you have an app connected to your business, make sure you extend data protection to better secure their online experience.
Should your business no longer need data that was initially acquired by the user, proceed to erase them, thus activating the right to be forgotten. State clearly how long you keep your user’s data, how they are used and if there is a case of them being sold or transferred to third parties.

Every website uses cookies to enhance the user’s experience. Under GDPR Cyprus cookies are still used while you visit a website and data such as your IP address, your browser’s type, your actions on the website are all stored in a small file. Such data is considered personal and as previously mentioned a minimum of them should be used.
It is a nice idea to inform users about the use of cookies on your website, especially for the first time they are visiting. If you are using cookies for different purposes regarding your website, the user must be clearly be informed in the cookies policy of your website.
Visitors of your website should be given an option to browse without their activities being recorded by cookies. In this way, based on the GDPR cookie consent policy you should give users the choice to accept or reject cookies and have a way to block both local and third-party cookies until the visitor consents to their use. Even if the user consents to the use of cookies he must be given the right to edit and modify his choice while browsing. This applies to both website guest and registered users and their consent to cookies policy should be recorded by the system in logs.

You can use the strategy of remarketing to provide targeted ads for your customers and increase your revenue. A cookie is established in the computer of the user that should comply with the aforementioned cookies policy. Remember that remarketing also falls under the GDPR Cyprus.

Regarding your email campaigns, update the contacts of your customers to see where they are geographically located. Ask for their consent while using their data and see if you are authorized to continue sending them emails. Always keep in mind that the GDPR Cyprus also refers to data acquired before 25 May 2018 so you should review them as well.

For Eshops and websites which have users registering on their website Logs of User modifications must be kept and presented when required to the GDPR authorities. User Profile modifications have to be recorded and exported in appropriate format when requested.
Furthermore, the ability must be given to the users to export their profile, delete it ( right to be forgotten GDPR regulation) and together with it all content they have created on the website.

( Contact forms, application forms e.t.c)
All website forms have to include a privacy policy checkbox to ensure that visitors completing the forms accept the privacy policy concerning the use and handling of their personal data. This consent must also be recorded and be presented if requested by GDPR authorities.
We hope to have given you an overview and some key points on the new GDPR Cyprus regulation, how your company can take measures to comply with it and continue providing an excellent experience for your customers.

Our aim !
We understand that GDPR compliance for your business website is a must. Through careful study of your website we will advice and help you have everything setup correctly according to GDPR requirements.

 

 

Quote jcslYou can  call us  at 22-232482 for a FREE consultation about your website GDPR compliance.