User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active
 

Welcome to a new era of a more protected Internet World. As of 25 May 2018, the European Union issued the GDPR (General Data Protection Regulation) which is automatically implemented in all 28 member states, including Cyprus. As part of our online services, we wish to give you an overview of this new regulation and how it will affect your business.

GDPR

GDPR CYPRUS - Overview

The new regulation is already in force in Cyprus affects every business and organization. Businesses that have a website or an e-shop must give even more empasis to the GDPR regulation as there are more issues that meets the eye that have to be considered. . It has revolutionized the use of data by giving the individual (data subject) more control over them. As every reputable business should respect their clients, the new regulation should be viewed as an  opportunity for improvement rather than a regulation that has to be followed. 

The new regulation mainly assures that the data of the user is lawfully collected, processed and controlled. A supervisory authority is in charge of helping you solve issues regarding the new regulation and to oversee that every business complies. It is important that you take every aspect of the GDPR into consideration as fines could be up to 20 million Euros or 4% of a company’s turnover.

gdpr cyprus fines

 

Let’s examine what personal data is all about.

Personal data include the person’s name, age, birth date, interests as well as their IP address. When a user logs on to your website, you automatically receive such data and this is when the GDPR comes into force.

Since the power is now transferred to the user, they always have to give their consent regarding their data and have access to them. Your company should inform them why their data is used, for which purposes (e.g. for a better user experience) and how long they are stored.

The users now also have the opportunity to have their data erased exactly when they wish to do so. Last but not least, they have the right to be notified in case there has been a breach of conditions of the GDPR.

Your company should keep a record of the user’s data it holds, as transparency is crucial for adhering to this regulation.

GDPR guidelines cyprus

GDPR CYPRUS – The business side of the GDPR

Let’s get down to the detail regarding how your business – your website or e-shop – should comply with GDPR Cyprus. Keep in mind that while the regulation is in force within the EU non-EU established organizations are also subject to it.

E-shop GDPR Compliance

When you are considering the registration process for your e-shop, you always need to remember the word why. This means that you always have to ask why you need this data or the other. Make yourself questions about the personal data you are collecting, like: Is the data important to acquire, will these data help to process the customers' order, otherwise you might consider not asking for it. Always inform your client about the use of their data and how it will be used (i.e. to provide better services for their prospective customers).

If third parties are participating in the design of the e-shop, inform your clients to read their privacy policy, hence, increasing their data protection.

Always be ready to answer your clients’ question concerning the transfer of data, what happens in the case of a data breach, erasing data, etc.

Finally, make sure that the consent given by the customer to collect their personal data is clearly evidenced if asked for.

Website GDPR Compliance

Update your privacy policy to comply with GDPR Cyprus. You will read more about this in the following section.

Proceed with data encryption to better enhance the protection of data. Remember that all consent boxes in forms have to be unchecked so that it can be proven that the users willingly opt-in. Always be ready to act in case there has been a breach of conditions, notify your client and thus, enhance trust for your business.

Privacy Policy

Let your privacy policy be clearly and simply updated including all information regarding the new GDPR Cyprus. Inform your clients about the Data Protection Officer (DPO), a person always available to be contacted by your customers should they have any questions, requirements or complaints.

If you have an app connected to your business, make sure you extend data protection to better secure their online experience.

Should your business no longer need data that was initially acquired by the user, proceed to erase them, thus activating the right to be forgotten. State clearly how long you keep your user’s data, how they are used and if there is a case of them being sold or transferred to third parties.

Cookies Policy

Every website uses cookies to enhance the user’s experience. Under GDPR Cyprus cookies are still used while you visit a website and data such as your IP address, your browser’s type, your actions on the website are all stored in a small file. Such data is considered personal and as previously mentioned a minimum of them should be used.

It is a nice idea to inform users about the use of cookies on your website, especially for the first time they are visiting. If you are using cookies for different purposes regarding your website, the user must be clearly be informed in the cookies policy of your website.

Visitors of your website should be given an option to browse without their activities being recorded by cookies. In this way, based on the GDPR cookie consent policy you should give users the choice to accept or reject cookies and have a way to block both local and third-party cookies until the visitor consents to their use. Even if the user consents to the use of cookies he must be given the right to edit and modify his choice while browsing. This applies to both website guest and registered users and their consent to cookies policy should be recorded by the system in logs.

Remarketing

You can use the strategy of remarketing to provide targeted ads for your customers and increase your revenue. A cookie is established in the computer of the user that should comply with the aforementioned cookies policy. Remember that remarketing also falls under the GDPR Cyprus.

Email campaigns

Regarding your email campaigns, update the contacts of your customers to see where they are geographically located. Ask for their consent while using their data and see if you are authorized to continue sending them emails. Always keep in mind that the GDPR Cyprus also refers to data acquired before 25 May 2018 so you should review them as well.

Registered Users

For Eshops and websites which have users registering on their website Logs of User modifications must be kept and presented when required to the GDPR authorities. User Profile modifications have to be recorded and exported in appropriate format when requested.

Furthermore, the ability must be given to the users to export their profile, delete it ( right to be forgotten GDPR regulation) and together with it all content they have created on the website.

Forms ( Contact forms, application forms e.t.c)

All website forms have to include a privacy policy checkbox to ensure that visitors completing the forms accept the privacy policy concerning the use and handling of their personal data. This consent must also be recorded and be presented if requested by GDPR authorities.

 

We hope to have given you an overview and some key points on the new GDPR Cyprus regulation, how your company can take measures to comply with it and continue providing an excellent experience for your customers.

 

If you liked what you read please share with colleagues and friends with the social buttons on the left-hand side of the page.

jcsl logo footer

We at JCSL Ltd are dedicated to offering web design company services that go beyond mere web design. 

Please feel free to contact us to further discuss these aspects of internet marketing based on the specific needs of your company.


For a FREE appointment with our Internet services specialist call 22-232482 or 95116277 or BOOK ONLINE!

For a tender please This email address is being protected from spambots. You need JavaScript enabled to view it. specifying your requirements or REQUEST A TENDER ONLINE.


Visit our blog at www.jcsl.com.cy/en/blog and LIKE us on facebook to keep up to date with the latest internet technology and get help and ideas on how to best use the Internet for your business.