General Data Protection Regulation

What is it

On 25th of May 2018, the General Data Protection Regulation on personal data of the EU (the “GDPR”) came into force with direct application to all member states of the European Economic Area (“EEA”) requiring stronger protection of personal data more than ever before. However, not all entrepreneurs understand the impact to their legal obligations.

To whom it applies?

Generally, it applies to entities or undertaking which either process personal data of people located in the EEA or process personal data as part of the activities of one of their establishments in the EEA, irrespective of whether the entity is located outside the EEA.

How does this affect you?

You must be able to demonstrate that you are in compliance with the GDPR. Non- compliance with the GDPR is punishable with administration fines of up to 20 million EUR or 4% of your worldwide annual turnover whichever is higher. The Data Protection Commissioner of Cyprus has also begun audits through the use of private specialists and has already imposed fines from 400 to 1000 EUR for failing to comply with the GDPR requirements.

What does the GDPR require?

Complying with the GDPR is an ongoing undertaking. As a first step you should take the measures set below:

  1. Apply technical and organization measures proportionate to the sensitivity of the personal data and your economic capacity to protect the personal data, e.g. encryption of personal data;
  2. Draft or review your Privacy Policy;
  3. Draft Records of Processing Activities in accordance with the Commissioner’s instructions;
  4. Amend and/or add to your employment contracts so that they fulfill the GDPR requirements;
  5. Execute contracts with suppliers and/or service providers who have access to the personal data you hold;
  6. Notifying the Commissioner of the use of CCTV.

At GLOBALSERVE, our experts have been providing GDPR compliance services since before the GDPR has entered into force and can assist you on any GDPR-related issue.

The content of the present article is intended to provide a general guide to the subject matter. For any questions, please contact us through our website or by sending us an email at

This entry was posted in General. Bookmark the permalink.