Data Protection: CCTV

Insights Publications

INSTALLATION OF CCTV IN PUBLIC AND PRIVATE PLACES

The Commissioner for the protection of personal data in Cyprus (“The Commissioner”) has recently published an announcement dated 28/06/2019 (“the Announcement”) regarding the installation of CCTV in shops, malls, shopping centers and other public and private places.

The Commissioner reiterates that CCTV footage and any other recording of similar nature, constitutes processing of personal data and such processing must be in compliance with the provisions of the General Data Protection Regulation (“the GDPR”) and the Cyprus Data Protection Law.

CCTV IN PUBLIC PLACES

Regarding the installation of CCTV in public places, the following examples are given in the Announcement on whether the installation of CCTV would be permissible or not:
Permissible

Entrance of buildings;
Outside elevators focusing on the elevator only;
Over a card/cash machine focusing on such machine only;
Parking places.

NOT permissible

- Corridors;
- Inside elevators;
- Waiting areas;
- W.C.;
- The interior and exterior areas of cafés/restaurants etc.

Individuals should be properly notified of the existence of CCTV by the placement of an adequate number of noticeable signs/warnings. Individuals should be given at least the following information:

That video recording takes place;
The person who determines the purposes for which personal data is processed; and
The purpose of the video recording.

CCTV IN PRIVATE PLACES (HOUSES/APARTMENT BUILDINGS)

The installation of CCTV in private places (i.e. houses) does not fall within the ambit of the relevant provisions of the GDPR and Domestic Legislation regarding personal data unless it captures images beyond the boundaries of the private property.

Installation of CCTV in Block(s) of apartment buildings by a tenant/owner should not infringe the rights of other tenants/owners in such buildings. If the CCTV is installed by the Administration Committee of each Building, it should only be installed in communal areas after a decision made by the tenants according to the Building’s Regulations.

SANCTIONS
In case of failure to comply with the GDPR and the Cyprus Data Protection Law, the Commissioner has the power, among others, to:

Issue warnings and reprimands;
Impose a temporary or definitive limitation including a ban on processing;
Order the rectification or erasure of personal data;
Restriction of processing; and/or
Administrative fines up to 20.000.000 EUR, or up to 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher

Cookie	Type	Duration	Description
cookielawinfo-checkbox-necessary	persistent	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-non-necessary	persistent	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non Necessary".
PHPSESSID	persistent	1 year	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	persistent	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
viewed_cookie_policy	persistent	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Type	Duration	Description
_ga	persistent	1 year	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, camapign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randoly generated number to identify unique visitors.
_gat_gtag	persistent	1 year	Identification code of website for tracking visits.
_gid	persistent	1 year	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.
_hjid	persistent	1 year	Hotjar cookie. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_hjIncludedInSample	persistent	1 year	This cookie is set to let Hotjar know whether that visitor is included in the sample which is used to generate Heatmaps, Funnels, Recordings, etc.
has_recent_activity	persistent	1 year	This cookie is used to signal to the code repository website if the user has browsed other website resources during the current session.
tk_ai	persistent	1 year	Gathers information for our own, first party analytics tool about how our services are used. A collection of internal metrics for user activity, used to improve user experience.
tk_lr	persistent	1 year	This cookie is set by JetPack plugin on sites using WooCommerce. This is a referral cookie used for analyzing referrer behavior for Jetpack
tk_or	persistent	1 year	This cookie is set by JetPack plugin on sites using WooCommerce. This is a referral cookie used for analyzing referrer behavior for Jetpack
tk_qs	persistent	1 year	Gathers information for our own, first party analytics tool about how our services are used. A collection of internal metrics for user activity, used to improve user experience.
tk_r3d	persistent	1 year	The cookie is installed by JetPack. Used for the internal metrics fo user activities to improve user experience

Cookie	Type	Duration	Description
_fbp	persistent	1 year	This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.
fr	persistent	1 year	The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.

MENU

Insights Publications