GDPR: Harsh Fines For Non-Compliance

Insights Publications

GDPR: Harsh Fines For Non-Compliance

HARSH FINES FOR UNLAWFUL PROCESSING OF PERSONAL DATA BY THE COMMISSIONER

The latest decisions of the Commissioner for the Protection of Personal Data in Cyprus (“The Commissioner) indicate that the Commissioner will not tolerate violation of the provisions of the General Data Protection Regulation (“the GDPR”). The three cases below, indicate her reluctance regarding such infringements.

Case No. 1 – Fine of €82.000 regarding monitoring of sick leave by employees

In her recent decision (December 2019), the Commissioner decided to impose a total fine of €82.000 on a group of Companies in Cyprus. The group had been using the Bradford Factor, a test used to assess the group’s employees’ conduct by monitoring their sick leaves. According to the Commissioner, this processing constituted processing of Special Categories of Personal Data, for which process the group of companies could not provide a lawful basis to the Commissioner.

Case No. 2 – Fine of €14.000 on a doctor

The Commissioner has also recently imposed a fine of €14,000 on a doctor who published Special Categories of Personal Data of a patient on social media without obtaining their consent in advance.

Case No – 3 Fine of €9.000 on Social Insurance Services
In another decision (December 2019), the Commissioner imposed a fine of €9,000 on Social Insurance Services for inadequate security measures leading to a data leak in 2017. The Commissioner, before imposing the fine, took into account the failure of the Social Insurance Services to respond to vital questions addressed to them by her Office while investigating the case.

GDPR COMPLIANCE OF UTMOST IMPORTANCE
The above fines are the highest imposed in the Republic of Cyprus since the coming into force of the GDPR. Such fines constitute an indication of the reluctance of the Commissioner for non-compliance with the provisions of the GDPR. GDPR compliance is of vital importance and businesses should ensure that they are fully compliant with the provisions of the GDPR to avoid facing any sanctions by the Commissioner.
Should you require assistance regarding compliance of your business with the provisions of the GDPR and domestic legislation regarding the processing of personal data, do not hesitate to contact us.

Cookie	Type	Duration	Description
cookielawinfo-checkbox-necessary	persistent	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-non-necessary	persistent	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non Necessary".
PHPSESSID	persistent	1 year	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	persistent	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
viewed_cookie_policy	persistent	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Type	Duration	Description
_ga	persistent	1 year	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, camapign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randoly generated number to identify unique visitors.
_gat_gtag	persistent	1 year	Identification code of website for tracking visits.
_gid	persistent	1 year	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.
_hjid	persistent	1 year	Hotjar cookie. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_hjIncludedInSample	persistent	1 year	This cookie is set to let Hotjar know whether that visitor is included in the sample which is used to generate Heatmaps, Funnels, Recordings, etc.
has_recent_activity	persistent	1 year	This cookie is used to signal to the code repository website if the user has browsed other website resources during the current session.
tk_ai	persistent	1 year	Gathers information for our own, first party analytics tool about how our services are used. A collection of internal metrics for user activity, used to improve user experience.
tk_lr	persistent	1 year	This cookie is set by JetPack plugin on sites using WooCommerce. This is a referral cookie used for analyzing referrer behavior for Jetpack
tk_or	persistent	1 year	This cookie is set by JetPack plugin on sites using WooCommerce. This is a referral cookie used for analyzing referrer behavior for Jetpack
tk_qs	persistent	1 year	Gathers information for our own, first party analytics tool about how our services are used. A collection of internal metrics for user activity, used to improve user experience.
tk_r3d	persistent	1 year	The cookie is installed by JetPack. Used for the internal metrics fo user activities to improve user experience

Cookie	Type	Duration	Description
_fbp	persistent	1 year	This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.
fr	persistent	1 year	The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.

MENU

Insights Publications

GDPR: Harsh Fines For Non-Compliance

A.I. Kitsios LLC | Legal 500 EMEA 2024

Junior Litigation Lawyer Position

Θέση Ασκούμενου Δικηγόρου

CONTACT US

NEWSLETTER

Stay informed

INFORMATION

MENU

InsightsPublications

GDPR: Harsh Fines For Non-Compliance

A.I. Kitsios LLC | Legal 500 EMEA 2024

Junior Litigation Lawyer Position

Θέση Ασκούμενου Δικηγόρου

CONTACT US

NEWSLETTER

Stay informed

INFORMATION

Insights Publications