STATEMENT ADVICE PERSONAL DATA PROTECTION.
Conduction of audit in compliance with General Data Protection Regulation.
I want to inform you that my office, under its functions according to article 57 paragraph 1 letter a, in order to “control and implement the application”of the General Data Protection Regulation (GDPR) of the European Union 2016/679, and by the exercise of its investigate power according to article 58 paragraph 1 letter b “carry out check on personal data protection” has started to conduct mass audit into private society for different areas of activity.
The principal aim of this audit is to assess the level of compliance of these societies to MGF, while the separate purposes are the assessment of adopted practices and the registration of applicable procedures.
This audit is part of the general framework for the compliance audit of specific private sectors witht he MGF and regard small and medium companies of Cypro, which occupy a significant percentage of the employment and the economic activity in this area.
They are divided into legality and technical control, and are performed by completing an electronic questionnaire from the controlled entities.
With the completion of the audits and the analysis of the results, we will have a secure picture of the level of compliance of small and medium-sized enterprises, which we will move on to the company.
Irini Loizidou Nikolaidou
Personal Data Protection Commissioner