Private data defines any information associated with an all natural living person. Some illuminating examples are the amount of our identity card, passport, birth date, mailing address, email, etc. Oftentimes, individuals have to provide their private data to 3rd parties for a lot of reasons, for example to buy an item online, to request something, to reply to market research, to spread out a financial institution account, to look at a movie online, to purchase your flight, etc. However, has anybody requested if this post is stored and just how could it be processed?
Clearly, private data protection influence to some large degree many facets of professional, social and business existence. Furthermore, privacy comes with an effect on the non-public existence of citizens. Consequently, private data protection is a vital matter that should be addressed by private and public organisations while performing their daily operations.
In Cyprus, ‘The Processing of private Data (Protection of the baby) Law of 2001’ (138 (I) 2001) regulates the gathering, the procedure and using private data. The specific law joined into pressure in 2001 to be able to address privacy the process of collection, storage, processing, distribution and employ of private data. In addition, what the law states was amended in 2003 to ensure that to harmonise the Cyprus legislation using the EU Directive 95/46 around the protection of people concerning the processing of private data.
The company operations that are influenced by Law 138(I)2001 are any operation which involves the gathering, storage, organisation, upkeep, extraction, use, distribution and destruction of information. Hence, the provisions of the Law affect the processing of private data entirely or partially by automatic means, and also to processing otherwise compared to automatic way of private data that constitute a part of a filing system or are envisioned to participate a filing system.
Which legal rights do people have concerning their private data stored by organizations?
The authority to information
The authority to access
The authority to rectification
The authority to object
The authority to compensation
Conditions for authorized processing of private data:
Based on the provisions from the Law, the processing of private information is allowed only if someone give his/her consent.
However, it’s also allowed with no consent of the baby within the following cases:
in situation it’s important for compliance having a legal obligation
for that performance of the contract the person is really a party to
to guarantee the vital interests of the baby
for purpose of public interest
for that legitimate interests went after through the controller or even the 3rd party, underneath the condition that such interests override the legal rights of the baby, interests and fundamental freedoms
It ought to be noticed that ‘sensitive data’ denotes any information concerning racial or ethnic background, political orientation, religious or philosophical convictions, participation inside a body, association and trade union, health, sex existence and erotic orientation in addition to data concerning criminal prosecutions or convictions.
Based on the Law, sensitive data have a greater degree of protection as it is simpler that people experience discriminations according to these data. Consequently, what the law states provides the processing of sensitive information is prohibited.
Nonetheless, the processing of sensitive information is allowed underneath the following conditions:
when the individual has provided his/her explicit consent, unless of course such consent continues to be acquired unlawfully
within the situation that information systems is essential for that fulfilment of the obligation within the employment sector
for that safeguard of significant interests
inside the context from the activities of the organisation or union the person is part of
for national or public security purposes
for record, research, scientific and newspaper purposes
in situation information systems is connected with medical data and it is done by someone who offers health services by profession and it has an obligation of confidentiality or perhaps is susceptible to relevant codes of conduct, underneath the condition the processing is needed for preventive medicine, medical diagnosis and also the provision of health-care services.
Check out this great website for Verbraucherschutz.