Cyprus: Commissioner fines Voroklini Community Council €2,000 for lack of cooperation
The Office of the Commissioner for Personal Data Protection ('the Commissioner') published, on 14 July 2022, its decision, as issued on 3 February 2022, in which it fined Voroklini Community Council €2,000 for violation of Article 31 of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'), following investigation into a complaint submitted by an individual.
Background to the decision
In particular, the Commissioner provided that the complainant claimed that the Council had changed their mailing address concerning an apartment in Voroklini, without their consent.
Findings of the Commissioner
Following its investigation, the Commissioner found that there was no violation on the part of the Council regarding the complainant's address, as the change was not made deliberately or maliciously, but rather because of the electronic update of the Land Registry, which the Council corrected promptly following the individual's complaint.
However, the Commissioner found that the Council had violated Article 31 of the GDPR since it failed to carry out the proper investigation to provide the necessary information to the Commissioner.
As such, the Commissioner fined the Council €2,000.