Privacy Notice

  1. Privacy Notice

PRIVACY

1. PURPOSE OF DATA PROCESSING AND CONSEQUENCES OF NOT PROVIDING DATA BY WEBSITE USERS

The Ministry of Foreign Affairs is the Controller and processes personal data for specified, explicit and legitimate purposes and ensures that no further processing is carried out in a manner that is incompatible with those purposes. The personal data processed are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. The Ministry of Foreign Affairs takes the necessary actions to ensure that the data is accurate and where necessary, kept up to date.

Processing is carried out for the following purposes:

  • Compliance with the legal obligation of the Ministry of Foreign Affairs, or
  • The fulfillment of a duty performed in the public interest or in the exercise of public authority delegated to the Controller (which is the Ministry of Foreign Affairs), or
  • To safeguard the vital interest of the data subject or other natural person.

The Directorates/Units of the Ministry of Foreign Affairs process personal data in the context of the execution of their responsibilities and in the framework of the above purposes, which include, among others:

  • the granting of consular services in order to facilitate Cypriot nationals abroad pursuant to the Vienna Convention on Consular Relations (1963),
  • the examination and issuance of entry visas for the legal entry into the Republic of Cyprus, of foreign citizens pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and the repealing of Directive 95/46/EC and Regulation (EC) no. 767/2008 of the European Parliament and of the Council of 9 July 2008 on the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation),
  • the certification of documents pursuant to the Convention on the Abolition of the Obligation to Legalize Foreign Public Documents 1961 and pursuant to Regulation 2016/1191 of the European Parliament and of the Council of July 6, 2016 for the promotion of the free movement of citizens by simplifying the requirements for the submission of certain public documents in the European Union,
  • the issuance of diplomatic passports for Cypriot citizens pursuant to the Population Register Law of 2002 (141(I)/2002),
  • the issuance of diplomatic identities and other documents for foreign diplomatic missions accredited to the Republic of Cyprus pursuant to the Vienna Convention (1961) on Diplomatic Relations and the Vienna Convention on Consular Relations (1963).

2. TO WHOM THE MINISTRY OF FOREIGN AFFAIRS COMMUNICATES PERSONAL DATA

The Ministry of Foreign Affairs, in compliance with the relevant legislation, communicates personal data to other competent Public Authorities, i.e. relevant Ministries, Departments and/or Services, e.g. the Ministry of the Interior, for matters of entry visas, issuance of identity cards and certificates related to its competences, based on the requests submitted through the Ministry of Foreign Affairs.

3. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS

The responsibilities of the Ministry of Foreign Affairs include the transmission of personal data to third countries or international organizations.

4. STORAGE OF PERSONAL DATA

Ministry of Foreign Affairs documents containing personal data are held in electronic form in the electronic filing system (eoasis) and are sometimes held in paper form, in files. The storage time depends, on the one hand, on the processing of a case and, on the other hand, on maintaining a file with available useful information that may be needed in the future, either by the applicants, or by the Ministry that is called upon to serve them and derives from the Ministry's obligations under relevant legislation. Furthermore, the provisions of the State Archives Law of 1991 (N.208/1991) are also taken into account.

5. RIGHTS OF PERSONAL DATA SUBJECTS

The rights of data subjects are included in the EU General Regulation (GDPR), 2016/679, [REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing of Directive 95/46/EC (General Data Protection Regulation)], which was published in the Official Journal of the European Union on 4.5.2016, particularly in recitals 63–70 and Articles 15-21, i.e. rights of access, rectification, erasure, restriction of processing, communication, portability and objection.
By way of explanation, it is noted that the Data Subject has the right under specific conditions to obtain from the Controller, without undue delay, the rectification of inaccurate personal data concerning him, the erasure of data concerning him and the restriction of data processing. The rights are exercised by submitting a relevant written request to the Data Protection Officer.

6. NOTIFICATION OF CHANGES TO PERSONAL DATA TO RECIPIENTS

The Data Controller shall communicate any rectification or erasure of personal data or restriction of data processing to each recipient to whom the personal data have been disclosed. The Data Controller informs the Data Subject about those recipients if the Data Subject requests it.

7. WITHDRAWAL OF CONSENT

The Data Subject has the right to withdraw consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, the Data Subject is informed accordingly.

8. RIGHT TO LODGE A COMPLAINT AGAINST THE MINISTRY OF FOREIGN AFFAIRS TO THE SUPERVISORY AUTHORITY

Each Data Subject (the natural person to whom the data refers) has the right if he believes that any of his rights have been infringed or if he considers that the processing of his personal data infringes the General Data Protection Regulation (GDPR), to lodge a complaint to the competent Supervisory Authority (Commissioner for the Protection of Personal Data), whose relevant contact details, are available on the website www.dataprotection.gov.cy

9. DATA PROTECTION OFFICER
The Ministry of Foreign Affairs, in accordance with Regulation (EU) 2016/679, has appointed a Data Protection Officer (DPO), and Data Subjects can contact him, for issues related to the processing of their personal data and the exercise of their rights, according to Regulation (EU) 2016/679.

You may write to the Data Protection Officer (DPO) at the Ministry of Foreign Affairs as follows:

By email: dpo@mfa.gov.cy

By post: Ministry of Foreign Affairs, Presidential Palace Avenue, 1447 Nicosia (For the Attention of the Data Protection Officer)