On 1 August 2025 the Radio Equipment Directive (RED) entered a new phase for the EU market. What used to be a radio/spectrum framework has become a baseline for cybersecurity compliance across most connected products. Phones, routers, wearables, IoT sensors—if it talks to a network, it now lives under a tougher playbook.

Three levers drive the shift: Article 3(3)(d) on network protection, 3(3)(e) on personal data safeguards (with extra attention to toys/childcare/wearables), and 3(3)(f) on fraud prevention. Their technical expression is the EN 18031 series, which turns high-level legal duties into testable security outcomes: access control, secure updates, storage/comms security, monitoring, and resilience.

What changes in practice

The new technology regulations push manufacturers to prove they’ve embedded security by design—strong authentication, sane defaults, hardened update paths, and meaningful logging. That’s good news for users and for providers tired of botnets fueled by cheap, insecure devices.

The flip side: implementation isn’t trivial. EN 18031 can limit self-declaration, nudging products toward Notified Body reviews when features (e.g., open firmware loading) break the assumptions behind presumption of conformity. Real costs rise, timelines stretch, and market entry becomes a governance exercise as much as an engineering one.

Innovation vs. lock-down

Here lies the tension. Security hardening is essential, but blunt restrictions risk collateral damage to openness, repairability, and research. Projects that rely on custom ROMs or community firmware can be caught in the compliance crossfire, even when their security posture is exemplary.

The EU’s broader policy mix complicates the picture: Right to Repair and the Digital Markets Act promote user choice and longevity, while strict readings of RED may incentivize locked bootloaders and closed ecosystems. Smart guidance is needed so cybersecurity regulations don’t quietly erode user agency.

Looking ahead

RED isn’t the end of the journey. The upcoming Cyber Resilience Act will raise the floor again, and overlapping regimes will make compliance a continuous discipline. Treat RED as more than a checkbox: it’s a chance to build trust, reduce incident costs, and differentiate on engineering quality.

A pragmatic playbook: map product features against EN 18031; document threat models and secure-update chains; avoid dark corners (weak password policies, silent telemetry); and, where openness matters, design for user-enrollable keys and verifiable modding paths. That’s how technology regulations and innovation can coexist.

Want the deep dive—EN 18031 mechanics, self-declaration pitfalls, and the bootloader controversy?

Read my full article

ICANN (Internet Corporation for Assigned Names and Numbers) serves as the global custodian of the internet’s domain name system. Founded in 1998 as a non-profit organization based in the United States, it undertook the critical mission of managing the Domain Name System (DNS) and allocating IP addresses. Unlike traditional international organizations such as the International Telecommunication Union (ITU), ICANN operates through a unique “multi-stakeholder” model, where governments, the private sector, academic community, and users collaborate in internet governance.

ICANN’s importance is decisive: every domain name registered worldwide is subject to the rules and policies established by the organization. For businesses and professionals who increasingly rely on their digital presence for international transactions and e-commerce, ICANN’s decisions have a direct impact on their digital assets. You can find more information about ICANN’s founding and political dimension here.

The New Registration Data Policy

The Registration Data Policy (RDP) coming into effect on August 21, 2025, represents the most significant restructuring of domain name ownership data management since 2018. This policy is not merely a technical adjustment, but a comprehensive overhaul affecting how the legal owner of a domain name is determined.

The most critical aspect of the new policy concerns the hierarchy of ownership data. According to paragraph 6(6)(2) of the RDP, if the “Organization” field in the registrant’s details contains the name of an organization or company, that organization will automatically be considered the legal owner of the domain. The individual listed in the contact details will now be treated only as a point of contact, without ownership rights.
This change reverses the existing practice where the registrant’s first and last name determined ownership. For example, if a company director has registered the business domain in their name but has filled in the company name in the “Organization” field, from August 21st the company will automatically become the domain owner, regardless of the individual’s name.

The Impact on Ownership

From a legal perspective, this change raises significant issues requiring immediate attention. Under Cypriot law, domain names are treated as intangible assets with substantial commercial value. The automatic transfer of ownership from an individual to a legal entity can have implications for contractual relationships, corporate agreements, and even in cases of divorce or inheritance.

Particular attention is required in cases where entrepreneurs have registered domains in their personal name for convenience or control purposes, but have entered the company name in the “Organization” field. After August 21, 2025, these domains will pass to company ownership, creating potential complications in cases of shareholder departures, sale of shares, or corporate disputes.

Additionally, this change affects the domain transfer process. Any modification to the “Organization” field will automatically trigger a change of registrant procedure, requiring email verification. Failure to complete verification within the specified timeframe can lead to domain suspension, with catastrophic consequences for business operations.

GDPR & Data Protection and Transparency

The new Registration Data Policy is a direct result of the implementation of the General Data Protection Regulation (GDPR) that came into effect in 2018. ICANN was forced to redesign the WHOIS system, which traditionally published all personal details of domain name holders freely, in order to comply with the strict requirements of the European regulation.

The RDP introduces significant restrictions on the collection and publication of personal data. Mandatory fields for administrative and billing contacts are abolished, while technical contacts become optional and can be generic email addresses. Importantly, Organization details will not appear in public WHOIS unless the holder gives explicit consent. This approach aligns with the principles of data minimization and privacy protection provided by GDPR, ensuring that only absolutely necessary information is collected and processed.

Practical Guidelines

Domain name holders, technicians, and administrators must take immediate action to protect their digital identity. We recommend immediate review of all registered domains and checking the “Organization” field.

If the intention is personal ownership, the “Organization” field must remain empty. Conversely, if corporate ownership is desired, you must ensure that the company name is correctly registered.

Particular attention is required for domains used for investment purposes or as part of a personal portfolio. The presence of a company name in the “Organization” field can create unwanted legal obligations and/or problems.

Other Important Technical Changes

Beyond the critical change in ownership determination, the Registration Data Policy introduces three additional technical changes that directly affect domain name management.

First, the obligation to collect Administrative, Billing, and Technical Contact fields is completely abolished. From August 21, 2025, registrars will collect exclusively the “minimal data set” limited to the absolutely necessary Registrant details. This simplification aligns with GDPR’s data minimization principles, while reducing the administrative burden for businesses maintaining multiple domains.

Second, and perhaps more critical from a business perspective, registrars are required to permanently delete all historical Administrative, Billing, and Technical contact data held in their systems.

Third, the Technical Contact becomes an optional field and can now be filled with generic email addresses, such as “support@example.com“, instead of specific employees’ personal details. This flexibility helps businesses maintain stable contact points regardless of internal personnel changes.

From WHOIS to RDAP

Alongside the changes in the Registration Data Policy, ICANN completed the final retirement of the WHOIS protocol on January 28, 2025, replacing it with the modern Registration Data Access Protocol (RDAP). WHOIS, which had been operating since 1982, had significant weaknesses: lack of data standardization and inability to support international characters. RDAP addresses these challenges by providing structured data in JSON format, mandatory use of HTTPS, and the ability for tiered access based on the requester’s identity.

For legal professionals and domain management specialists, the transition to RDAP means that access to non-public registration data now requires identity verification and documentation of legitimate interest. ICANN has introduced the Registration Data Request Service (RDRS) as a pilot program to facilitate such requests, particularly for law enforcement, intellectual property protection, and cybersecurity cases. This change creates new procedural requirements for obtaining information in cases of domain disputes or investigations into trademark infringements.

Upcoming Reforms to Domain Transfers

Beyond the immediate changes of the Registration Data Policy, ICANN is preparing significant reforms to the Transfer Policy expected to take effect within 2026. The most significant change concerns the reduction of the lock period from 60 to 30 days, both for new registrations and for transfers between registrars. Additionally, the 60-day lock that applied after changes to registrant details is being completely abolished, a development that significantly facilitates domain portfolio consolidation and corporate restructuring.

The new rules also introduce standardized procedures for bulk domain transfers (Bulk Transfer After Partial Portfolio Acquisition – BTAPPA), with a maximum charge of $50,000 for portfolios over 50,000 domains. At the same time, the list of valid reasons for transfer denial is being updated, including explicit reference to DNS abuse cases as defined in ICANN’s soft law. These changes are expected to significantly simplify transfer procedures while reducing the risk of fraud and abuse.

Conclusion

ICANN’s new Registration Data Policy signals a new era in domain name management. Understanding and timely adaptation to the new requirements is not simply a matter of technical compliance, but a critical issue for protecting domain names. The deadline of August 21, 2025 is approaching.

Further Reading on Digital Governance and Technology Policy

For readers interested in exploring broader themes of internet governance, data protection, and digital market regulation, I invite you to explore my other articles. These pieces examine critical intersections between technology, law, and corporate power:

• ICANN’s Registration Data Policy: Critical Domain Ownership Changes (Greek Version): The comprehensive Greek edition of this article provides additional context on ICANN’s historical development and its impact on the European digital landscape.
• The Consent Paradox: How EU Regulations Enabled Corporate Data Harvesting: A critical examination of how GDPR’s cookie consent requirements inadvertently created a surveillance infrastructure controlled by 8–10 Consent Management Platform companies, demonstrating how privacy regulations can paradoxically expand data collection capabilities.
• Apple v. Pepper: Robbing Developers of Their Autonomy: An analysis of the landmark U.S. Supreme Court case addressing whether iPhone users can sue Apple for monopolistic practices in the App Store, exploring the implications for developer independence and digital marketplace competition (Greek Version).
• Facebook Welcomes Us to the Post-Data Era & Why GDPR is Dangerous Nonsense: A provocative critique of GDPR’s fundamental limitations, arguing that traditional data protection frameworks cannot address the sophisticated data inference capabilities of modern platforms and the emergence of “post-data” surveillance techniques (Greek Version).
• When the GDPR Goes Wrong: A case study examining the Cyprus Data Protection Authority’s misapplication of GDPR to labor relations, illustrating the dangers when data protection authorities exceed their mandate and attempt to regulate matters beyond privacy concerns.
• The Founding of ICANN: A Historical and Political Approach: An in-depth exploration of ICANN’s creation in 1998, examining the political forces that shaped internet governance and the ongoing tension between technical administration and geopolitical interests (Greek Version).

Cyprus has emerged as a prime destination for business establishment within the European Union, offering a unique blend of tax efficiency, EU compliance, and strategic geographical advantage. The process of setting up a company in Cyprus is designed to be straightforward and business-friendly, reflecting the country’s commitment to attracting international investment.

This guide will walk you through the key steps of forming a company in Cyprus, from choosing a company name to meeting annual compliance requirements. Whether you’re looking to incorporate a new company or purchase a shelf company for immediate operations, Cyprus offers flexible options to suit various business needs. The ease of setup, combined with the country’s attractive tax regime and sophisticated legal framework, makes Cyprus an ideal choice for entrepreneurs and businesses of all sizes looking to establish a presence in a reputable EU jurisdiction.

Company name

Before registering a company in Cyprus, an application for approval of the company name must be submitted to the Registrar of Companies and Official Receiver. This can be done directly by applicants or through a lawyer or service provider. The name should not contain prohibited words such as “Cooperative,” “Municipal,” or “Privileged,” or any offensive language, and should not be too similar to other registered names. The name must end with the word “limited” or its abbreviation and may include Greek or Latin characters. The Registrar has the power to reject any name deemed undesirable.

As a matter of good practice, legal advisors in Cyprus typically keep a list of pre-approved “shelf names,” which are names already approved by the Registrar. These names are offered to clients who require a quick registration process and are indifferent to the actual name of the company.

Registered Office and Management Structure

A Limited Liability Company in Cyprus is required to have a registered office and address in Cyprus, which must be stated to the Companies Registrar.

Directors & Secretary For a Limited Liability Company in Cyprus, it is mandatory to have a director and secretary who reside in Cyprus. However, corporate entities are permitted to hold these positions. In the case of a company having only one member, the director and secretary positions can be held by the same individual. The details of the director and secretary are registered with the Companies Registrar and are publicly available.

Shareholders & Beneficial owners

A single shareholder is the minimum requirement for a Cyprus Limited Liability Company, with a maximum of 50 shareholders allowed. There are no restrictions on the nationality or residency of the shareholders, and both corporate entities and natural persons can be appointed as shareholders. It is also possible for the same person to serve as both the director and shareholder of the company.

The details of shareholders are registered with the Companies Registrar and are publicly available, while the details of beneficial owners are not registered on the public record and are not accessible to the public

Capital Assets & Structure

The capital structure of companies incorporated in Cyprus offers significant flexibility to business owners. When establishing a company, the authorized capital can be determined by the owners and denominated in any currency of their choice. While it’s common to suggest an authorized capital of €1,000, this is not a mandatory requirement. The authorized share capital represents the maximum amount of capital that the company is permitted to raise from its shareholders through the issuance of shares.

In terms of share types, Cyprus Limited Liability Companies are restricted to issuing only registered shares. The minimum number of shares that must be issued is one, providing flexibility for sole proprietorships or closely held companies. It’s worth noting that bearer shares are not permitted under Cyprus law, ensuring transparency in company ownership.

One of the most attractive features of the Cyprus company structure is the absence of a minimum paid-up capital requirement at incorporation. This means that shareholders are not obligated to pay up capital within a specific timeframe. This provision offers significant financial flexibility, particularly beneficial during the critical early stages of a business when cash flow can be tight. It allows companies to allocate their financial resources where they’re most needed, rather than tying them up in paid-up capital.

This flexible approach to capital structure and share issuance aligns with Cyprus’s broader strategy of creating a business-friendly environment. It allows companies to tailor their capital structure to their specific needs and growth plans, making Cyprus an attractive jurisdiction for a wide range of business types and sizes.

Annual Compliance and Government Fees

Companies registered in Cyprus are subject to two primary annual reporting obligations. Firstly, every Cyprus company must submit audited or certified financial statements to the local tax authority annually, regardless of whether the company is active or tax resident in Cyprus. This requirement ensures transparency and compliance with financial regulations. Secondly, companies must file an Annual Return with the Registrar of Companies. The initial submission is due 18 months after the date of registration, with subsequent submissions required annually. It’s worth noting that while these two major reports are annual, companies also have quarterly obligations related to VAT and social insurance contributions, which require more frequent filings throughout the year.

In addition to these reporting requirements, Cyprus companies must pay an annual fee to the Registrar of Companies to maintain their good standing. This annual fee amounts to €350 and is due by June 30th each year. For companies that are part of a group, the total amount is capped at €20,000. Prompt payment of this fee is crucial, as late payments incur penalties. If payment is made between July 1st and August 31st, a €35 penalty is applied. This penalty increases to €140 for payments made between September 1st and November 30th. Continued non-compliance may ultimately result in the company being struck off the register. While these fees and potential penalties add to the cost of maintaining a company in Cyprus, they contribute to the overall integrity and reliability of the Cyprus business environment.

Administrative Requirements and Employer Responsibilities

Companies in Cyprus are required to register with the Tax Department and Social Insurance Services to obtain a tax identification number, a VAT registration number, and to pay contributions to various funds for their employees. Employers must pay contributions to the Social Insurance, Annual Holidays with Pay, Redundancy, Human Resource Development, and Social Cohesion funds for each employee who earns at least €200 per week or €700 per month. Contributions, including the employees’ share, must be paid monthly in arrears within one month from the end of each contribution month.

The registration of employers can be done electronically through the Point of Single Contact (PSC) Cyprus portal, or by submitting the application form to a District Social Insurance Office or Citizens Service Centre. The application form should be accompanied by a copy of the employer’s identity card or passport or aliens registration certificate, as well as the relevant certificates of incorporation, directors and secretary (for limited companies), or partnership registration (for partnerships). Additionally, a Declaration of Employers Registration form must be completed for the recruitment of employees.

Legal Services for Business Setup and Management in Cyprus

As a licensed lawyer specializing in corporate law, I offer comprehensive legal support for businesses looking to establish and operate in Cyprus. My services are designed to provide end-to-end solutions, from company formation to ongoing compliance and management.

My approach focuses on offering tailored, personalized services that go beyond mere legal advice. I aim to become a trusted partner in your business journey, ensuring that all legal aspects are handled efficiently and effectively. This includes complete nominee services, comprehensive financial management, administration services, expert consulting, and even Financial Managed SaaS solutions.

For a detailed overview of my services and how I can facilitate your business establishment and growth in Cyprus, please visit my article: Streamline Your Business Setup in Cyprus. Here, you’ll find information on the full spectrum of services I offer, designed to set your business up for success from day one.

Further Reading on Company Law & Corporate Governance

For those interested in delving deeper into company law and corporate governance issues, I invite you to explore my other articles. These pieces cover a wide range of topics, from theoretical discussions to practical analyses:

• Cyprus Companies: Where Tax Efficiency Meets EU Compliance: Cyprus, strategically located between Europe, the Middle East, Africa, and Asia, offers a unique combination of EU membership and an attractive tax regime. With a competitive 12.5% corporate tax rate and extensive benefits including dividend and interest income exemptions, Cyprus provides a reputable business environment compliant with EU and OECD standards. Special provisions for intellectual property, holding companies, and corporate reorganizations, along with an extensive double tax treaty network, make Cyprus an ideal destination for businesses seeking tax optimization within the EU framework.
• Balancing Corporate Governance: Agency vs Stakeholder Theory: This article examines the interplay between agency theory and stakeholder theory in UK corporate governance. It explores how both theories advocate for limiting shareholder power but differ in their approaches. Agency theory focuses on the shareholder-executive dynamic and the importance of general meetings, while stakeholder theory emphasizes a broader system of checks and balances. The piece highlights the complexities of aligning shareholder interests with societal needs, discussing the role of corporate structures, the nature of ownership, and the evolving business landscape in shaping effective and responsible corporate governance practices.
• Exploring the Role Separation of Chairman and CEO in the UK: An examination of the debate surrounding dual leadership roles in corporate governance, discussing the benefits and costs associated with separating the positions of Chairman and CEO.
• The Role & Efficiency of Non-Executive Directors in the UK: An analysis of the critical role that Non-Executive Directors play in ensuring effective corporate governance and oversight in UK companies.
• The Texture of International Taxation: An exploration of the complexities and challenges in international tax law, particularly as they relate to multinational corporations.
• The Metaphysical Dimension of the Corporate Entity: A philosophical examination of the concept of corporate veil and its implications for business and law.
• The Ineffectiveness of the Foss Rule: A critical analysis of the Foss v Harbottle rule in company law, discussing its limitations and potential for injustice in certain corporate governance scenarios.
• Gerald Rarnet: A Business Parody: A cautionary tale about the importance of public relations and the potential consequences of ill-considered public statements by company leaders.
• Greek Small and Medium-sized Enterprises: Victim or Perpetrator?: A critical analysis of Greek SMEs, exploring both external challenges and internal shortcomings. While acknowledging harsh economic policies, the article argues that many Greek entrepreneurs contribute to their problems through poor business practices. It calls for more responsible management, better financial practices, and a shift in entrepreneurial culture to achieve sustainable growth in the Greek business landscape.

Strategic Location and Business-Friendly Environment

Cyprus, an EU member since 2004, stands out as a prime destination for businesses seeking a low-tax, secure jurisdiction with a strategic geographical advantage. Located at the crossroads of Europe, the Middle East, Africa, and Asia, Cyprus offers a favorable time zone (2 hours ahead of London and 1 hour ahead of mainland Europe), making it an ideal hub for international operations.

The island’s sophisticated legal framework and beneficial tax system have established it as one of Europe’s most attractive jurisdictions for setting up a Limited Liability Company. Unlike traditional offshore locations, Cyprus fully complies with EU legislation and OECD tax standards, ensuring a reputable and compliant business environment.

Cyprus at a Glance: Key Incorporation Benefits

1. Streamlined Company Formation: Only one director and one shareholder are required, with no local residency restrictions.
2. Swift Incorporation Process: Company registration typically completed within 8-10 days.
3. Competitive Corporate Tax Rate: A flat rate of 12.5%, one of the lowest in Europe.
4. Tax-Free Dividends: Exemption on dividends paid abroad.
5. No Exchange Control Restrictions: Freedom to transfer funds in and out of the country.
6. Access to EU Single Market: Over 500 million consumers within reach.
7. Extensive Double Tax Treaty Network: Agreements with more than 60 countries worldwide.

Tax Benefits

Cyprus offers a highly attractive tax regime that sets it apart as a premier business destination within the European Union, combining low rates, strategic exemptions, and international considerations. At the heart of this system is the remarkably competitive corporate tax rate of 12.5%, applicable to all companies regardless of their turnover. This flat rate, one of the lowest in Europe, immediately positions Cyprus as a tax-efficient jurisdiction for businesses of all sizes. The country’s tax framework, fully compliant with EU and international standards, provides substantial benefits including exemptions on dividend and interest income, favorable treatment of capital gains, and an extensive network of double tax treaties. These features, along with special provisions for intellectual property and holding companies, make Cyprus an ideal location for businesses looking to optimize their tax structure within a reputable EU framework.

The tax advantages extend far beyond the headline corporate rate. Cyprus provides a 0% tax rate on dividend income and interest income derived from corporate activities, significantly enhancing the appeal for holding companies and financial operations. Furthermore, capital gains from the sale of securities are exempt from taxation, with the exception of gains related to immovable property within Cyprus. This exemption makes Cyprus an ideal location for investment holding structures and trading operations.

Corporate reorganizations, including divisions, asset transfers, and share exchanges, enjoy tax-free status in Cyprus. This provision facilitates corporate restructuring and allows businesses to adapt to changing market conditions without incurring unnecessary tax burdens. Similarly, profits from foreign subsidiaries are generally tax-exempt, subject to certain conditions, making Cyprus an excellent base for multinational operations.

The Value-Added Tax (VAT) system in Cyprus is among the most competitive in the European Union, with rates ranging from 5% to 19%. As part of the EU Single Market, Cyprus implements the reverse charge mechanism for intra-EU transactions. Under this system, the VAT on intra-EU acquisitions is accounted for through the purchaser’s VAT return, rather than being paid at the point of import. This mechanism significantly enhances cash flow management for businesses.

Cyprus has implemented a Notional Interest Deduction (NID) regime, which allows for a notional interest deduction on new equity. This innovative provision can potentially reduce the effective tax rate to as low as 2.5%, providing a significant incentive for businesses to increase their equity financing in Cyprus.

For businesses with international operations, Cyprus offers a unilateral tax credit for foreign tax paid, even in the absence of a double tax treaty. This provision ensures that companies are not subject to double taxation on their global income. Moreover, Cyprus boasts an extensive network of double tax treaties with over 60 countries worldwide. These agreements, largely following the OECD model, prevent double taxation and provide clarity and certainty for international investors.

Cyprus offers additional tax advantages that are particularly attractive for intellectual property-based businesses. Under the IP Box Regime, income derived from qualifying intellectual property is subject to favorable tax rates, making Cyprus an appealing jurisdiction for tech companies, research and development operations, and other IP-intensive industries. Furthermore, royalties paid from Cyprus to non-resident companies are generally exempt from taxation, with limited exceptions for intellectual property used within Cyprus. This exemption extends to capital gains and income from the liquidation of Cypriot holding companies, further enhancing Cyprus’s position as a strategic location for international IP management and holding structures.

Legal Services for Business Setup and Management in Cyprus

As a licensed lawyer specializing in corporate law, I offer comprehensive legal support for businesses looking to establish and operate in Cyprus. My services are designed to provide end-to-end solutions, from company formation to ongoing compliance and management.

My approach focuses on offering tailored, personalized services that go beyond mere legal advice. I aim to become a trusted partner in your business journey, ensuring that all legal aspects are handled efficiently and effectively. This includes complete nominee services, comprehensive financial management, administration services, expert consulting, and even Financial Managed SaaS solutions.

For a detailed overview of my services and how I can facilitate your business establishment and growth in Cyprus, please visit my article: Streamline Your Business Setup in Cyprus. Here, you’ll find information on the full spectrum of services I offer, designed to set your business up for success from day one.

Further Reading on Company Law & Corporate Governance

For those interested in delving deeper into company law and corporate governance issues, I invite you to explore my other articles. These pieces cover a wide range of topics, from theoretical discussions to practical analyses:

• Setting Up Your Limited Company in Cyprus: An overview of the process and benefits of establishing a limited company in Cyprus. This article outlines key steps in company formation, highlighting Cyprus’s flexible structure, EU compliance, and tax efficiency. It demonstrates how Cyprus’s business-friendly environment attracts both entrepreneurs and larger enterprises seeking streamlined incorporation within the EU.
• Balancing Corporate Governance: Agency vs Stakeholder Theory: This article examines the interplay between agency theory and stakeholder theory in UK corporate governance. It explores how both theories advocate for limiting shareholder power but differ in their approaches. Agency theory focuses on the shareholder-executive dynamic and the importance of general meetings, while stakeholder theory emphasizes a broader system of checks and balances. The piece highlights the complexities of aligning shareholder interests with societal needs, discussing the role of corporate structures, the nature of ownership, and the evolving business landscape in shaping effective and responsible corporate governance practices.
• Exploring the Role Separation of Chairman and CEO in the UK: An examination of the debate surrounding dual leadership roles in corporate governance, discussing the benefits and costs associated with separating the positions of Chairman and CEO.
• The Role & Efficiency of Non-Executive Directors in the UK: An analysis of the critical role that Non-Executive Directors play in ensuring effective corporate governance and oversight in UK companies.
• The Texture of International Taxation: An exploration of the complexities and challenges in international tax law, particularly as they relate to multinational corporations.
• The Metaphysical Dimension of the Corporate Entity: A philosophical examination of the concept of corporate veil and its implications for business and law.
• The Ineffectiveness of the Foss Rule: A critical analysis of the Foss v Harbottle rule in company law, discussing its limitations and potential for injustice in certain corporate governance scenarios.
• Gerald Rarnet: A Business Parody: A cautionary tale about the importance of public relations and the potential consequences of ill-considered public statements by company leaders.
• Greek Small and Medium-sized Enterprises: Victim or Perpetrator?: A critical analysis of Greek SMEs, exploring both external challenges and internal shortcomings. While acknowledging harsh economic policies, the article argues that many Greek entrepreneurs contribute to their problems through poor business practices. It calls for more responsible management, better financial practices, and a shift in entrepreneurial culture to achieve sustainable growth in the Greek business landscape.

Why This Matters

In an era where data breaches can have far-reaching consequences for businesses and individuals alike, understanding the legal framework surrounding breach notifications is crucial. Cyprus, as a member of the European Union, adheres to the General Data Protection Regulation (GDPR), but also has its own nuances in implementation and enforcement.

Key Insights

While the full article is available to DataGuidance subscribers, I wanted to share a few key points that underscore the importance of this topic:

• Legal Framework: The article explores how Cyprus has implemented the GDPR through national legislation, providing clarity on the governing texts that businesses must be aware of.
• Notification Processes: I discuss the specific procedures for notifying both the authorities and affected individuals in the event of a data breach, highlighting any Cyprus-specific requirements.
• Recent Decisions: The piece includes analysis of recent decisions by the Cyprus Commissioner for Personal Data Protection, offering valuable insights into how the law is being interpreted and enforced in practice.
• Cross-Border Considerations: Given Cyprus’s unique position in the EU and its relationship with non-EU countries, the article touches on important considerations for businesses operating across borders.

Why I Wrote This Article

As a practicing lawyer in this field, I’ve seen firsthand the challenges organizations face in complying with data protection regulations. By contributing to publications like DataGuidance, I aim to share my expertise and help businesses navigate these complex waters more effectively.

Looking Ahead

The landscape of data protection law is constantly evolving, and staying informed is key to ensuring compliance and protecting both businesses and individuals. I’m committed to continuing to share insights and analysis on these crucial topics.

For those interested in reading the full article, it’s available on the OneTrust DataGuidance platform. If you have any questions about data breach notifications or data protection law in Cyprus, don’t hesitate to reach me out.

With my tailored and personalized services, you’re not just starting a company; together we setting up for your business journal. Here’s what I offer:

Why to work with me?

As a member of the Cyprus Bar Association since 2020, my legal practice is informed by a rich tapestry of experiences that blend innovative business solutions with a deep understanding of the law. My journey began in the realm of business administration, where I co-founded a boutique digital marketing firm, Fresset Ltd. This venture not only honed my skills in accounting and administration but also allowed me to delve into the technological intricacies of web development and linguistic algorithms.

Before I decided to follow the law path, I studied business administration and co-founded the boutique digital marketing company, Fresset Ltd. Back then, in addition to accounting and administrative duties, I was given the space to explore the Open Web and practice web development and linguistic algorithms. Upon completing my first degree and a one-year professional accounting program at the University of Athens, I decided to invest in legal education. In 2013, a few months after the partial acquisition of Fresset Ltd by the TENP SA Group, I became the operations manager of serval business workshops, some under the aegis of the Municipality of Athens and others on behalf of private institutions and NPOs.

The decision to outsource the web development of a minor project of Fresset Ltd to an Indian company is a memory I will not soon forget. Along with the company’s accountant, we decided to record the project in cash accounts as a cash flow transaction to ensure that fund’s account corresponded to the correct reality, but not as a statement in the balance sheet. We hoped it would be compatible with ministerial decisions, given India’s service costs were considered non-deducted expenses. The Greek Tax Authority deducted the expense because I had never travelled to India, and VAT, income tax, and a fine had to be paid. Nevertheless, the project eventually cost 30% less than it would have been choosing the European Market. If a 24-year-old entrepreneur can readily enjoy the globalized economy, then the only thing that a national authority can do is have a traditional sense of prevention. As another memory of that kind, I distinguish when after I sold my shares of the abovementioned company and planned my law studies, I temporarily worked for a cost accounting company. My stint at a cost accounting firm was marked by innovation, where I developed a dashboard to streamline payroll processes for a Special Purpose Entity. This solution exemplified my commitment to efficiency and my ability to leverage technology in service of fiscal management.

Throughout my tenure in the legal field, I have engaged in a variety of scholarly pursuits that have significantly enriched my understanding of the law’s application in both domestic and international contexts. The “Open Texture of International Tax Law” delves into the complexities of cross-border fiscal policies, while “Contemporary Issues of Possible Market Distortion by App Stores” examines the competitive challenges within digital marketplaces. My thesis on the “Informal Value Transfer System, Terrorism, and Money Laundering” offered a theoretical perspective on pressing global security issues. Additionally, my work on “Fraud Act 2006 & Pump and Dump Schemes in England” provides a critical look at financial misconduct, and “Balancing Corporate Governance” explores the theoretical divergences affecting corporate leadership. Lastly, “Exploring the Role Separation of Chairman and CEO in the UK” sheds light on the governance structures that shape corporate integrity and accountability. My role as a legal researcher for the Central Bank of Cyprus has allowed me to delve into the intricacies of financial regulations, culminating in the “Monograph of Cyprus Insolvency Rules“.

Continuing on my technical proficiencies, in 2019 I have been chosen as the paralegal supporter for a punitived-dismissal’s case before a Western Europe Administrative Court. For the year of 2020, I distinguish that due to the client’s negligence, the trademark application remained pending for two years before CyIPO but in the meanwhile, a Patent Troll Company submitted a similar trademark to the EUIPO. In 2021, I handled separate cases involving two clients who had been forcibly transferred to Cypriot shell companies and lost regulated employee benefits. It was a solid opportunity to understand the EU Council Directive 2001/23/EC.

Beyond my academic and professional experience, I helped establish the first whistleblowing platform in Cyprus and currently serve as volunteer reporter for the Noyb NPO on GDPR matters. International Law & Taxation is a field that genuinely fascinates me.

My diverse experiences, ranging from business management to directorial roles and enriched by advanced studies at the Hague Academy of International Law, have endowed me with a profound grasp of international economics and corporate governance. For a consultation on navigating the complexities of business and management, I invite you to schedule an appointment.