The New Data regulations (GDPR) and its effect on your management committee.

You may have heard that a new set of laws (GDPR) came into effect about the use of personal data, if you haven’t heard about it, welcome back, you must have been traveling a really long way away.

During the first few months lots of companies took this as an Armageddon, with massive news stories about company’s that said they needed to stop trading with EU citizens, pop-up messages on almost every website to a point you could no longer use the site, even major news organisations to this day block access to their site from the EU as they are too afraid of non-compliance with the laws.

Well in this video I explain GDPR’s effect in the real world to your management committee, management companies and communal property owners in Cyprus.  And trust me these new regulations are a good thing and there is probably not too much work you need to do to become “compliant”.

Video Transcript

Ok so just in case you were lucky enough to avoid all the news and effects of this, on the 25th of May 2018 a new piece of legislation came into effect across all EU member states called the General Data Protection Regulation (GDPR).  This is effectively a single unified standard for data held on any European citizen and applies worldwide.

They gave plenty of warning about this, but most companies left everything to the absolute last minute as always and then completely overreacted to this new piece of legislation.

Ok so this law is in a nutshell. Of course there is allot more about the law than I cover in this video, but these are the key bits you need to know for communal property.  And I promise once I get this out the way I will let you know how this effects communal property and management committee operations

Firstly, the law states that any data held must be kept secure and in the event of a breach in this security, they must inform every person. 

You cannot share the data on someone with anyone else unless they have a legal right to see it.  And anyone can request to see the data that is being held on them.

Ok to bust the first myth, you do not need to have someone’s consent to hold their data in all circumstances.  You only need their consent if none of the following apply.

  • There is a legal obligation which requires use of the data
  • There is a legitimate interest which requires use of the data
  • Use of the data is a vital interest to the data subject
  • There is a public interest in the use of the data
  • There is a contractual requirement which requires which requires use of the data

So only if none of those already apply then you need the consent from that individual.

Ok it’s a little more complicated than that, but that pretty much sums it up.

Does this apply to your management committee?

As your management committee holds data on all the unit owners/residents of your building/resort its important to make sure you meet the new GDPR requirements.  Failure to meet these regulatory requirements puts you at risk of a penalty up to 20 million euros so it is quite important.

Does your Committee need each unit owners permission to hold their data?

This is a big question, almost immediately after this new law came into effect, quite a few very cheeky unit owners who my management company was pursuing for non-payment of communal fees, thought they would be clever and say that because of this new law we needed their consent to chase them for their debt and the committee must delete their information and never contact them again.

And to be honest, this matter of consent is where most companies overreacted when the law came into effect and did silly unnecessary things, so maybe they actually thought this was true.

But categorically no, the committee do not need the consent of unit owners to hold their data and contact them.

And I will explain why, although consent is required in many circumstances, as I said before it is not required where the holding of that individual’s data is already part of a contract requirement or other legal obligation.  The committee have a clear legal obligation under the property regulations to collect and keep property owners and residents contact information and financial records to fulfil their obligations under the law and so have every legal right to do so under the GDPR. 

But it was a nice try for the debtors.

How should you store this data?

Your management committee must take active measures to ensure that property owners data is
Accurate (for example I suggest a regular email update to owners asking if any of their information has changed) And that the data is Held securely (for example in a secure account on a GDPR compliant cloud storage service).

Your owners and resident’s information must not be disclosed to any third party unless they are employed by you, have a legitimate need to access this data & comply with the GDPR requirements. 

A potential slip up for committees is that its quite common for a committee to put information on a noticeboard within the building.  Since this new law it’s very important to make sure any documents placed on a noticeboard does not hold any personal data of the unit owner or any other person, including name, telephone, email or other contact information. 

What if you have a management company, is this their problem?

While the management company should also be GDPR compliant, it’s important to remember under the regulations the management committee are the ultimate ones responsible.  So you are also responsible for the security of the data and must ensure anyone you hire is also following the GDPR legal requirements.  Basically, if they mess up, you will need to clean it up, so its in your best interest to make sure they are taking this seriously as well.

Again, very simple summary of a very long piece of legislation but this should help answer some of the most common questions on GDPR and its effect on apartment building and resort management committees in Cyprus.


Ultimate Committee Handbook

Get your copy of the Ultimate Committee Handbook, the #1 Resource for Apartment Building and Resort Management Committees In Cyprus written by the Award Winning Communal Property Expert – Russell Flick.

More Articles & Videos on Communal Property Ownership, Administration & Management

Visit for more articles, videos and advice on all aspects of Apartment and Communal property ownership from setting up a committee, getting communal payments in, organising the AGM or simply administrating and maintaining your building. Russell Flick Founder of the Cyprus Communal Guide. "Helping you unlock your buildings True Potential"

Get Useful PDF templates, Video Training, Guides and eBooks

Signup to the Cyprus Communal Guide Community Hub.  The central location where we have all our Books, Guides, Videos, Training programs available to download.  Whether you are looking for a template to take the minutes at your next AGM or a handy guide on dealing with difficult owners we have got you covered

Have any Questions on this topic or have a suggestion for a future topic.

Do you have a question on this video or any other aspect of communal property management & Ownership, head over to our Facebook Group page and post your question.

Need 1-1 Support, Advice or Property Management Services From Russell Flick and his team.

Want to find out how Russell Flick and his communal management team can personally help provide direct services to assist your committee in the management of your building.  Click here to get a FREE no-obligation communal management Quote / Consultation from the top independent communal management specialists in Cyprus.

Russell Flick

Experienced Property Professional, Public Speaker & Author of 'The Ultimate Committee Handbook'. In addition to his published books, Russell is a public speaker, columnist and founder of, the online information portal for property owners to get support and advice on all aspects of communal property ownership and management.