Cyprus Cyprus

Bank of Cyprus Public Company Limited

25,000 €

GDPR enforcement action by Cypriot Data Protection Commissioner on 2025-08-05.

Rank · Sector
#150
of 322 in Finance, Insurance and Consulting
Rank · Cyprus
#9
of 47
Rank · All fines
#983
of 3,050

Case details

Authority
Cypriot Data Protection Commissioner
Date
2025-08-05
Controller / Processor
Bank of Cyprus Public Company Limited
Sector
Finance, Insurance and Consulting
Quoted Articles
Art. 5 (1) f) GDPR, Art. 24 GDPR, Art. 32 GDPR
Type of violation
Insufficient technical and organisational measures to ensure information security

Summary

The Cypriot DPA has imposed a fine of EUR 25,000 on the Bank of Cyprus Public Company Limited. The controller failed to implement adequate technical and organisational measures to ensure data security, resulting in a data breach.

Open original source Links to the regulator's original publication or another source.

Related fines

Cyprus
Cyprus
2021-11-12
925,000 €
ETid-909
WS WiSpear Systems Ltd
Industry and Commerce
Cyprus
Cyprus
2019-10-25
70,000 €
ETid-179
LGS Handling Ltd, Louis Travel Ltd, and Louis Aviation Ltd
Employment
Cyprus
Cyprus
2023-11-22
45,000 €
ETid-2144
Open University of Cyprus
Public Sector and Education
Cyprus
Cyprus
2021-03-03
40,000 €
ETid-581
Electricity Authority of Cyprus
Employment
Cyprus
Cyprus
2021-09-06
40,000 €
ETid-830
APOEL FC
Individuals and Private Associations
Cyprus
Cyprus
2021-09-06
40,000 €
ETid-831
AC Omonia
Individuals and Private Associations
Back to all fines