Cyprus Cyprus

Hellenic Technical Enterprises Ltd.

25,000 €

GDPR enforcement action by Cypriot Data Protection Commissioner on 2021-09-06.

Rank · Sector
#141
of 597 in Industry and Commerce
Rank · Cyprus
#8
of 47
Rank · All fines
#956
of 3,050

Case details

Authority
Cypriot Data Protection Commissioner
Date
2021-09-06
Controller / Processor
Hellenic Technical Enterprises Ltd.
Sector
Industry and Commerce
Quoted Articles
Art. 32 GDPR
Type of violation
Insufficient technical and organisational measures to ensure information security

Summary

The Cypriot DPA has imposed a fine of EUR 25,000 on Hellenic Technical Enterprises Ltd.. The controller hat designed the ticket sales system of the soccer clubs AC Omonia and APOEL FC. Due to a lack of security measures in the ticket sales system, it was possible for an unauthorized person to access and disclose personal data of fans on the club's website. This data involved the name, the fan card number and the ID number of the data subjects. The DPA concluded that the controller failed to implement adequate technical and organizational security measures. In separate proceedings, the DPA fined APOEL FC and AC Omonia for the same violations.

Open original source Links to the regulator's original publication or another source.

Related fines

Cyprus
Cyprus
2021-11-12
925,000 €
ETid-909
WS WiSpear Systems Ltd
Industry and Commerce
Cyprus
Cyprus
2019-10-25
70,000 €
ETid-179
LGS Handling Ltd, Louis Travel Ltd, and Louis Aviation Ltd
Employment
Cyprus
Cyprus
2023-11-22
45,000 €
ETid-2144
Open University of Cyprus
Public Sector and Education
Cyprus
Cyprus
2021-03-03
40,000 €
ETid-581
Electricity Authority of Cyprus
Employment
Cyprus
Cyprus
2021-09-06
40,000 €
ETid-830
APOEL FC
Individuals and Private Associations
Cyprus
Cyprus
2021-09-06
40,000 €
ETid-831
AC Omonia
Individuals and Private Associations
Back to all fines