Cyprus Police – €6,000 Fine (Cyprus, 2020)

€6,000Commissioner for Personal Data Protection22 October 2020Cyprus
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Cyprus Police faced a fine for mishandling personal data, as one of its officers shared sensitive information with an unauthorized person. This incident is concerning because it shows how easily personal data can be misused, especially by those in trusted positions. It emphasizes the need for stronger oversight and security measures in handling personal data.

What happened

A Cyprus Police officer improperly accessed and shared personal data from a database with a retired officer.

Who was affected

Individuals whose personal data was accessed and shared without authorization by the Cyprus Police.

What the authority found

The authority determined that the Cyprus Police did not have effective measures in place to prevent unauthorized access to personal data.

Why this matters

This ruling highlights the importance of having strong internal controls to protect personal data. Other organizations should ensure their data handling practices are secure to prevent similar breaches.

GDPR Articles Cited

AI-verified

Art. 32(GDPR)
View original scraped data
Art. 32(GDPR)

Original data from scraper before AI verification against source document.

Source verified 14 March 2026
verified correct
Cyprus enforcementCommissioner for Personal Data Protection actionsAll Cyprus Police actions
Full Legal Summary
Detailed

A police officer had unauthorized access to a database holding personal data about vehicle owners and used the database for non-official purposes to pass information from the database to a third party. In this respect, the organizational and technical measures taken by the police to prevent unauthorized access to the database were insufficient to prevent the unauthorized disclosure of personal data to third parties.

Violations (1)

Third-Party Cookies Without Consent
critical

Third-party tracking cookies or scripts are loaded without obtaining prior user consent.

Art. 13, 14 GDPR

Related Enforcement Actions (1)

Other enforcement actions involving Cyprus Police in CY

Fine
Sept 2020· DPA Commissioner

A series of media publications (printed and online press) mentioned the telecommunications company CYTA, the Social Insurance Services of the Ministry...

€6K
Current
Oct 2020

Fine

€6K

Similar Cases

Enforcement actions with similar violations

unknown (claimant)

2021 · DPA OLGLinz

Legal Person

2023 · Úřad pro ochranu osobních údajů

€4K

CNIL

2019 · Court of Justice of the European Union

Details

Fine Date

22 October 2020

Authority

Commissioner for Personal Data Protection

Fine Amount

€6,000

Enforcement Tracker ID

ETid-432

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Cyprus Police - Cyprus (2020). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: