Hellenic Technical Enterprises Ltd. – €25,000 Fine (Cyprus, 2021)

€25,000Commissioner for Personal Data Protection6 September 2021Cyprus
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Hellenic Technical Enterprises Ltd. was fined EUR 25,000 for not securing the ticket sales system they designed for soccer clubs. This security lapse exposed fans' personal data, such as names and ID numbers. The case emphasizes the responsibility of service providers to ensure data protection.

What happened

Hellenic Technical Enterprises Ltd. failed to secure the ticket sales system, leading to unauthorized data access.

Who was affected

Fans of AC Omonia and APOEL FC whose personal data was exposed due to the system's security flaws.

What the authority found

The Commissioner for Personal Data Protection determined that Hellenic Technical Enterprises Ltd. did not implement necessary security measures as required by GDPR.

Why this matters

This ruling highlights the accountability of service providers in protecting personal data. Companies outsourcing system design should ensure their partners comply with data protection standards.

GDPR Articles Cited

Art. 32 GDPR
Cyprus enforcementCommissioner for Personal Data Protection actionsAll Hellenic Technical Enterprises Ltd. actions
Full Legal Summary
Detailed

The Cypriot DPA has imposed a fine of EUR 25,000 on Hellenic Technical Enterprises Ltd.. The controller hat designed the ticket sales system of the soccer clubs AC Omonia and APOEL FC. Due to a lack of security measures in the ticket sales system, it was possible for an unauthorized person to access and disclose personal data of fans on the club's website. This data involved the name, the fan card number and the ID number of the data subjects. The DPA concluded that the controller failed to implement adequate technical and organizational security measures. In separate proceedings, the DPA fined APOEL FC and AC Omonia for the same violations.

Related Enforcement Actions (0)

No other enforcement actions found for Hellenic Technical Enterprises Ltd. in CY

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

6 September 2021

Authority

Commissioner for Personal Data Protection

Fine Amount

€25,000

Enforcement Tracker ID

ETid-832

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Hellenic Technical Enterprises Ltd. - Cyprus (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: