Details:
| Summary | The Cypriot DPA has imposed a fine of EUR 25,000 on Hellenic Technical Enterprises Ltd.. The controller hat designed the ticket sales system of the soccer clubs AC Omonia and APOEL FC. Due to a lack of security measures in the ticket sales system, it was possible for an unauthorized person to access and disclose personal data of fans on the club’s website. This data involved the name, the fan card number and the ID number of the data subjects. The DPA concluded that the controller failed to implement adequate technical and organizational security measures. In separate proceedings, the DPA fined APOEL FC and AC Omonia for the same violations. |
| Link: | link link |
| Related articles: | Art. 32 GDPR |
| Type: | Insufficient technical and organisational measures to ensure information security |
| Fine: | EUR 25,000 |
| Sector | Industry and Commerce |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/