The personal data protection commissioner on Monday fined two big Nicosia clubs and a contracting company a total of €105,000 after finding security gaps in their ticketing systems.

In a written announcement, Irene Nicolaidou Loizidou said she had informed Apoel, Omonia and Hellenic Technical Enterprises, which designed and developed the ticketing system for the two clubs, of her decision after reviewing their positions, both as regards the technical and legal aspects, and after taking into consideration the mitigating factors they cited.

“Based on the above, I concluded that there were violations of the General Data Protection Regulation (GDPR) by the clubs and the contracting company for failure to implement the appropriate technical and organizational security measures,” she said.

The clubs were fined €40,000 each and the company €25,000.