Support Centre



Law: Law 4624/2019 on the Personal Data Protection Authority, Implementing the General Data Protection Regulation (Regulation (EU) 2016/679) and Transposing into National Law Data Protection Directive with Respect to Law Enforcement (Directive (EU) 2016/680) and Other Provisions ('the Law'), and the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR')

Regulator: The Hellenic Data Protection Authority ('HDPA')

Summary: The Law and Law 3471/2006 on the Protection of Personal Data and Privacy in the Electronic Telecommunications Sector and Amendment of Law 2472/1997, which governs, among other things, cookies and other trackers, are the main pieces of privacy legislation in Greece and both are enforced by the HDPA. The HDPA has been particularly active in releasing guidelines on GDPR compliance, and has covered topics such as cookies and other trackers, Data Protection Impact Assessments, breach notifications, accountability, and processing records. In addition, the HDPA has conducted several enforcement actions and issued fines ranging from €5,000 to €150,000 for, among other things, unlawful processing of employee data, non-compliance with access requests, and inadequate security measures. On 27 January 2020, the HDPA issued an opinion (only available in Greek here) which suggested that certain Articles of the Law are incompatible with the GDPR.


Greek Law 4961/2022 on 'Emerging information and communications technologies, strengthening digital governance and other provisions' ('the Law') creates one of the first unified frameworks on emerging technologies within the EU. The Law attempts to address the possible impact that emerging technologies may have in everyday life and especially with fundamental human rights. Spiros Tassis, Founder at Tassis & Associates Law Office, provides a look into the Law and its purpose.