Skip to main content

New Greek law on GDPR


Following a fast track procedure, the Greek Parliament adopted Law 4624/2019, which frames the provisions of the GDPR in Greece and has come into effect as of 29 August 2019.

Although it is an EU Regulation, the GDPR gives to the member states the right to establish limitations on certain data processing activities and introduce restrictions on the rights of the individuals.

Law 4624/2019 has made use of the majority of the derogations provided for in the GDPR by setting forth specific rules on the processing of employees’ personal data, “sensitive” personal data and personal data in the sectors of health, insurance and media.

Also, the law introduces significant limitations on the rights of the individuals, such as the right of the individuals to be informed on the use of their personal data, their right to have access to their data and their right of erasure, whereas it provides for exemptions that release controllers from their obligation to communicate personal data breaches to the affected individuals.

Another key feature of the law is the different treatment on the lawfulness of and restrictions on the processing of personal data depending on whether the controller is classified as a public or a private entity.

Last but not least, besides the high administrative fines stipulated in the GDPR, the new law provides for severe criminal sanctions in case of violation of its provisions.

Enterprises will need to review and adapt their policies and procedures to ensure that these are in line with the new statutory provisions.  


Article provided by: Mary Deligianni (Zepos & Yannopoulos, Greece)

Cloud Privacy Check (CPC). Data Privacy Compliance in the Cloud Made Easy

Understand Cloud and Data Protection Law in only 4 easy steps. Plus highly relevant legal information for 33 countries. Provided by EuroCloud and 53 European lawyers.


About Us

EuroCloud is an independent non-profit organization and consists of a two-tier setup where organisations form all European countries can apply to participate in as long as they respect the EuroCloud Statutes.

To act as a true European player, all programs that are developed are intended to be European activities. These European programs are the strength of EuroCloud as a whole. Respect to local cultures along with the will to promote a real European spirit.