Privacy Laws

Greek data protection compared to the GDPR

The flag of Greece with a city in the background showing a port. — © lubos K / stock.adobe.com | #247870719

General overview

Greece, as a member state of the European Union, has incorporated the GDPR into its national legislation. Nevertheless, there are specific national regulations and interpretations that may differ from other EU countries.

GDPR opening clauses

Greece has established national regulations for the processing of data concerning minors, data processing for journalistic purposes, and data processing for scientific research.

Key differences and national specifics

Consent

In Greece, consent is a central element of data protection. Greek legislation emphasizes that consent must be clear, specific, and informed. There are national provisions specifying how consent should be obtained in different contexts.

Rights of data subjects

The rights of data subjects are clearly defined in Greece. There are specific requirements and procedures outlining how these rights can be exercised, particularly concerning access to data and data rectification.

Data portability

Data portability is an important theme in Greek legislation. There are national regulations ensuring that data subjects can receive their data in a commonly used and machine-readable format.

Data protection officer

The role of the Data Protection Officer in Greece is clearly defined. National provisions specify the qualifications, appointment, and duties of the Data Protection Officer.

Processing of special categories of data

Greece has specific regulations regarding the processing of special categories of data. These regulations particularly apply to data classified as sensitive, such as health data or data concerning racial or ethnic origin.

Conclusion

Greece has integrated the GDPR into its national legislation, but specific areas exist where national regulations apply. Companies operating in Greece or conducting business with Greek citizens should be aware of these differences and ensure compliance with both the GDPR and Greek data protection law.

Write email

Group	external media
Name	Calendly
Technical name	_cf_bm,__cfruid,OptanonConsent
Provider	Calendly LLC
Expire in days	365
Privacy policy	https://calendly.com/privacy
Use	To arrange appointments via the provider Calendly.
Allowed
Group	essential
Name	Contao CSRF Token
Technical name	csrf_contao_csrf_token
Provider	Contao
Expire in days	0
Privacy policy
Use	Serves to protect the website from being falsified by cross-site requests. The cookie is deleted again after the browser is closed.
Allowed
Name	Contao HTTPS CSRF Token
Technical name	csrf_https_contao_csrf_token
Provider	Contao
Expire in days	0
Privacy policy
Use	Used to protect the encrypted website (HTTPS) from being falsified by cross-site requests. The cookie is deleted again after the browser is closed.
Allowed
Name	PHP SESSION ID
Technical name	PHPSESSID
Provider	Contao
Expire in days	0
Privacy policy
Use	Cookie from PHP (programming language), PHP data identifier. Contains only a reference to the current session. No information is stored in the user's browser and this cookie can only be used by the current website. This cookie is mainly used in forms to increase user-friendliness. Data entered in forms is stored for a short time, for example, if the user makes an input error and receives an error message. Otherwise, all data would have to be entered again.
Allowed
Name	FE USER AUTH
Technical name	FE_USER_AUTH
Provider	Contao
Expire in days	0
Privacy policy
Use	Saves a visitor's information as soon as they log in to the frontend.
Allowed