Search

How Greek data protection law differs from the GDPR

On 29/08/2019, Greece adopted the Data Protection Act 4624/2019, following the threat of sanctions by the European Commission. This law shows strong influences from the German Bundesdatenschutzgesetz (BDSG). These influences are, for example, evident in the regulations on special categories of personal data and in employee data protection. However, the Greek data protection law also contains further deviations resulting from making use of various opening clauses of the GDPR that are not found in the German BDSG. These include, for example, the consent of minors and the further requirements for the record of processing activities.

The Greek Data Protection Act is divided into five chapters:

  • Chapter 1 – General Provisions
  • Chapter 2 – Supervisory Authority
  • Chapter 3 – Supplementary measures for the implementation of the GDPR
  • Chapter 4 – Implementation of the Directive (2016/680).
  • Chapter 5 – Final Provisions

Below you will find the additions and derogations from the GDPR on the most important topics of data protection that companies need to know. If topics are not linked, there are no derogating provisions in national data protection law

  1. Specific data protection law and official guidelines
  2. Substantive and territorial scope (no regulations deviating from the GDPR)
  3. Definitions
  4. Legal principles (no regulations deviating from the GDPR)
  5. Legal basis under Greek data protection law
  6. Sensitive data in Greek data protection law
  7. Informing requirements under Greek data protection law
  8. E-marketing (new regulation by ePrivacy Regulation remains to be seen)
  9. Cookies (no regulations deviating from the GDPR)
  10. Automated decision-making under Greek data protection law
  11. Data subjects’ rights under Greek data protection law
  12. Processing on behalf of a controller (no regulations deviating from the GDPR)
  13. Records of processing activities under Greek data protection law
  14. Data security (no regulations deviating from the GDPR)
  15. Data breaches (no regulations deviating from the GDPR)
  16. Data protection impact assessment (DPIA) under Greek law
  17. Data protection officer under Greek law
  18. Certification (no regulations deviating from the GDPR)
  19. Data transfer (no regulations deviating from the GDPR)
  20. Supervisory authorities under Greek data protection law
  21. Sanctions and penalties under Greek data protection law
  22. Data protection for employees under Greek law
  23. Archiving, scientific and historical research under Greek data protection law
activeMind.legal Rechtsanwaltsgesellschaft is a law firm specialising in data protection law. With our partner firms in the UK and Switzerland, we cover all aspects of GDPR compliance and national data protection law in Europe.

Munich

activeMind.legal
Rechtsanwaltsgesellschaft m. b. H
Potsdamer Straße 3
80802 Munich, Germany

+49 (0) 89 / 919 29 49 00

Berlin

activeMind.legal
Rechtsanwaltsgesellschaft m. b. H
Kurfürstendamm 56
10707 Berlin, Germany

+49 (0) 30 / 770 19 10 70

Services

Resources

About

Group

© 2016-2024 activeMind.legal

powered by rethink digital & KLEINWERKSTATT

Contact us!

+49 (0)89 / 91 92 94 – 900

Full details of how we handle your data can be found in our privacy policy.

Secure the knowledge of our experts!

Subscribe to our free newsletter:

By clicking on "Subscribe now" you consent to receive our newsletter. We will only use your data in accordance with our privacy policy.