Greece

The two main data protection laws in Greece are:

Protection of Individuals with regard to the Processing of Personal Data

Protection of personal data and privacy in electronic telecommunications sector and amendment of law 2472/1997

The Hellenic Constitution of 1975, as revised April 1, 2001, contains a set of fundamental rules covering privacy.

The Greek constitution has several provisions on the protection of basic human rights, which includes privacy.

Law 2472/1997 governs the protection of individuals with respect to processing of personal data, implementing the Directive.

Law 2774/1999 governs protection of personal data in the telecommunications sector.

The Hellenic Data Protection Authority has produced a decision on monitoring in the workplace.

Data Protection Authority Decision 115/2001 interprets the norms laid down in laws 2472/1997 and 2774/1999 on data protection for the purpose of applying them in the area of employment relationships.

Data Protection Authority Decision No. 61/2004 sets forth the general considerations for the monitoring of electronic communications in the workplace.

Law 1767/1988, as amended by Law 2224/1994, grants worker’s councils powers to jointly decide with the employer on certain issues including surveillance.

The Data Protection Act contains restrictions on the transfer of personal data to third countries outside of the European Economic Area (EEA). Personal data can be transferred to another country only if that country ensures the level of data protection that corresponds to the level of data protection in Greece.

Article 9 of the Protection of Individuals with regard to the Protection of Personal Data complies with the requirements of the EU Data Protection Directive.