Data Protection & Cybersecurity

Contact Person

Theodore Konstantakopoulos

Theodore Konstantakopoulos





Digital transformation has made compliance with data protection and cybersecurity regulations a key challenge to businesses worldwide. Our firm is a pioneer in Greece in cutting-edge data protection and cybersecurity legal issues having a dedicated relevant practice for over fifteen years, since the onset of the relevant regulations. Our long term involvement has helped us develop in-depth legal capabilities and gain a true understanding of the technologies we encounter as part of our work. We consider that these features, combined with our holistic and business-friendly approach to clients, make our offering truly unique.



Compliance support

We provide compliance support to help our clients keep pace with the changing regulatory landscape in data protection and cybersecurity and minimize legal compliance risks in their day-to-day operations. In this context we implement GDPR compliance programs, we draft internal policies and procedures, we conduct privacy impact assessments, handle data breaches, perform data protection audits and we provide trainings. We also perform data mapping exercises and help clients implement the safest mechanisms for trans-border data flows and transfers of data outside the EU.


We provide advisory in areas such as marketing campaigns, behavioral advertising and operation of online shops, whereas we frequently advise our clients on employment related issues, such as whistleblowing schemes and internal investigations, background checks and monitoring systems.

New applications & technologies

We also ensure that clients who launch new applications, technologies and products do so in a legally compliant manner. Some other areas we have been involved in include inter-connected devices, products with AI capabilities, innovative applications and platforms for medical and insurance services and, use of biometric methods and identification technology.


In the area of cybersecurity, we frequently advise cloud providers, online shops and other digital service providers on network and information security arising from the NIS Directive, the PSD2 Directive and other related legislation.

In the field of M&A

We work with our M&A and project development colleagues to perform privacy due diligence and include the necessary reps and warranties in the SPA and other transactional documents.


Chambers Europe 2022


Chambers Europe

Legal500 Top Tier 2022



Chambers Europe Top Ranked 2021


Chambers Europe

Legal500 Top Tier 2021