Data Protection & Cybersecurity

Contact Person

Theodore Konstantakopoulos

Theodore Konstantakopoulos





Digital transformation has made compliance with data protection and cybersecurity regulations a key challenge to businesses worldwide. Our firm’s data protection and cybersecurity team is one of the longest established and highly specialised practices in Greece, offering top quality expertise to our clients -typically multinational companies- and practical solutions that make impact on their business. Our long-term involvement has helped us develop in-depth legal capabilities and gain a true understanding of the technologies we encounter as part of our work. We consider that these features, combined with our holistic and business-friendly approach to clients, make our offering truly unique.



Regulatory Advice

We provide compliance support to help our clients keep pace with the changing regulatory landscape in data protection and cybersecurity and minimise legal compliance risks in their day-today operations. Our range of services includes: data protection notices to data subjects and consent forms (customers, users of websites, etc.), data protection and cybersecurity policies, HR data and privacy at work (notices to employees, device use policies, use of biometrics, use of AI technologies for hiring, employee monitoring, use of DLP tools, background and criminal checks, operation of CCTV systems, etc.), health data (medical records, health tracking apps, clinical trials, medical devices, etc.), etc.

GDPR compliance audits

We carry out compliance and re-designing projects for our clients’ GDPR-readiness in synergies with (inhouse and external) IT and cybersecurity experts. We have designed and we offer a holistic, end-to-end GDPR compliance program, which we fine tune and adapt to the industry and particular needs of the organisations we support, helping them (a) develop and maintain an appropriate framework for data processing across the entire data lifecycle and (b) demonstrate accountability for GDPR requirements. Moreover, our firm has extensive expert experience in dawn raid procedures from regulatory authorities. We prepare organisations to deal with dawn raids by the Hellenic Data Protection Authority and the Hellenic Authority for Communication Security and Privacy and we advise and support them during the entire process.

Data breach management

Our cybersecurity and data protection team can help you prepare for and respond decisively to any data breach incident (unauthorised access, data leakage, ransomware, etc.), offering immediate legal advice and assistance with breach notification procedures, also assistance with internal and external investigations, to mitigate compliance, liability and reputational risks. Our established partnerships with IT (cybersecurity and forensics) experts, offer added value to our services, ensuring an affective and timely management of obligations and risks.

DPO as a service

As a strategic service line, we provide DPO as a Service in order to help our clients outsource the role of a Data Protection Officer (DPO) thus securing the desired GDPR compliance level. Our team of legal and IT counsels, acting as DPO, is a key player in the data governance system and main instrument for promoting compliance within your organisation.

Data Protection Impact Assessment

We have developed a DPIA methodology and templates, having built on methodologies suggested by various EU supervisory authorities, having also considered relevant guidelines and international risk assessment and risk management standards. Importantly, teams carrying out DPIAs include both, legal and IT experts, who work closely with internal and, as the case might be, external stakeholders, including consultation with the data subjects affected by the envisaged data processing.


We advise and represent organisations across the full spectrum of data protection, cybersecurity and privacy-related complaints, claims and disputes, including from cases of alleged unlawful processing and GDPR violations through to claims for damages arising out of personal data breaches. Our data protection team is supported by our dispute resolution experts, with decades of unparalleled experience, gained in courts at all levels of jurisdictions and particular expertise in cross-border litigation.



Chambers Europe 2024 firm logo


Chambers Europe

Chambers Europe 2023


Chambers Europe

Legal 500 top tier firm 2023



Legal500 Top Tier 2022