The Hellenic Data Protection Authority (HDPA) is an independent public authority, responsible for supervising the application of data protection legislation in Greece, mainly the General Data Protection Regulation (GDPR) and all other regulations pertaining to the protection of individuals from the processing of personal data as well as to the exercise of the duties assigned each time. The HDPA was first established with Law 2472/1997 in line with Directive 95/46/EC and by Law 4624/2019 was provided as the Hellenic competent supervisory authority responsible for monitoring the application of the GDPR. The HDPA has also functions and powers related to other relevant regulatory frameworks, such as the Law 3471/2006 which transposes e-Privacy Directive 2002/58/EC into the Greek legislation.  

The HDPA issues guidelines, examines complaints and conducts audits focusing on technical and organizational measures with respect to personal data protection, whilst it also evaluates the effectiveness of such measures in light of the legal requirements. Moreover, the Authority’s mission includes promoting public awareness and understanding of the risks, rules, safeguards and rights in relation to personal data processing, as well as promoting the awareness of data controllers and processors of their obligations.  

The HDPA is also a member of the European Data Protection Board (EDPB), which was established by the GDPR.