Data protection, Internet & Privacy


Name: Professor Dr. Konstantinos Christodoulou


Name: Sofia Getimi, LL.M


Our data protection law team actively advises our clients across various market sectors (insurance, pharma, electronics, event planning, shipping etc.) on all aspects of data protection and privacy law, ranging from data mapping and gap analysis, to the implementation of sophisticated compliance measures and the continuous monitoring thereof, aiming at business-oriented solutions, adapted to each client’s specific needs, organization and activities.

We closely follow up on the legal, regulatory and case-law developments at a national, EU and international level, including in particular the evolving cybersecurity regulations as well as any new initiatives and regulatory proposals concerning the use of advanced technologies (e.g. blockchain, IoT, etc.). The Covid-19 crisis has caused a dramatic increase in the use of digital communications as well as an increase in the cyber crime rate. Our data protection and privacy team, backed by our strong insurance team, possesses a deep understanding of cyber risks and of ways to detect it.

Our services indicatively include:

  • Data mapping of existing data processing activities and data protection measures, and identification of any gaps in the compliance policy;
  • Design and implementation of complete compliance policy, in cooperation with the client’s competent departments and in view of the client’s activities and specific needs;
  • Drafting of internal data protection policies and procedures, privacy notices and consent forms, and of any other forms that may be required (e.g. reply forms to data subject requests);
  • Review of contractual texts and reform thereof in accordance with the applicable data protection law provisions;
  • Advising our clients in relation to data breach incidents: assessment of the incidents and of the need to notify the competent data protection authorities and/or the data subjects concerned, advice on mitigation measures to be taken, etc.;
  • Review of the safeguards implemented in case of cross-border data transfers, and advice on supplementary measures to be implemented;
  • Data Protection Officer services, and/or support services to internal DPOs;
  • Regulatory monitoring and information on significant developments.


The combination of our data protection law expertise, with our academic knowledge and practical experience in other legal sectors, particularly concerning regulated markets and undertakings, places us in an optimum position to design and implement compliance strategies and solutions custom-made to the specific needs of such highly-regulated businesses.