About GDPR

Regulation (ΕU) 2016/679 of the European Parliament and of the Council of 27 April 2016 deals with the protection of natural persons with regard to the processing of personal data and on the free movement of such data. It is also known as the General Data Protection Regulation (GDPR) and it is both about the Data Controllers as well as the Data Handlers of personal data.   

The new regulation was put into effect on May 25, 2018 and is the toughest privacy and security law in the world. All organizations that process the personal data of EU citizens or residents, or offer goods or services to such people are required to be compliant even if they are not in the EU.  

Non-compliance to the provisions set by the Regulation can lead to huge administrative fines which max out at €20 million or 4% of global revenue. Moreover, data subjects, whose personal data have been leaked or violated, can seek compensation for damages. 

Our Services

“Oikonomakis Law” and its experienced and specialized lawyers and experts on GDPR issues can undertake the adaptation of your business or organization to the provisions and requirements set by the General Data Protection Regulation (GDPR). Besides making sure you comply with these legal obligations, we can also turn such compliance into a business advantage over competitors.

We can provide our clients the following services regarding data protection (GDPR) with diligence and professionalism, even across borders:

Evaluation Services

The General Data Protection Regulation brings with it a significant development regarding the management of every business or organization. According to the new Regulation it is necessary to reshape old and to introduce new internal policies and procedures in order for a business or an organization to effectively protect personal data.

Within this framework, we offer these evaluation services:

  • Data Mapping
  • Registry File
  • Data Flows
  • Gap Analysis
  • Data Protection Impact Assessment (DPIA)
  • Impact analysis
  • Risk analysis
  • Risk management
  • Action Plan
  • Final report

Implementation Services

  • Encryption
  • Backups
  • Security Policies
  • Process Redesign
  • Network Security
  • Contract Restructuring
  • Vulnerability Assessments
  • Data Protection Policies

Maintenance / Management Services

  • File of Activities / Procedures / Policies update
  • Managing Violation Incidents
  • Data Management
  • Handling of breach of personal data incidents
  • Monitoring
  • Testing modules and adjustment

Group of Companies Services

  • BCRs
  • SCCs
  • Audit and Impact Assessment of International Transmissions
  • GDPR Agreement

Education Services

  • E-learning
  • In person seminars-workshops-educational material
  • Staff training
  • DPO Training
  • Cyber-Security Training
  • Constant updating on new provisions

Support Services & Internal Audit

  • Dpo as a Service
  • Dpo Support
  • GDPR Alert
  • IT Audits (It Infrastructure Audit & High Level IT Audit Report)

GDPR Legal Terms

Personal data — Personal data is any information that relates to an individual who can be directly or indirectly identified. Names and email addresses are obviously personal data. Location information, ethnicity, gender, biometric data, religious beliefs, web cookies, and political opinions can also be personal data. Pseudonymous data can also fall under the definition if it’s relatively easy to ID someone from it. 

Data processing — Any action performed on data, whether automated or manual. The examples cited in the text include collecting, recording, organizing, structuring, storing, using, erasing… so basically anything. 

Data subject — The person whose data is processed. These are your customers or site visitors. 

Data controller — The person who decides why and how personal data will be processed. If you’re an owner or employee in your organization who handles data, this is you. 

Data processor — A third party that processes personal data on behalf of a data controller. The GDPR has special rules for these individuals and organizations. They could include cloud servers like Tresorit or email service providers like ProtonMail. 

Call us 24/7

At “Oikonomakis Law” with Strategy, Planning, Appropriate Human Resources and Expertise we are ready 24/7 to respond to your every business or personal inquiry by providing legal advice and solutions to even the most complex issues you face. With more than 25 years of experience in the field, we can provide consultation and legal services seamlessly and across borders with a solution-based approach and professionalism.


We are future-oriented by setting strategic long-term goals; planning ahead is not just a necessity but an inherent characteristic of our corporate identity.


We strive for fairness by treating everyone with respect, not just courtesy.


Our mind-set is global thus we enjoy working seamlessly across borders.


We focus on delivering world-class legal services and advice, thus reaching for the highest standard possible means that excellence is the only threshold.

Key Contacts

Oikonomakis Christos

Papageorgiou Zoi

Mitrogianni Aikaterini

Micha Maria-Mirsini

Sfakianakis Emmanouil

Contact Us