Greece AI Regulation

CoE Framework Convention signatory

Overview

• –The EU AI Act (Regulation 2024/1689) applies directly across all member states. Prohibitions on unacceptable-risk AI systems have been in force since 2 February 2025; GPAI model rules since 2 August 2025. High-risk AI obligations are due from 2 August 2026, subject to the Digital Omnibus proposal which may defer enforcement. For the full implementation timeline, governance structure, and current status, see the European Union overview.
• –The General Secretariat of Digital Governance and Simplification of Procedures coordinates national implementation. Market surveillance and notifying authority designation is pending.

This content is for informational and educational purposes only and does not constitute legal advice.

AI Regulation Timeline

1. 29/05/2025

   closure

   Hellenic Data Protection Authority closed investigation into DeepSeek Artificial Intelligence application after appointment of EU representative

   On 29 May 2025, the Hellenic Data Protection Authority (HDPA) closed its investigation into the DeepSeek Artificial Intelligence application after Hangzhou DeepSeek Artificial Intelligence Co., Ltd. informed the Authority on 28 May 2025 that it had appointed Prighter EU Rep GmbH, based in Vienna, as its representative in the European Union, in accordance with Article 27 of the General Data Protection Regulation (GDPR). The appointment followed Interim Ruling 18/2025, in which the HDPA found the company to be within the territorial scope of the GDPR and ordered it to designate an EU-based representative.

   View on Digital Policy Alert ↗
2. 21/05/2025

   interim ruling

   Hellenic Data Protection Authority issued interim ruling in investigation into DeepSeek Artificial Intelligence requiring appointment of EU representative

   On 21 May 2025, the Hellenic Data Protection Authority (HDPA), in the context of its ex officio investigation into the DeepSeek Artificial Intelligence application, issued Interim Ruling 18/2025. The ruling found that Hangzhou DeepSeek Artificial Intelligence Co., Ltd. falls within the territorial scope of the General Data Protection Regulation (GDPR) pursuant to Article 3(2)(b), as its processing activities relate to the offering of services to individuals located in the European Union, and in particular in Greece, despite the company not being established in the EU. The Authority determined that the company had failed to comply with the obligation under Article 27 GDPR to designate a representative within the EU, and accordingly issued a corrective order requiring the company to appoint an EU-based representative in writing and to notify the Authority.

   View on Digital Policy Alert ↗
3. 06/02/2025

   announcement

   Hellenic Data Protection Authority announced investigation into DeepSeek Artificial Intelligence application over legality under GDPR

   On 6 February 2025, the Hellenic Data Protection Authority (HDPA) announced that it had initiated an ex officio investigation into whether the DeepSeek artificial intelligence application complies with the General Data Protection Regulation (GDPR), given that it is available in Greece. The HDPA confirmed that the investigation concerned the lawfulness of the provider's personal data processing activities in connection with its services targeting individuals in Greece.

   View on Digital Policy Alert ↗