Our firm participated in the public consultation process launched by the General Assembly of the Greek Bar Associations for the draft Code of Conduct (“CoC”) on the processing of personal data by lawyers, law firms and lawyers’ unions. The main goal of this CoC, which requires prior approval by the Hellenic Data Protection Authority, is to create a uniform and harmonised approach among lawyers, law firms and lawyers’ unions towards data protection compliance by taking into consideration the specific characteristics of data processing in the context of the provision of legal services.
Mary Deligianni, head of our data protection & cybersecurity practice, provided her comments on several provisions of the CoC, including the role of lawyers as controllers or processors in the relevant processing activities, the manner that privacy notices should be effected to clients, the data retention periods applicable to case files, the legitimate bases for the processing, the need for the appointment of DPOs by lawyers and law firms, as well as the required mechanisms that should be granted to the body tasked to monitor compliance with the CoC. To view our comments (in Greek) on the public consultation, please click here.