Yes, scraping public data in Greece is generally permissible, but strict compliance with national and EU data protection laws is mandatory. Publicly accessible information does not automatically grant unrestricted reuse; the Hellenic Data Protection Authority (HDPA) enforces GDPR and local regulations, requiring transparency, lawful basis, and purpose limitation. Recent 2026 amendments to Law 4624/2019 further clarify obligations for automated data collection, emphasizing accountability and data minimization.
Key Regulations for Scraping Public Data in Greece
- GDPR Compliance: Any scraping must align with GDPR principles (Article 5), ensuring lawful processing, data minimization, and purpose specification. Automated collection triggering large-scale processing requires a Data Protection Impact Assessment (DPIA) under Article 35 GDPR.
- Law 4624/2019 (National e-Government Law): Mandates that public sector data reuse adheres to open data principles (Article 10), but prohibits scraping for commercial exploitation without prior authorization from the Hellenic Republic’s data controller (e.g., ministries or public bodies).
- Copyright and Database Rights: Public data may be protected under Law 2121/1993 (Copyright Law) or sui generis rights (Database Directive 96/9/EC). Scraping dynamic or structured datasets without permission risks infringement, particularly if extraction exceeds fair use thresholds.
Additional scrutiny applies to personal data under HDPA guidelines, which prohibit scraping from public registers (e.g., land registries) without explicit consent or a statutory exemption. Non-compliance may result in fines up to €20 million or 4% of global turnover under GDPR Article 83.