Embedded Files
by
Dimitrios Papantoniou & Ilir Iseni
CyJurII Overseer CyJurII Advisor
on 2 October 2025
The Concept of Privacy in North Macedonia
The concept of privacy in Republic of North Macedonia is primarily governed by the Law on Personal Data Protection (LPDP), which has been in force since 2020. This legislation is comprehensively harmonized with the European Union's General Data Protection Regulation (GDPR), reflecting the country's alignment with European standards.
1.1. Key Principles and Enforcement
The LPDP establishes fundamental principles for data processing, including lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, and storage limitation. Individuals are granted robust data subject rights, such as the right to access, rectification, erasure ('right to be forgotten'), and data portability.
Enforcement is overseen by the independent Personal Data Protection Agency (PDPA), which monitors compliance, issues guidance, and has the authority to impose substantial administrative fines—up to 4% of a company's annual turnover—for serious violations.
The law also mandates requirements like appointing a Data Protection Officer (DPO) and conducting Data Protection Impact Assessments (DPIAs) for high-risk processing, solidifying a strong legal framework for privacy and personal data protection.
Perception of Privacy in Greece
In Greece, privacy is primarily safeguarded at the constitutional level by Article 9A of the Greek Constitution, which stipulates that: “All persons have the right to be protected from the collection, processing and use, especially by electronic means, of their personal data, as specified by law. The protection of personal data is ensured by an independent authority, which is constituted and operates as specified by law.”[1] Moreover, the safeguarding of personal data is explicitly governed in Greece, primarily by European legislation and secondarily by national law. In Greece, as in all EU Member States, the principal source of privacy law is the General Data Protection Regulation 2016/679 (“GDPR”).[2] Furthermore, national Law No 4624/2019[3] establishes regulations concerning the execution of specific elements of the GDPR in Greece, for which the GDPR includes opening clauses. These national regulations either delineate or constrain certain rights and obligations established by the GDPR. The electronic communications sector's privacy regulations are established by Law No 3471/2006 [4](as modified), which enacted the ePrivacy Directive (often referred to as the "Cookie Directive").
References
[1] The Constitution of Greece, Revised by Resolution of November 25, 2019 of the IXth Revisionary Parliament, available at https://www.hellenicparliament.gr/UserFiles/f3c70a23-7696-49db-9148-f24dce6a27c8/THE%20CONSTITUTION%20OF%20GREECE.pdf
[2] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance), available at https://eur-lex.europa.eu/eli/reg/2016/679/oj/eng
[3] Law 4624/2019, Greek version, https://www.kodiko.gr/nomothesia/document/552084/nomos-4624-2019 English version available at https://www.dpa.gr/sites/default/files/2020-08/LAW%204624_2019_EN_TRANSLATED%20BY%20THE%20HDPA.PDF
[4] Law 3471/2006, Greek version https://www.dpa.gr/sites/default/files/2019-09/Ν3471_06.PDF, English version available at https://www.dpa.gr/sites/default/files/2019-10/law_3471_06en.pdf
Page updated
Google Sites
Report abuse