GREECE Law and Practice Contributed by: Stathis Orfanoudakis, Theodore Konstantakopoulos and Yolanda Antoniou-Rapti, Zepos & Yannopoulos
cable law – that will enable the recipients to form an opinion on the offer. 6.14 Timing of the Takeover Offer The takeover offer acceptance period com- mences from the publication of the relevant information memorandum and cannot be shorter than four weeks or longer than eight weeks. The HCMC may extend the period by a maximum of two weeks, at the request of the offeror. Any required regulatory approvals are typically obtained within the above-mentioned time- frames. Setting up a new company in Greece is now a rather quick and straightforward process – with the exception of companies engaging in spe- cific regulated activities (eg, financial or insur- ance services), which may be subject to prior approval/licensing by the competent regulatory bodies, such as: • the Bank of Greece, as regards financial and credit institutions and insurance companies; • the HCMC, as regards investment firms and any other entities supervised by it; • the Hellenic Gaming Commission; and • the Hellenic Telecommunications and Post Commission (EETT). 7. Overview of Regulatory Requirements 7.1 Regulations Applicable to a Technology Company Companies in the technology sector are also subject to the horizontal provisions of Regula- tion (EU) 2016/679 (the “General Data Protection Regulation” (GDPR)) and Greek Law 4624/2019, which supplements the GDPR. The competent
supervisory authority monitoring compliance with the GDPR and Greek Law 4624/2019 is the Hellenic Data Protection Authority. Buyers should examine the target’s compliance with industry-specific vertical legislation. By way of example, operators of essential services (OESs) (eg, companies in the digital infrastruc- ture sector, such as Internet Exchange Points) and digital service providers (DSPs) (cloud ser- vice providers, online marketplaces and search engines) are subject to a set of network and information systems security requirements intro- duced by Greek Law 5160/2024, which trans- posed into the Greek legal framework Directive (EU) 2022/2555 on measures for high common level of cybersecurity across the Union (the “NIS2 Directive”). The National Cybersecurity Authority (estab- lished under Greek Law 5086/2024) is designat- ed as the Computer Security Incident Response Team (CSIRT) and is competent to supervise and monitor the application of Greek Law 5160/2024. In addition, Greek Law 4961/2022 on emerging information and communication technologies and strengthening of digital governance pro- vides for further obligations applicable to DSPs and OESs, including cybersecurity measures for the development, importation, distribution and use of internet of things (IoT) technology devic- es. Moreover, specific rules apply to providers of public communication networks or publicly available electronic communication services, which for certain services need to operate under a general authorisation regime. The competent authority in this regard is the EETT. Additionally, newly introduced Greek Law 5099/2024, which supplements the EU Regulation 2065/2022 (the “Digital Services Act”), gave EETT the authority to set up and operate a Registry of Intermediary
178 CHAMBERS.COM
Powered by FlippingBook