HGC
AI Regulation in Greece iGaming
Hellenic Gaming Commission (HGC) — regulatory overview for AI use cases in Greece's gambling market.
Regulator Overview
Greece regulates online gambling through the Hellenic Gaming Commission (HGC / EEEP) under Law 4002/2011 and subsequent amendments, most recently through Law 4635/2019 which modernised the online gambling licensing framework. The HGC issues licenses to operators meeting technical and financial requirements.
As an EU member state, Greece will fully apply the EU AI Act alongside GDPR enforcement through the Hellenic Data Protection Authority (HDPA / APDC). While Greece's gambling-specific AI requirements are less prescriptive than markets like the UK or Netherlands, EU-wide obligations create significant compliance requirements for AI systems used in Greek iGaming operations.
The Greek market has grown substantially since the licensing framework was updated, attracting international operators. AI use cases around CRM, player monitoring, and fraud detection are increasingly common, making EU AI Act readiness a priority for operators targeting this market.
Key AI & Data Rules
HGC Technical Standards
The HGC requires operators to meet technical standards including data security, fair play verification, and player protection measures. AI systems used for game integrity, player monitoring, or automated decision-making must comply with these standards and be available for regulatory audit.
HDPA Data Protection Enforcement
The Hellenic Data Protection Authority enforces GDPR in Greece. AI systems processing player data must have documented lawful bases, implement data protection by design, and conduct DPIAs for high-risk processing including profiling and automated decision-making.
EU AI Act Obligations
As an EU member state, Greece will apply the EU AI Act in full. AI systems used in gambling that affect player access to services, assess vulnerability, or make financial decisions are likely classified as high-risk, requiring technical documentation, human oversight, and registration.
Responsible Gambling Requirements
Greek regulation requires operators to implement responsible gambling measures including self-exclusion mechanisms and player protection tools. AI systems supporting these functions must demonstrate reliability and cannot substitute for required human oversight in critical intervention decisions.
Regulatory Sources
Law 4002/2011 on Gambling Regulation
Hellenic Parliament
HGC Regulatory Framework
Hellenic Gaming Commission
HDPA Guidelines
Hellenic Data Protection Authority
EU AI Act (Regulation 2024/1689)
European Parliament and Council
Frequently Asked Questions
Does the EU AI Act apply to gambling operators in Greece?
Yes. As an EU member state, Greece will fully apply the EU AI Act. Operators using AI systems that affect Greek players — including CRM, player monitoring, fraud detection, and automated decisions — must comply with classification requirements, documentation obligations, and human oversight mechanisms.
What data protection rules apply to AI in Greek iGaming?
GDPR is enforced in Greece by the Hellenic Data Protection Authority (HDPA). AI systems processing player data need documented lawful bases, data protection impact assessments for high-risk processing, and transparent information about automated decision-making logic.
What are the HGC requirements for AI systems?
The HGC requires operators to meet technical standards covering data security, fair play, and player protection. AI systems must be auditable, maintain logs, and comply with responsible gambling requirements. The HGC can request technical documentation of AI systems during regulatory audits.
How mature is AI regulation in the Greek gambling market?
Greece's gambling-specific AI regulation is less prescriptive than markets like the UK or Netherlands. However, EU-wide obligations (EU AI Act and GDPR) create substantial compliance requirements. Operators should prepare for EU AI Act classification and documentation requirements as they phase in through 2026.
Assess your AI use case in Greece
Check whether your AI use case is low, medium, or high risk under HGC regulation — with source-backed guidance.
Start Free AssessmentOperational guidance, not legal advice.