Senior Associate Athens
"As primary markets become increasingly saturated, attention is shifting towards secondary locations, where opportunities for expansion and cost efficiency are more favourable."
The global data centre industry is expected to maintain its strong momentum over the coming years, with current market reports estimating Compound Annual Growth Rates (“CAGR”) between 11% and 17%. Investment returns in this sector typically range between 5% and 12%, making it an attractive proposition for institutional and private investors alike. As primary markets become increasingly saturated, attention is shifting toward secondary locations, where opportunities for expansion and cost efficiency are more favourable.
Decisions around where to establish new data centres are shaped by a variety of strategic considerations. These include geopolitical stability, the rise of generative AI and digital transformation across industries, supply chain resilience and the need to optimise both rental and operational costs. In addition, sustainability has emerged as a central theme in the evolution of data centre design and operation. With the EU’s long-term goal of carbon neutrality and growing awareness of the climate crisis, operators are investing heavily in renewable energy sources, battery storage solutions and on-site microgrids to reduce environmental impact. The sector, traditionally known for its high energy consumption, is undergoing a transformation toward greener practices.
Greece’s role in the international landscape
As of 2024, Greece’s data centre market was estimated to be worth approximately US$812m, with forecasts suggesting it could grow to around US$2.070bn by 2030, reflecting a robust CAGR of nearly 17%. This upward trajectory is supported by a wave of strategic investments, most notably Microsoft’s landmark €1bn commitment to establish a regional hub in the greater Athens area.
Beyond Microsoft, several other operators — including Digital Realty, Sparkle, Data4, Apto and Lancom — are actively expanding their footprint across regions such as Attica, Macedonia and Crete, signalling growing confidence in Greece’s digital infrastructure potential.
Greece offers a compelling value proposition for data centre development. Its geopolitical position, serving as a gateway between Europe, Asia and Africa, makes it an ideal location for undersea cable networks, which are critical for enhancing international connectivity. A number of undersea cable projects in Greek territorial waters have already been announced for implementation and market players are optimistic that the number of such cables could well exceed 20 over the coming years. Additionally, the country benefits from comparatively lower costs in land acquisition, energy, construction and labour when measured against other OECD nations—factors that significantly boost its investment appeal.
Athens has already emerged as a key data centre hub in Southeastern Europe and national efforts to modernise the economy, digitise public services and streamline regulatory processes are further reinforcing the sector’s growth. Greece’s abundant natural resources – sunlight, wind and water – combined with its aggressive push toward renewable energy adoption, positions the country well to support the development of sustainable and energy-efficient data centres.
A Solid Framework for the Construction and Operation of Data Centres
"Greece has recently introduced and implemented a solid framework to regulate data centres."
The Data Centres Law
Greece has recently introduced and implemented a solid framework to regulate data centres. Law 5069/2023 on building and construction regulations and permitted uses of land for data centres (the “Data Centres Law”) amended the existing Law 4442/2016 on a “new institutional framework for the exercise of economic activities” (“Law 4442”) and set in place for the first time a distinct regulatory regime for the construction and operation of data centres in Greece. The Data Centres Law mainly regulates the operation notification obligations for new and existing projects and sets specific land uses and building requirements for the implementation of new data centres.
Obligation to notify
Under specific conditions set in Law 4442 and aiming to protect public interest, the exercise of economic activity may be subject to a prior notification to the competent authority.
Data centres are subject to the notification obligation set out in Law 4442 in the following cases:
- the data centre provides services to third parties in part or in whole and the total nominal electricity capacity of its IT equipment is equal to or greater than 200 kW; and
- the data centre does not provide services to third parties but exclusively serves the benefit of another economic activity of the same user (self-use) and the total nominal electricity capacity of its IT equipment is equal to or greater than 1,000 kW.
Data centres not falling within the above specifications are not subject to the notification obligation of Law 4442, however they are not exempted from any other obligations set in the relevant legislation.
A Ministerial Decision issued in December 2024 further specified the exact notification procedure, supporting documentation, fees and penalties in cases of non-compliance, thus completing the basic regulatory framework for data centre projects.
Land uses and building requirements
The Data Centres Law has included data centres in a special land use category of Presidential Decree 59/2018 which regulates the use of land. The construction and installation of data centres is permitted in: (i) areas where the special land use category is allowed; and (ii) areas where there is no land use designation if construction is not prohibited by other more specific provisions.
"The Data Centres Law has included data centres in a special land use category of Presidential Decree 59/2018 which regulates the use of land."
In addition, the Data Centres Law set specific building requirements regarding the building factor, coverage rate and other construction-related crucial factors. It also sets requirements relating to fire protection obligations, classifying data centres according to the electrical power of their IT equipment as follows:
- data centres with IT equipment with an electrical power equal or greater than 200 kW are assessed under the “Industry – Craft Industry” category, which includes buildings, or parts of buildings, or structured housing industries, craft industries, workshops, laboratories and services with significant electromechanical equipment; and
- data centres which have IT equipment with an electrical power less than 200 kW are assessed under the “offices” category, which includes buildings or parts of buildings used for intellectual or administrative activities, whether public or private, or for business activities, provided they are not included in the commercial category.
Environmental Licensing of Data Centres
The environmental licensing procedure is currently regulated by Law 4014/2011 and its secondary legislation. All public and private projects and activities are classified in categories and subcategories depending on their environmental impact and significance to determine the environmental licensing procedure which must be followed.
a. Category A: with the following subcategories:
- subcategory A1: projects which may have very significant impact on the environment; and
- subcategory A2: projects which may have a significant impact on the environment.
Projects falling under Category A need to obtain an Environmental Terms Approval (“ETA”) from the competent licensing authority, following the submission of an Environmental Impact Assessment file and completing a consultation period, during which the competent opining authorities and administrative bodies (such as archaeological, forest and siting authorities) submit their opinions on the EIA file to the licensing authority.
b. Category B: projects which may have a local and insignificant impact on the environment. These projects don’t need to obtain an ETA, but are subject to general environmental protection standards, terms and restrictions, as these are set out in their Decision on Standard Environmental Commitments.
Data centres are environmentally classified as follows:
- data centres with installation electricity capacity equal to, or larger than 20 MW, fall under environmental Category A, Subcategory A2; and
- data centres with installation electricity capacity equal to, or larger than 2 MW and up to 20 MW, fall under environmental Category B.
A Ministerial Decision of July 2025 completed the environmental licensing framework for data centres by setting the procedure and timeframe for the issuance of Standard Environmental Commitment decisions for such projects, the supporting documentation, the validity period of the decisions and other necessary details.
Additional Regulatory Considerations
Foreign Direct Investments Law
"Greece has enacted the FDI Law, establishing a comprehensive legal framework for the screening of Foreign Direct Investments."
Greece has enacted Law 5202/2025 (the “FDI Law”), establishing a comprehensive legal framework for the screening of Foreign Direct Investments (“FDIs”) with the intent to harmonise national legislation with the EU framework on FDI screening. The law introduces a mechanism to assess and, where necessary, restrict foreign investments that may pose risks to national security or public order.
Under the FDI Law, a FDI is subject to screening if it involves:
- a third-country investor targeting a sensitive sector (such as infrastructure, assets, goods and services necessary in the sectors of energy, IT, digital infrastructure etc.);
- an EU investor controlled by a third-country entity or government; and
- an EU investor with ≥10% participation by a third-country person, entity or government, and the target operates in a particularly sensitive sector (such as infrastructure, assets, goods and services necessary in the sectors of defence, cybersecurity, AI etc.).
Investors must obtain FDI approval by the Interministerial Committee for the Screening of Foreign Direct Investments or be exempted from such obligation before completing the investment, by applying to the competent authority.
Failure to comply with the FDI Law requirements may result in fines or even the reversal or prohibition of the investment.
Cybersecurity Law
Network and Information Security 2 (NIS2) Directive of the European Parliament and the Council (Directive (EU) 2022/2557) was transposed into national legislation as Law 5160/2024 (the “Cybersecurity Law”). The Cybersecurity Law introduced a framework of cybersecurity risk management rules and measures which should be adopted by the public or private entities which fall under its scope. Supervisory and enforcement measures are also applicable.
The Cybersecurity Law is applicable to a wide range of entities categorised by sector and size. It is also applicable to entities whose services have a significant impact on the economy and society as well entities identified as “critical entities” under the NIS2 Directive, both irrespective of size. The entities concerned are those which are established or provide their services or operate within the Greek territory.
Among others, the Cybersecurity Law is applicable to private entities operating in “sectors of high criticality” and “other critical sectors”. Digital infrastructure is included in the sectors of high criticality, and data centre and cloud services providers are among the regulated entities.
The Cybersecurity Law distinguishes the regulated entities as “essential” or “important” depending on whether they fall under the parameters for medium-sized enterprises, their scope of business and nature. Both essential and important entities must comply with the requirements of the Cybersecurity Law and adopt risk management measures, such as incident handling, business continuity, use of cryptography, implementation of a unified cybersecurity policy compliant with the standards set by the National Cybersecurity Authority and reporting obligations; supervisory and enforcement measures may differ depending on the type of entity.
Personal Data Protection
Data centres operating in Greece are subject to the provisions of the EU’s GDPR (General Data Protection Regulation) and Law 4624/2019, on the protection of natural persons with regard to the processing of personal data.
GDPR and the national legislation regulate the processing of personal data by entities controlling and processing such data in Greece, or regarding operations in Greece, setting specific requirements in relation to the handling of personal data, the exercise of rights of the data subjects, the reporting obligations of the controllers and processors and the transfer of personal data to third countries.
The entities subject to the GDPR and the national legislation provisions must comply with the requirements set therein or face substantial fines.
Strategic Investment Incentives
Law 4864/2021 (the “Strategic Investments Law”) enables qualifying projects the opportunity to be classed as “Strategic Investments”. Such projects may be granted incentives to aid their development and operation – data centre projects are eligible to be approved as Strategic Investments.
Depending on their classification under the Strategic Investments Law, Strategic Investment projects may be eligible to receive one or more incentives, the ones most relevant to data centres include:
"The Strategic Investments Law enables qualifying projects the opportunity to be classed as 'Strategic Investments'."
- siting incentives: for implementing a Strategic Investment, the Greek Ministry of Development may introduce a “Special Plan” for the siting development of Strategic Investments concerning a single land surface. A non-adjacent land surface may be included in the plan, under specific conditions. Forced expropriation of any required plots of land may also be approved;
- fast-track licensing incentives: approved Strategic Investment projects may benefit from a fast-track licensing procedure for the issuance of required permits (including environmental permits) and approvals for the construction, installation or operation of the project; and
- tax incentives: Strategic Investment projects may benefit from a guaranteed, stable tax rate, a favourable taxation regime of gross accumulated profits and accelerated depreciation allowances for fixed assets in accordance with the Commission Regulation (EU) 651/2014.
Other incentives include special routing permissions to and from suitable ports (for projects located in remote areas) and financial aid to cover a portion of costs for the recruitment of disadvantaged workers, research and development, the acquisition of new equipment etc.
Challenges: Grid Availability and Permitting delays
Electricity grid availability has been the Achilles heel of energy-related projects in recent years and data centre projects can be affected by the shortage of grid capacity, depending on the project’s location. To further facilitate the development of data centres in Greece, the government tasked the Greek TSO with the preparation of an energy map, indicating the grid capacity availability in each region. Although the energy map has not yet been officially published, unofficial reports indicate that the regions with the highest available capacity, adequate to host large data centres, include Western Macedonia (700 MW) and Thessaly (650 MW), while Attica and Crete start showing signs of saturation.
In addition, the Greek DNO reports in its 2026-2030 Network Development Plan, which is currently under consultation, that it has received connection requests to the electricity network from a significant number of medium-scale data centres and it expects to receive a total of 284 MVA of connection requests from data centres alone until 2030.
The projected demand for grid capacity from data centres, coupled with the exponential increase to the operation of RES projects (particularly photovoltaics) makes the implementation of additional grid infrastructure works in Greece a pressing matter.
Moreover, projects in Greece often encounter delays to their permitting process thanks to bureaucracy, a lack of clarity around implementation requirements, and a lack of personnel in the competent authorities. Although significant steps have been taken to cut through the red tape and speed up the process, it is important that Greece makes additional efforts to further simplify project implementation and offer investors a stable and clear investment environment.
Outlook
Despite Greece being a relatively new market in the data centre landscape and not as mature as the traditional FLAPD (Frankfurt, London, Amsterdam, Paris and Dublin) markets, it presents considerable advantages to potential investors: a strategic location at the crossroads of three continents, political stability and strong investment support from the government. Combined with a clear regulatory framework, lower costs in land acquisition and development and a well-developed renewables market for synergies, Greece is an attractive choice for data centre investments.
Click here to view the full article series.
