On 25 February 2020, the Hellenic Data Protection Authority published guidance on the use of cookies (and similar technologies). The guidance reiterates the rules around consent and provides examples of cookies which fall into the consent exemptions. In line with the Authority’s previous position, web analytics cookies are not exempted from consent. The guidance also examines the methods of providing information and obtaining consent and sets out bad practices. Controllers are granted a 2-month grace period to adjust their practices.