Računovodstvo, IT rešitve in davčno svetovanje

Kapucinski trg 11

4220 Škofja Loka

+386 4 506 04 00

Sončni Log 7

1370 Logatec

+386 1 360 20 47

Ljubljanska cesta 28

8000 Novo mesto

+386 1 360 20 26

Petrovče 256

3301 Petrovče

+386 3 424 43 11

Titova cesta 2a

2000 Maribor

+386 2 205 88 37

Rožna ulica 4

5280 Idrija

+386 5 777 55 00

Cesta 4. julija 24

8270 Krško

+386 65 557 712

fb fb fb fb
27. decembra, 2017

SERBIA: Company’s liabilities prescribed with the Law on personal data protection

The company that collects personally identifiable information, prior to collection, is obliged to inform the persons to whom the data relate about their identity and about relevant circumstances about collecting and processing of data (further: Data).

In accordance with the Law on Personal Data Protection (hereinafter: the Law), personal information is any information pertaining to a natural person, regardless of the form in which is expressed and regardless on the information carrier (paper, tape, film, electronic media and sl.).

The consent for the processing of the data must be given in a written form, which contains the indication of the data being processed, the purpose of the processing and the manner of its use.

Each company that collects Data has the following obligations:

  1. To establish and keep a database which, among other things, contains all the above information;
  2. To provide the Commissioner with a notice of intention to establish a database, prior the establishment;
  3. To inform the Commissioner about the beginning of data collection.

Supervision over the implementation and compliance of the Law is in the Jurisdiction of the Commissioner for information of public importance.

In case of non-compliance with the provisions of the law, fines ranging from 50,000 to 1,000,000 dinars are prescribed.

We underline that the area of personal data protection is in development and in the process of harmonization with European legislation. In the forthcoming period, amendments to laws and by-laws are expected. Also, in May 2018, a new General Data Protection Regulation (GDPR) will come into force in the countries of the European Union. GDPR made significant changes of this legal area on the territory of the EU. This Regulation also provides the so-called extraterritorial effect, which means that it also applies in non-EU companies, if in their business they process data on the territory of the EU. We will see how the legislator in Serbia will implement the provisions of GDPR.

Unija BG