The Serbian legal system became harmonized with GDPR regulations in November 2018, when the National Assembly of the Republic of Serbia adopted a new Law on Personal Data Protection which comes into effect on August 21, 2019. The Law is binding to all organizations, institutions and companies in Serbia that process personal data of EU citizens in their business regardless of where the head office or representative office is physically located in the world.
As part of the wider process of harmonizing the national law of Serbia with EU law, the Law foresees a drastically higher level of liability for organizations that collect and process personal data. The law covers a variety of different situations, especially when the data is comprised. In the era of information technologies and internet, the essence of the new European personal data protection is that each company which is involved in personal data collection and analysis process is required to be well-informed about these individuals’ rights, as one of the major human rights and freedoms under the Constitution of the Republic of Serbia.
Besides many novelties, the new Law elaborates certain procedures, rights, obligations and competences in more detail.
There is a considerable amount of uncertainties in its practical application and the question is to what extent Serbian controllers and processors are really prepared for the commencement of the application of the Law in terms of adjusting their data processing with new statutory obligations and requirements.
For more details on GDPR please do not hesitate to get in touch with us.