PERSONAL DATA PROTECTION/ GDPR

PERSONAL DATA PROTECTION/ GDPR

Introducing the Newly Implemented Personal Data Protection Act

In light of the recent implementation of the Personal Data Protection Act, Cvjetićanin & Partners Law Firm has actively participated in several conferences and in that way, educating general public about its novelties. The new Personal Data Protection Act closely aligns with European regulations, particularly the GDPR (General Data Protection Regulation), demonstrating a harmonization rate of nearly 100%.

Our proficient legal team has undertaken the organization of informative seminars designed to familiarize Data Protection Officers with their rights and responsibilities under this new framework. Furthermore, when the need arises, our legal experts can serve  as appointed Data protection officers (DPOs).

The Belgrade Bar Chamber has offered its perspective on this matter, asserting that attorneys, despite providing independent legal services, are eligible candidates to serve as DPOs.

Schrems II Decision and New Standard Contractual Clauses (SCCs)

Following the momentous “Schrems II” decision by the Court of Justice of the European Union, which invalidated the Privacy Shield framework, the European Commission took decisive action on June 4, 2021, by issuing two new sets of standard contractual clauses (SCCs).

These contractual clauses are instrumental in establishing adequate data protection safeguards for data processing and transfers. Given that the previous SCCs, formulated under the Data Protection Directive 95/46, became outdated, the European Commission introduced modernized SCCs compliant with the General Data Protection Regulation (GDPR). The updated SCCs introduce additional obligations for processors and data importers, as well as delineate specific data security requirements and data retention limitations, among other provisions.

Prior to this development, the European Data Protection Board (EDPB) adopted Guidelines governing the transfer of personal data from the European Economic Area (EEA) to non-EEA countries, including the USA and the UK.

Privacy Policy and Terms of Use

Cvjetićanin & Partners Law Firm routinely provides services geared towards aligning clients’ business models with the obligations mandated by the new Personal Data Protection Act. This includes the preparation of privacy policies and terms of use, particularly tailored to online-driven businesses. This category predominantly encompasses online stores and service providers, which, as part of their regular operations, process substantial volumes of personal data.

In addition to proactive measures, our firm offers representation in legal proceedings pertaining to personal data breaches, as well as advocacy in matters before the Personal Data Protection Commissioner. We are committed to delivering comprehensive legal solutions in the dynamic and ever-evolving landscape of personal data protection.