22
Thu, May
54 New Articles

Data Protection Act Principles for Business Managers

Data Protection Act Principles for Business Managers

Serbia
Tools
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

The rising importance of data protection practice inevitably affects even those who intentionally want to ignore it. There is already an infinite quantity of material about the new data protection regime. The practice is getting richer every day, which makes the interpretation of the existing legislation even more complex. As in other areas of law, there are no shortcuts. It is not possible to read from one specific source and to immediately get to the point of at least general understanding.

Still, there is a smart approach for non-experts which can help a lot in the preliminary estimation of compliance with the Serbian Data Protection Act (“SDPA”).

As in the General Data Protection Regulation (widely known as GDPR), principles envisaged by the SDPA are straightforward. These principles are at the heart of the SDPA. They set the spirit of the data protection regime in Serbia.

If your company’s data protection practice follows the logic of the six principles, it means that you may be on the right track.

On the contrary, if your company is not compliant with these principles, it means that you certainly need to work on your data protection practice.

Six SDPA key principles are:

  1. Lawfulness, fairness, and transparency;
  2. Purpose limitation;
  3. Data minimization;
  4. Accuracy;
  5. Storage limitation;
  6. Integrity and confidentiality.

The business manager faced with a question about whether their company data protection practice is doing a good job, may firstly to go through the six key questions based on the above-mentioned principles.

So, personal data should be:

  • processed in a lawful, fair and transparent manner;
  • collected with the lawful purpose and processed in line with that purpose;
  • limited to what is necessary and with respect to the purpose;
  • accurate and kept up to date;
  • kept for no longer than is necessary for the respective purpose;
  • processed in a manner that ensures the security and integrity of the data.

Principles are not to be used as a quick test. Yet, knowing principles help non-lawyers to understand the logic behind the Serbian data protection regime.

This text is for informational purposes only and should not be considered legal advice. Should you require any additional information, feel free to contact us.

By Milos Velimirovic, Partner, and Katarina Zivkovic, Senior Associate, Samardzic, Oreski & Grbovic

Serbia Knowledge Partner

SOG in cooperation with Kinstellar is a full-service business law firm in Serbia that provides foreign and domestic clients with premium-quality legal advice and assistance across a wide range of key areas of corporate law. The firm was founded in 2015 by a group of seasoned, internationally-trained lawyers. SOG has developed a distinctively dynamic culture, bringing together top talent, fostering entrepreneurship, and maintaining exceptional relationships with its clients.

SOG has achieved consistent growth in the volume of its business, accompanied by an exponential increase in the number of hired associate lawyers and the firm’s network of business contacts. SOG has a robust client base of multinationals, investment and private equity firms, and financial institutions. Clients praise SOG for being commercially minded, very responsive and knowledgeable.

Establishing permanent cooperation with Kinstellar is part of realising SOG's long-term development strategy to be the leading provider of legal services in the Western Balkans market.

Firm's website: https://www.kinstellar.com/

 

Our Latest Issue