Sat, Jul
54 New Articles

Data Protection Act Principles for Business Managers

Data Protection Act Principles for Business Managers

  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

The rising importance of data protection practice inevitably affects even those who intentionally want to ignore it. There is already an infinite quantity of material about the new data protection regime. The practice is getting richer every day, which makes the interpretation of the existing legislation even more complex. As in other areas of law, there are no shortcuts. It is not possible to read from one specific source and to immediately get to the point of at least general understanding.

Still, there is a smart approach for non-experts which can help a lot in the preliminary estimation of compliance with the Serbian Data Protection Act (“SDPA”).

As in the General Data Protection Regulation (widely known as GDPR), principles envisaged by the SDPA are straightforward. These principles are at the heart of the SDPA. They set the spirit of the data protection regime in Serbia.

If your company’s data protection practice follows the logic of the six principles, it means that you may be on the right track.

On the contrary, if your company is not compliant with these principles, it means that you certainly need to work on your data protection practice.

Six SDPA key principles are:

  1. Lawfulness, fairness, and transparency;
  2. Purpose limitation;
  3. Data minimization;
  4. Accuracy;
  5. Storage limitation;
  6. Integrity and confidentiality.

The business manager faced with a question about whether their company data protection practice is doing a good job, may firstly to go through the six key questions based on the above-mentioned principles.

So, personal data should be:

  • processed in a lawful, fair and transparent manner;
  • collected with the lawful purpose and processed in line with that purpose;
  • limited to what is necessary and with respect to the purpose;
  • accurate and kept up to date;
  • kept for no longer than is necessary for the respective purpose;
  • processed in a manner that ensures the security and integrity of the data.

Principles are not to be used as a quick test. Yet, knowing principles help non-lawyers to understand the logic behind the Serbian data protection regime.

This text is for informational purposes only and should not be considered legal advice. Should you require any additional information, feel free to contact us.

By Milos Velimirovic, Partner, and Katarina Zivkovic, Senior Associate, Samardzic, Oreski & Grbovic

Serbia Knowledge Partner

Who we are

Karanovic & Partners is a regional legal practice in Southeast Europe with tradition spanning two decades and cooperating offices in Serbia, Croatia, Slovenia, Montenegro, Macedonia and Bosnia & Herzegovina. With more than 100 attorneys at law cooperating across the region, we take pride in our work, dedication and understanding of our clients' industries and needs.

What we do

We work with some of the most respected and reputable businesses in the world, banks, as well as governments, state-owned entities, startups and NGOs. We see our clients as long-term partners.

We focus on straightforward solutions and tailor-made advice. Lawyers cooperating with us are fully immersed in our clients’ culture and industry to ensure that the work is delivered intelligently and reliably.

What sets us apart?

In our company culture, excellence is a must. We are reliable, adaptive and fast.

Karanovic & Partners operates under the “one team” principle, combining our regional reach and local know-how to deliver coordinated legal advice necessary for achieving our clients’ goals.

All News about, and Legal Analysis by, Karanovic & Partners can be found here.

Firm's website: https://www.karanovicpartners.com/


Our Latest Issue