Milica Basta Speaks at AmCham’s Data Protection Briefing Session

Milica Basta Speaks at AmCham’s Data Protection Briefing Session

AmCham Serbia hosted on 5 July 2019 a session on the main aspects of the new Serbian Data Protection Act. The topic attracted a significant number of attendees, mainly general counsels and IT specialists from the local companies – members of AmCham Serbia. Milica Basta, senior associate at BDK Advokati, was one of the speakers.

Milica started by elaborating on the legitimate interests as a newly introduced legal basis for data processing. She continued by describing the conditions data controllers need to meet in order to lawfully export data out of Serbia, given that many companies in Serbia export data of their customers and employees as part of their business operations. In this regard, Milica emphasized that the prerequisites for exporting data without requiring any specific authorisation from the Serbian supervisory authority are still missing. The Government has not enacted a decision on the list of countries where data may be exported without the authorisation and the supervisory authority has not enacted any standard contractual clauses for the transfer of data abroad.

Milica explained what rights, according to the new Data Protection Act, individuals have towards data controllers. She addressed the conditions under which a person may request from a data controller to erase or rectify personal data, or to transfer the data to another data controller.

Milica also presented the rules under the new law governing the relationship between the data controller and data processor. The two sides need to conclude a contract that regulates their relationship and among other things defines the conditions under which the data controller may audit the data processor.

Other speakers at the briefing session were Milan Nikolic, Security Director at Telenor Srbija, Marko Marjanovic, Digital Architect at Microsoft, and Milos Stojkovic, senior associate at Zivkovic Samardzic who acted as a moderator.

AmCham Serbia hosted on 5 July 2019 a session on the main aspects of the new Serbian Data Protection Act. The topic attracted a significant number of attendees, mainly general counsels and IT specialists from the local companies – members of AmCham Serbia. Milica Basta, senior associate at BDK Advokati, was one of the speakers.

Milica started by elaborating on the legitimate interests as a newly introduced legal basis for data processing. She continued by describing the conditions data controllers need to meet in order to lawfully export data out of Serbia, given that many companies in Serbia export data of their customers and employees as part of their business operations. In this regard, Milica emphasized that the prerequisites for exporting data without requiring any specific authorisation from the Serbian supervisory authority are still missing. The Government has not enacted a decision on the list of countries where data may be exported without the authorisation and the supervisory authority has not enacted any standard contractual clauses for the transfer of data abroad.

Milica explained what rights, according to the new Data Protection Act, individuals have towards data controllers. She addressed the conditions under which a person may request from a data controller to erase or rectify personal data, or to transfer the data to another data controller.

Milica also presented the rules under the new law governing the relationship between the data controller and data processor. The two sides need to conclude a contract that regulates their relationship and among other things defines the conditions under which the data controller may audit the data processor.

Other speakers at the briefing session were Milan Nikolic, Security Director at Telenor Srbija, Marko Marjanovic, Digital Architect at Microsoft, and Milos Stojkovic, senior associate at Zivkovic Samardzic who acted as a moderator.