top of page
Data Cloud

DATA PROTECTION & PRIVACY

DATA PROTECTION & PRIVACY

Business entities as controllers of personal data must fully harmonize their operations with regulations in the field of data protection and privacy. This effort is justified due to local legislation of Bosnia and Herzegovina, as well as EU legislation, primarily the application of the General Data Protection Regulation (GDPR), which envisage rigorous penalties for those who do not conduct business in accordance with the regulations.


Controllers that process large amounts of data or big data, such as banks, insurance companies, market or gas stations chains that offer loyalty programs to their customers, etc., must be aware that each individual business activity is a separate process in which exsists direct or indirect use of personal data. Therefore, it is necessary to analyze all business activities and adopt security policies which inter alia  shall include adequate technical and organizational measures to ensure the protection of personal data and privacy in the course of their business, while also protecting themselves from possible penalties.


On the other hand, individuals as data subjects must be aware of their rights in the field of data protection and not refrain from realizing them.


We have extensive experience in the field of data protection and can provide you with all of the necessary legal support through legal counseling, representation before supervisory bodies or in court proceedings. Our team consists of licensed data protection officers who regularly advise domestic and foreign clients operating in Bosnia and Herzegovina.


Our expertise and services in this field are related, but not limited to:


1. Advising on the application of domestic and international regulations governing the field of personal data protection in Bosnia and Herzegovina:

  • Application of the GDPR in Bosnia and Herzegovina,

  • Application of special laws governing corporate operations and labor relations,

  • Processing of personal data with or without the consent of data subject,

  • Data processing for the purpose of direct marketing,

  • Processing of special categories of personal data,

  • Data processing via video surveillance,

  • Establishing and keeping of records on personal data collections,

  • Automated personal data processing and profiling,

  • Data processing through processors,

  • Export of data from Bosnia and Herzegovina

  • Liabilities & penalties


2. Development of corporate documentation:

  • Data protection policies,

  • Data Protection Impact Assessment Policy (DPIA)

  • Security plans (technical and organizational measures)

  • Consent for data processing

  • Cookie policies

  • Agreements on joint data processing

  • Data processing agreements with processors and subprocessors

  • Representation agreements


3. Representation in the proceedings before:

  • the controller for the purpose of exercising the rights to access information, correct or supplement data, delete data, limit processing, data transfer, the right to object, etc.

  • the Agency for personal data protection in Bosnia nad Herzegovina as a supervisory body for the purpose of registration of records on personal data collections, or filing complaints related to the processing of personal data of individuals, etc.

  • the court (administrative disputes against decisions of the supervisory bodies, damages litigation)

​

For additional information, please do not hesitate to contact us.

Law Office Stijak

info@akstijak.com

Direct line: 00 387 51 26 42 11

Mobile: 00 387 65 42 42 42

Novice Cerovića 34, 78 000 Banjaluka,
Bosnia and Herzegovina

©2021 by Law Office Stijak

bottom of page