Back to Newsletters

Serbia: Who is required to designate a Data Protection Representative?

Newsletter 137

Controllers and processors of personal data who do not have their registered office or place of residence in the Republic of Serbia are required, in accordance with the Law on Personal Data Protection, to designate a representative in the Republic of Serbia if their processing operations are related to:

offering of goods or services to the data subjects in the Republic of Serbia;
monitoring of the behaviour of the data subjects, when the activities are carried out in the Republic of Serbia;

An exception to the requirement to designate a representative for these controllers and processors is only provided if:

the processing is occasional, does not involve, on a large scale, processing of special categories of data, or the processing of personal data relating to criminal convictions and offences, and is unlikely to result in a risk to the rights and freedoms of natural persons;
the controller or processor is a public authority or body;

The Data Protection Representative is a natural or legal person with residence or registered office in the Republic of Serbia, who is authorised to represent the controller, i.e., the processor with regard to their respective obligations under the Law.

Controllers and processors are required to publish the identity and contact details of their Data Protection Representative.

The Representative acts on behalf of the controller and processor in the territory of the Republic of Serbia, and data subjects may contact him on all matters relating to the processing of personal data in order to ensure compliance with the Law.

In addition to the above, the Representative is obliged to cooperate with the Commissioner for Information of Public Importance and Personal Data Protection and is obliged to provide him with all the necessary information at his request. Controllers and processors who fail to designate a representative in accordance with the Law are liable to a misdemeanour punishable by a fine ranging from 50,000.00 RSD to 2,000,000.00 RSD.

Our Law office provides services for the designation and performance of the duties of the Data Protection Representative. For more information, please contact us at: jelena.todorovic@tsg.rs or office@tsg.rs

If you are interested in Data Protection, you can also read our Newsletter 132 “Data Protection Officer in Serbia”.

Read the full article in the PDF file »

« Newsletter 138 - SERBIA: Major changes in the property registration procedure Newsletter 136 - SERBIA: Amendments to the Law on Protection of the Right to a Trial within a Reasonable Time »

Jelena Todorović

Attorney at Law

Jelena Todorović

TSG