SERBIA Law and Practice Contributed by: Vladimir Djeric, Katarina Radovic and Lena Petrovic, Mikijelj, Janković & Bogdanović
3.3 Rights and Obligations Under Applicable Data Regulation See 3.1 Objectives and Scope of Data Regula- tion . 3.4 Regulators and Enforcement See 3.1 Objectives and Scope of Data Regula- tion .
database, which aims to increase transparency within the judiciary. Monetary compensation was requested in the lawsuit. Similarly, Nenad Milanović, chief of staff to the mayor of Belgrade, filed a lawsuit against the Balkan Investigative Reporting Network (BIRN) Serbia, alleging defa - mation. 2.3 Collective Redress Mechanisms Serbian legislation does not support collective redress mechanisms in relation to privacy and data protection. Serbian Consumer Protection Law is a single piece of legislation which pro - vides a collective redress mechanism but only for consumer-related matters. Registered con - sumer associations and the Ministry of Trade may initiate proceedings for the protection of the consumer’s collective interest. However, this possibility is not available for privacy litigations. Since Serbia is in the process of accession to the EU, it should take into account the EU’s Repre - sentative Actions Directive (EU) 2020/1828 and introduce collective redress mechanisms into other areas of law apart from the consumer pro - tection law; there is no indication that such leg - islation will be adopted in the near future. 3. Data Regulation on IoT Providers, Data Holders and Data Processing Services 3.1 Objectives and Scope of Data Regulation IoT is not regulated by Serbian law. 3.2 Interaction of Data Regulation and Data Protection IoT is not regulated by Serbian law. The process - ing of personal data is subject to the general rules of the PDPA.
4. Sectoral Issues 4.1 Use of Cookies
Serbian legislation does not have special rules governing the application of cookies, beacons, the use of tracking technologies or behavioural advertising so the general rules of the PDPA also apply to these topics. 4.2 Personalised Advertising and Other Online Marketing Practices The PDPA does not contain special provisions regarding online marketing. However, it does regulate processing for direct marketing purpos - es and entitles the data subject to object at any time to the processing of personal data concern - ing them for such marketing, which also includes profiling (Article 37 of the PDPA). Regarding oth - er aspects of online marketing, general rules on data processing apply. The Advertising Act (AA) also contains a pro - vision that allows direct advertising only upon obtaining prior consent from the person to whom the advertising is sent (Articles 62 and 63 of the AA). Behavioural advertising and targeted adver - tising are not regulated explicitly by Serbian law. 4.3 Employment Privacy Law Under the PDPA, the processing of employees’ personal data is carried out in accordance with the provisions of employment law and collec -
377 CHAMBERS.COM
Powered by FlippingBook