Data Protection, Privacy and Cybersecurity

All practice areas

Expertise

Brochure

“The team provides clients with precise, direct and clear legal advice and directions.”

“This is a premium law firm for truly premium clients.”

“Availability and a client approach that is unrivalled.”

In a fast-changing digital space, ensuring efficient data protection, privacy, and cybersecurity has become paramount for any company engaged with confidential information. The businesses associated with this area need a broad legal strategy that will cover all stringent regulatory requirements to reduce the risks of data breach and cyber risks.

Our global practice offers leading-edge advice in navigating complex legal frameworks for the adoption of appropriate protective measures for personal data.

LPPD and GDPR Compliance

We assist companies in achieving and maintaining compliance with the Serbian Law on the Protection of Personal Data (LPPD) and with the General Data Protection Regulation (GDPR) in SEE region, including data mapping, privacy impact assessments, and policy development.

Data Breach Response and Management

We provide legal support in responding to data breaches, including notification obligations, crisis management, and mitigation of regulatory and reputational risks.

Cybersecurity Risk Management

Our team advises on the development and implementation of cybersecurity policies and practices, helping companies to protect against cyber threats and ensure business continuity.

Cross-Border Data Transfers

We guide companies in managing cross-border data transfers, ensuring compliance with SEE data protection laws and regulations.

Privacy Impact Assessments (PIA)

We conduct Privacy Impact Assessments to identify and mitigate privacy risks associated with new projects, technologies, or business processes.

Data Subject Rights Management

We assist in managing and responding to data subject requests, including access, rectification, and erasure of personal data, in compliance with applicable laws.

Regulatory Investigations and Enforcement

We represent clients in investigations and enforcement actions by data protection authorities, ensuring compliance and defending against potential penalties.

Employee Privacy and Monitoring

We advise on legal issues related to employee privacy, including monitoring practices, data collection, and compliance with labor laws.

Third-Party Vendor Risk Management

We help companies manage risks associated with third-party vendors by conducting due diligence, drafting data protection agreements, and monitoring compliance.

Cybersecurity Incident Response Planning

We assist in developing and testing cybersecurity incident response plans, ensuring preparedness for potential cyber incidents and regulatory scrutiny.

Experts

Nikola Gvoić

Ivan Štrbac

Work highlights

Highlights

Privacy Impact Assessment for New Technology Deployment

We conducted a Privacy Impact Assessment (PIA) for a healthcare company implementing a new patient data management system. Our assessment identified potential privacy risks, and we provided recommendations to align the technology with GDPR and Serbia’s Data Protection Law.

Highlights

Successful Management of a Major Data Breach Incident

We guided a multinational corporation through a significant data breach incident, providing legal support for immediate response, regulatory notifications, and crisis management. Our strategic advice minimized legal exposure and protected the company’s reputation.

Highlights

Serbia’s Data Protection Law Compliance Program Implementation for a Global Tech Company

Our team led the implementation of a comprehensive Serbia’s Data Protection Law compliance program for a global technology company. We conducted data mapping, developed privacy policies, and trained staff to ensure full compliance with Serbian data protection regulations.