Zajednička advokatska kancelarija Bojanović i partneri is a Serbian legal practice organised and registered before the Belgrade Bar Association [in Serbian: “Advokatska komora Beograda”] in the form of a joint law office with the registered seat [in Serbian: “registrovano sedište kancelarije”] at Vlajkovićeva street no. 12, 11000 Belgrade, Republic of Serbia. The full registered name of the joint law office is “Zajednička advokatska kancelarija Bojanović i partneri” (hereinafter: “Bojanovic & Partners” or “we” or “BoPa”).
Bojanovic & Partners is inscribed before the relevant registry of the Belgrade Bar Association by the respective decision of the Belgrade Bar Association number 4316/2016, in line with the Law on Advocacy, Statute of the Serbian Bar Association [in Serbian: “Statut Advokatske komore Srbije”] (Official Gazette of the RS 85/2011, 78/2012 and 86/2013), Statute of the Belgrade Bar Association [in Serbian: “Statut Advokatske komore Beograda”] (Official Gazette of the City of Belgrade 93/2016) and Code of Professional Ethics of Attorneys [in Serbian: “Kodeks profesionalne etike advokata”] (Official Gazette of the RS 27/2012) (hereinafter: “Applicable Legislation”).
Pursuant to the Applicable Legislation, Vladimir Bojanovic, Attorney at Law [in Serbian: “Advokat”], is a managing partner [in Serbian: “Rukovalac”] of the joint law office (hereinafter: “Managing Partner”), having PIB No: 106347071 and Statistical No: 57304278.
Pursuant to the Applicable Legislation, the joint law office does not have legal subjectivity. Consequently, the legal assistance is provided by the founders of the office and (on a case to case basis) by other Attorneys at Law engaged in line with the Applicable Legislation by the founders of the joint law office, with the assistance of legal trainees [in Serbian: “advokatski pripravnici”].
SCOPE OF THE POLICY
This Data Protection Policy (hereinafter: “Policy”) applies to all BoPa Lawyers and other personnel, including but not limited to Partners, Attorneys at Law, and Associates. This Policy also applies to all sub-contractors engaged by BoPa on an ad-hoc basis. Furthermore, all persons engaged in any way by BoPa, including those conducting tasks, shall observe this Policy (hereinafter: “BoPa Personnel”).
DATA PROTECTION COMPLIANCE
Pursuant to the Data Protection Law, personal data is defined as any information relating to a natural person, regardless of the form of its presentation or a medium used (paper, tape, film, electronic media etc.), regardless on whose order, on whose behalf or for whose account such information is stored, regardless of the date of its creation or the place of its storage, regardless of the way in which such information is learned (directly, by listening, watching etc., or indirectly, by accessing a document containing the information etc.) and regardless of any other characteristic of such personal data. In general, personal data can be processed only with consent of a person to which such data relates. Consent can be given in writing or verbally for the record. Data processing without consent of a person to which such data relates can be undertaken only in cases prescribed by the law.
Data Protection Law also defines particularly sensitive personal data as data relating to ethnicity, race, gender, language, religion, political party affiliation, trade union membership, health status, receipt of social support, victims of violence, criminal record and sexual life. Such personal data shall be processed on the basis of consent of data subjects, save where the law does not allow the processing of such data even with the subject’s consent. However, data relating to political party affiliation, health status and receipt of social support may be processed without consent of data subjects, insofar as this is allowed by the law. Consent to processing of particularly sensitive data can be given only in writing.
All personal data in possession of BoPa are processed in accordance with the Data Protection Law and its by-laws.
BoPa duly and timely fulfils all obligations prescribed by the Data Protection Law which are applicable or might be applicable to BoPa. In particular, BoPa maintains appropriate evidences on personal data pursuant to the Data Protection Law and efficiently notifies the Commissioner for Information of Public Importance and Personal Data Protection (hereinafter: “Commissioner”) on an intent to form a data file.
In addition, BoPa observes legal requirements for transfer of personal data abroad. Pursuant to Data Protection Law, personal data can be transferred from Serbia to a state party to the Council of Europe Convention for the Protection of Individuals regarding Automatic Processing of Personal Data (hereinafter: “Convention”) without prior approval by the Commissioner. Personal data may be transferred from Serbia to a state that is not a party to the Convention or an international organization, if such state or international organization has a regulation or a data transfer agreement in force which provides a level of data protection equivalent to the regime prescribed by the Convention. In these cases of cross-border data transfer, Commissioner shall determine whether the requirements are met and safeguards put in place for the transfer of data from Serbia and consequently authorize or deny such transfer.
BoPa fully complies with the professional secrecy requirements prescribed by the Applicable Legislation. Pursuant to the mentioned regulations, all information, which an attorney at law obtains by a client or in another way, in regards to provision of legal assistance, is considered to be a professional secret of an attorney at law and should be kept confidential. The same is applicable to data, documents (file materials, objects, documents, electronic, audio or video recordings) or deposits which concern provision of legal assistance and which are made available to an attorney at law, regardless of whether those documents and deposits are located in a law office or elsewhere. Furthermore, confidential data which an attorney at law discovered from a person to whom they did not accept to provide legal assistance is within the scope of professional secret as well. In addition, confidential data that an attorney at law discovered from an opposite party, who addressed them prior to initiation of proceedings before a competent authority, for the purpose of settlement or mediation, is considered to be a professional secret.
BoPa applies appropriate protection measures and procedures in order to adequately protect confidential data and remove any risk of disclosure. BoPa has the necessary technical capacities to face these requirements.
An attorney at law shall be authorised to disclose a professional secret in the following cases:
• On the basis of unambiguous client’s authorisation or authorisation of a person to whom an attorney did not accept to provide legal assistance;
• When such disclosure is necessary for prevention of the perpetration of a criminal offence which poses a serious threat to society;
• When such disclosure is necessary for the defence of an attorney at law (themselves) in a proceeding that is conducted against them and initiated by a client, a person who provided data or documents on behalf of a client or a person to whom he did not accept to provide legal assistance;
• When such disclosure is necessary for protection of the interests of an attorney himself or his close relatives and associates and if such interests are reasonably more significant than the subject matter of a professional secret.
Obligation of an attorney to keep a professional secret has no time limitation.
In case of breach of any of the above provisions by any of BoPa Lawyers or personnel, the Managing Partner of BoPa will apply appropriate measures in order to ensure general and special prevention of such misconduct among the BoPa Personnel.
BoPa pledges to take all necessary steps to ensure that its personnel are well acquainted with notions of data protection and professional secret and their duties set forth in this Policy.
This Policy is applicable as of 1st October 2016.