Category Archives: Croatia

Croatian Personal Data Protection Agency

Transfer of personal data in USA

 The Company XY has contacted Agency with a request about the companies which imports data on the basis of Safe Harbor certificate, and that personal data shall be submitted to these companies as a part of the technical solution Verdasys and hotline for whistleblowers. In previous letters the mentioned company states that the tool Verdays and hot line are not designed or intended to control the content of electronic mail or other electronic communication, but they have a role to control the other parameters such as the size of documents to be sent (via e-mail, pen-drives CD recorder, etc.) and the potential infiltration through cyber attacks or improper use of trade secrets or other business information. Tool Verdasys identifies a person just in case of a warning due to suspicious activity in order to carry out further investigations. In the few cases when further investigation is necessary, an employee who is being investigated is informed of charges against him, and also he/she and the other participants are being informed of their right to protection of personal data.


Croatian Personal Data Protection Agency

Determining the personal data filing system controller in a clinical trial of medications

The Agency has received a request from the law firm XY regarding the clarification of who would be considered personal data filing system controller in case of ordering the clinical trials of medications – whether is it a foreign company which ordered clinical trials of medications or the company which is hired for processing the mentioned tests in the Republic of Croatia.