Consultation on personal data protection “5 years of GDPR application: issues, solutions, fines and examples of good practice”, 5th May 2023
The Croatian Personal Data Protection Agency and the Croatian Chamber of Commerce are organizing a consultation named “5 years of GDPR application: issues, solutions, fines and examples of good practice” on 5th of May 2023, starting at 10 a.m., in Zagreb, Roosevelt`s Square 2 (at the address of Croatian Chamber of Commerce).
This event is organized by Croatian Chamber of Commerce and the Agency on the occasion of the 5th anniversary of the General Data Protection Regulation (GDPR), as a legal regulation that is directly applicable across the hole European Union starting from 25th of May 2018, which represents a turning point in the field of personal data protection that significantly raised the awareness of the importance of personal data protection among business entities and individuals.
The main goal of the General Data Protection Regulation is to protect the personal data of natural persons, give citizens control over their personal data and create a high and uniform level of personal data protection in the European Union.
The General Data Protection Regulation prescribes the rights of individuals and the obligations of entities when processing personal data. All business entities that collect, store and in any way process personal data of Croatian citizens and citizens from the European Economic Area must apply General Data Protection Regulation.
Also, what Agency wishes to point out, particularly on the 5th anniversary of the GDPR is that all organizations that process personal data must be aware of the rights of individuals due to the processing of their personal data and enable them to exercise their rights.
The Agency has carried out numerous supervisory and educational activities and concluded that the level of compliance with the legislative framework related to the data protection in the Republic of Croatia is not at a satisfactory level. The Agency continuously provides support primarily to data protection officers and micro, small and medium-sized entrepreneurs through the EU projects ARC and ARC2.
Now it’s the last chance for companies, public authorities, and all data controllers/processors to realize that the deadline for adaptation has long passed and that after 5 years from beginning of the full application of the GDPR, lack of information and ignorance cannot be a justification and an excuse for the violation of fundamental rights of Croatian and European citizens.
Furthermore, on this occasion, the Agency would like to point out the key role of data protection officers in the field of personal data protection, who are often the weakest link.
In addition to adequate knowledge in the field of personal data protection, DPOs must have an adequate knowledge regarding the business processes of the organization in which they work, continuously educate themselves and at the same time educate employees in the organization in which they act as employees.
The aim of organising this consultation is to provide data controllers, processors, and data protection officers the opportunity to find out more about latest trends and examples of good practice in the field of personal data protection, also to share with experts from AZOP problems they face during the application of the GDPR and hopefully together finds solutions that will improve the compliance in their organizations to a higher level.
The Agency points out that investment in personal data protection and information security is not considered only as necessary and desirable for a long time but has become an investment that is indispensable and crucial for successful business.
GDPR is here to stay, and data protection will play an increasingly important role in the context of big data and artificial intelligence, as we all could witness the example of the ban of Chat GPT whose use was banned by the Italian supervisory authority due to violation of GDPR provisions.
The number of the participants at this event is limited, so we invite all interested representatives of data controllers/processors to apply for participation as soon as possible via the registration form, and no later than 2nd of May 2023 till 12 a.m. Participation is free of charge, and registration is required. Applications shell be sent to the Croatian Chamber of Commerce via link: https://www.hgk.hr/savjetovanje-o-zastiti-osobnih-podatka-5-godina-primjene-gdpr-a-problemi-rjesenja-kazne-i-primjeri-i-dobre-prakse
If you have questions that you would like to ask the lecturers or suggest topics for discussion, please submit them via the registration form.
10:00 – 10:10 Introductory speeches
Ph.D. Petar Mišević, adviser to the president of HGK and vice-dean of the University of the North
Zdravko Vukić, Director of the Personal Data Protection Agency and member of the European Data Protection Board
10:10 – 11:00 “Harmonizing business processes with GDPR: where do organizations make the most mistakes?”
Marko Trošelj, mag.iur., senior advisor specialist, Agency for the Protection of Personal Data
11:00 – 12:00 “Penalties for violators of the GDPR and the Act on the Implementation of the General Data Protection Regulation: the practice of AZOP and the EU supervisory authorities for data protection”
Iva Katić, mag.iur., President of the Commission for Imposing Administrative Fines, Agency for the Protection of Personal Data
12:00 – 12:15 BREAK
12:15 – 13:15 “Supervisory and investigative activities of the AZOP: what you need to know and how to prepare?”
Mario Milner, Head of the Sector for Supervision, Investigations and Protection of Data Subjects’ Rights, Agency for the Protection of Personal Data
13:15 – 14:15 “Advisory activities of AZOP: ARC 2 project and coordinated action of the European Data Protection Board for data protection officers
Anamarija Mladinić, head of the Service for legal advice, cooperation and projects and member of the Office of the Convention 108 Committee of the Council of Europe
14:15 – 14:30 BREAK
14:30 – 15:30 “Technical and organizational measures for data protection: examples of good practice”
Marko Šijan, dipl.ing, Senior Consultant Specialist, Personal Data Protection Agency and member of the EDPB Subgroup for Technology