Convention 108 for the Protection of Individuals with regard to Automatic Processing of Personal Data is the first internationally binding instrument, which protects an individual from possible misuses of his/her personal data in the process of data collecting and processing. The Convention also regulates cross-border transfers of personal data.

The Convention 108 has been adopted by the Council of Europe in Strasbourg on January 28th, 1981. The Council of Europe has established the Consultative Committee of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (T-PD). The Republic of Croatia is one of 40 members of the Council of Europe, which have signed and ratified the Convention 108. By being a full member with the right to vote Croatia takes an active part in the plennary meetings of the Consultative Committee (T-PD). In 2024, Anamarija Mladinić, Head of Sector for EU, International Cooperation and Legal Affairs, was elected as a Vice-Chair of the Committe of Convention 108.

The European Data Protection Board (EDPB) is an independent European body, which contributes to the consistent application of data protection rules throughout the European Union, and promotes cooperation between the EU’s data protection authorities.

The EDPB is composed of representatives of the national data protection authorities, and the European Data Protection Supervisor (EDPS).

In 2024, director of the Croatian Personal Data Protection Agency, Zdravko Vukić was elected as a Vice-Chair of the European Data Protection Board. The representatives of the Agency are active participants of the plenary meetings of the European Data Protection Board (EDPB), as well as members of the expert subgroups of the EDPB.

The Spring Conference is a regular and the biggest conference of the European data protection and privacy commissioners, which takes place at least once a year. The commissioners exchange the data and privacy protection experiences of their countries, they adopt resolutions and make recommendations to the bodies of the EU, the Council of Europe and others. The CPDPA has become a full member to the Spring Conference at the conference held in Rome in 2008. In May 2022 Croatian Personal Data protection Agency was a host of the Spring Conference. 

The European Police Office has been established in 1992 in order to prevent and fight against organized crime. Its headquarters are located in The Hague.

The Republic of Croatia has an EUROPOL Liaison Officer (ELO) for the purpose of data exchange via Information System, through which also personal data are being transferred. Since the liaison officer is an employee of the Ministry of Interior of the Republic of Croatia, this Ministry cooperates well with CPDPA in order to ensure an appropriate use of information containing personal data, which are being collected, exchanged and processed outside of Croatia via Europol Information System.

EUROJUST is an EU body established in 2002 with headquarters in The Hague. The main objective is to reinforce the effectiveness of cooperation and coordination between competent bodies of the EU Member States in terms of investigation of serious cross-border organized crime and prosecution procedures as well as in terms of providing more complex forms of international legal aid in criminal matters and for the purpose of accelerating of extradition procedures.

The Republic of Croatia has signed an agreement with EUROJUST on November 9th, 2001 in Brussels. Since the Republic of Croatia and the EUROJUST exchange information containing also personal data, regular exchanges of opinions take place as well as supervision over fulfillment of CPDPA’s obligations arising from the Agreement.

This international conference gathers for already 30 years cca 78 personal data and privacy commissioners from all over the world. Open sessions of the Conference invite amongst others the economic and public sector and NGOs. The closed session is reserved for accredited data protection authorities, which discuss key issues and adopt resolutions referring to personal data and privacy protection. At the Conference held in Strasbourg in 2008 the Republic of Croatia represented by the CPDPA has obtained a full member status.

The EU Member States and candidate countries from the Central and Eastern Europe (Bulgaria, Czech Republic, Estonia, Latvia, Lithuania, Hungary, Former Yugoslav Republic of Macedonia, Poland, Roumania, Slovakia, Slovenia and Croatia) sharing the common history continue their cooperation in the field of personal data and privacy protection.

In the last 10 years they have been organising regular annual meetings under the title “Meeting of the Central and Eastern European Data Protection Authorities” – the host of which is every year another member. The host of the 9th CEEDPA Meeting in 2007 in Zadar has been the Republic of Croatia and the CPDPA has been its organizer.