The Serbian Commissioner for Information of Public Importance and Personal Data Protection has issued the country's own standard contractual clauses, BDK Advokati reports. The Serbian SCCs are modeled after the data-processing agreement found under Article 28 of the EU General Data Protection Regulation. "Serbian SCCs are not designed as a cross-border transfer instrument first and foremost," the report states. "Rather, the clauses apply to a controller-processor relationship irrespective of where the controller and the processor operate." The commissioner was not able to authorize controller-to-controller SCCs as it does not have the ability to do so under the Serbian DP Act. The SCCs are set to go into effect Jan. 30.
If you want to comment on this post, you need to login.