Serbia Law on Personal Data Protection (2018)
Serbia's Law on Personal Data Protection (Official Gazette No. 87/2018), effective August 2019, is closely aligned with the EU GDPR as part of Serbia's EU accession process. The Commissioner for Information of Public Importance and Personal Data Protection oversees enforcement. The law covers processing principles, lawful bases (including consent and legitimate interest), data subject rights (access, rectification, erasure, portability), DPO requirements, breach notification, and cross-border transfers. Applies to all personal data processing in Serbia.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (5)
Breach
| Code | Title |
|---|---|
| SERBIA-5 | Breach + Enforcement |
Governance
| Code | Title |
|---|---|
| SERBIA-4 | DPO + Governance |
Rights
| Code | Title |
|---|---|
| SERBIA-2 | Consent, Notice, Rights |
Scope
| Code | Title |
|---|---|
| SERBIA-1 | Scope, Lawful Basis (Serbia) |
Security
| Code | Title |
|---|---|
| SERBIA-3 | Security and Cross-Border |
Frequently Asked Questions
What is Serbia Law on Personal Data Protection (2018)?
Serbia Law on Personal Data Protection (2018) is a compliance framework from Serbia with 5 domains and 5 controls. Serbia's Law on Personal Data Protection (Official Gazette No. 87/2018), effective August 2019, is closely aligned with the EU GDPR as part of Serbia's EU accession process. The Commissioner for Information of Public Importance and Personal Data Protection oversees enforcement. The law covers processing principles, lawful bases (including consent and legitimate interest), data subject rights (access, rectification, erasure, portability), DPO requirements, breach notification, and cross-border transfers. Applies to all personal data processing in Serbia. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Serbia Law on Personal Data Protection (2018) have?
Serbia Law on Personal Data Protection (2018) has 5 controls organised across 5 domains. The largest domains are Breach (1 controls), Governance (1 controls), Rights (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Serbia Law on Personal Data Protection (2018) map to?
Serbia Law on Personal Data Protection (2018) does not currently have cross-framework mappings in our system. Check back as we continuously expand our mapping database.
How do I get started with Serbia Law on Personal Data Protection (2018) compliance?
Start your Serbia Law on Personal Data Protection (2018) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Serbia Law on Personal Data Protection (2018) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 5 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 718 frameworks.
Get Started Free →Free forever — no credit card required