Slovenia's data protection in comparison to the GDPR
Slovenia has modernized its data protection landscape with the introduction of the Personal Data Protection Act 2022 (ZVOP-2), effective from January 16, 2023. This act aligns Slovenia with the GDPR and replaces the previous Personal Data Protection Act of 2004. The Information Commissioner is designated as the supervisory authority for data protection in the country.
GDPR opening clauses
The ZVOP-2 serves as the primary legislative tool for implementing the GDPR in Slovenia. It complements the GDPR in areas where Member States have the discretion to legislate. The act also covers the processing of personal data in both the public and private sectors.
Key differences and national specifics
Compliance steps for Swiss businesses
- Constitutional backing: Slovenia's Constitution, under Article 38, guarantees the right to data privacy, equating it with other fundamental rights like freedom of expression.
- Additional rights: The ZVOP-2 goes beyond the GDPR by governing the processing of personal data of deceased individuals.
- Criminal Offences Act: This act focuses on data related to criminal offences and designates the Information Commissioner as the supervisory authority for such data.
- Sector-specific laws: Slovenia has various other laws that govern data collection and processing in specific sectors, such as healthcare and telecommunications.
The Information Commissioner actively issues various guidelines and handbooks to assist in the practical application of data protection laws. These guidelines cover a range of topics, from video surveillance to data protection in employment relationships.
Slovenia has taken comprehensive steps to align its national laws with the GDPR, while also addressing specific national concerns. The active role of the Information Commissioner in issuing guidelines demonstrates Slovenia's commitment to ensuring robust data protection.