Full text

Abstract

This paper deals with the current issue of protecting individuals regarding the processing of their personal data and the free movement of such data. As this matter is also regulated by the European Union legislation, the paper describes and analyzes the scope, implications, methods and tools for applying the new EU regulation adopted on 27 April 2016 by the Parliament and the Council of the European Union. The subject matter is the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. The short title of this Regulation is General Data Protection Regulation (GDPR). The term GDPR is thus in common everyday use in companies and among business people, and will also be used in this paper. In addition, the paper analyzes the research conducted on the existing state of affairs and the way in which all collected personal data are processed and used by all stakeholders in the company Atlantic Grupa d.d., Zagreb. In addition, a harmonized project of a structured and methodologically correct procedure for implementation of the provisions of the new Regulation is described for the purpose of achieving the highest degree of compliance of all members of Atlantic Grupa d.d. with the provisions of the GDPR. Finally, the basic objective of the described project is explained, which is to avoid situations that would lead to the extremely high fines for non-compliance with the Regulation.

Keywords: Protection of individuals and their personal data, General Data Protection Regulation (GDPR), Atlantic Grupa d.d.

LIST OF ABBREVIATIONS

RH - Republic of Croatia

EU - European Union

GDPR - General Data Protection Regulation

AZOP - Personal Data Protection Agency

d.d. - Joint stock company