Croatia
Summary
Law: Law on the Implementation of the General Data Protection Regulation 2018 ('the Law') and the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR')
Regulator: Personal Data Protection Agency ('AZOP')
Summary: The Law implements the GDPR, but also sets out additional rules on the processing of personal data in specific circumstances, such as in regard to children's consent, the processing of genetic data in relation to life insurance, and the processing of biometric data in the private sector. In addition, the Law contains extensive provisions on the processing of personal data by means of video surveillance, as well as specific requirements for the processing of personal data for statistical purposes. AZOP has published numerous opinions, recommendations, and clarifications on specific data processing issues.