Support Centre



Law: Law on the Implementation of the General Data Protection Regulation 2018 ('the Law') and the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR')

Regulator: Personal Data Protection Agency ('AZOP')

Summary: The Law implements the GDPR, but also sets out additional rules on the processing of personal data in specific circumstances, such as in regard to children's consent, the processing of genetic data in relation to life insurance, and the processing of biometric data in the private sector. In addition, the Law contains extensive provisions on the processing of personal data by means of video surveillance, as well as specific requirements for the processing of personal data for statistical purposes. AZOP has published numerous opinions, recommendations, and clarifications on specific data processing issues.


The new Electronic Communications Act (Official Gazette No. 76/22) ('the Act') entered into force on 1 July 2022, transposing Directive (EU) 2018/1972 of the European Parliament and of the Council of 11 December 2018 establishing the European Electronic Communications Code1. Ema Mendjusic Skugor and Marta Hren, from Divjak, Topic & Bahtijarevic, provide an overview of the changes and provisions and answer frequently asked questions ('FAQs').

The Act on Whistleblowers' Protection (Official Gazette No. 46/2022) ('the WP Act') entered into force in Croatia on 23 April 2022. The WP Act replaced the previous legal framework governing the protection of whistleblowers in Croatia, in force since 2019.

In this Insight article, Andrej Žmikić, Lawyer at DTB, covers the relevant rights and obligations that arise from the WP Act for a whistleblower, organisation, person of confidence, and all other persons involved in the procedure of the whistleblower's report on irregularity, and provides information on how to comply with these obligations in practice.