The EU General Data Protection Regulation, GDPR, which is a binding regulation even for the non-EU member states, prescribes up to a €20 million fine or 4% of the total company’s revenue in case it misuses personal data of the EU citizens. This was mentioned yesterday at the conference “Protection of personal data – obligations of economic entities” held in the Chamber of Commerce.
Mirjana Volkov, chief officer in the Department for cases and objections within the Agency for Personal Data Protection, said this punishment is part of the General Regulation which entered into force on May 25, and refers to numerous Montenegrin companies.
She announced that this EU provision is going to be inserted into the national legislation and reminded of the fact that even now many Montenegrin companies in the finance, banking and telecommunication sector possess personal data of the EU citizens, which means they have been already obliged to apply the EU GDPR. She warned representatives of the many Montenegrin companies to carefully choose models of managing other people’s personal data, for which purpose to use them and which protection measures to apply, writes Pobjeda daily.
Volkov added that the process of inserting provisions of the EU GDPR into the Law on Personal Data Protection is underway and told that the Agency will closely cooperate with the Montenegrin Human Resources Management Authority, HRMA, with the aim of organizing trainings on the application of the General Regulation, and thus called for the companies to choose an employee whose only job will be to perform tasks referring to the personal data protection.
