Data Protection in Slovenia: Difference between revisions

From GDPRhub
 
(3 intermediate revisions by one other user not shown)
Line 1: Line 1:
{| class="wikitable" style="width: 25%; margin-left: 10px; float:right;"
{| class="wikitable" style="width: 25%; margin-left: 10px; float:right;"
!colspan="2"|Data Protection in Slovenia [[Category:Country Overview]]
! colspan="2" |Data Protection in Slovenia
[[Category:Country Overview]]
|-
|-
|colspan="2"|[[File:si.png|center|250px]]
| colspan="2" |[[File:si.png|center|250px]]
|-
|-
| Data Protection Authority: || [[IP (Slovenia)]]
|Data Protection Authority:||[[IP (Slovenia)]]
|-
|-
| National Implementation Law (Original): || [http://pisrs.si/Pis.web/pregledPredpisa?id=ZAKO3906 Zakon o varstvu osebnih podatkov (ZVOP)]
|National Implementation Law (Original):||[http://pisrs.si/Pis.web/pregledPredpisa?id=ZAKO3906 Zakon o varstvu osebnih podatkov (ZVOP)]
|-
|-
| English Translation of National Implementation Law: || [https://www.ip-rs.si/en/legislation/personal-data-protection-act/ English Translation]
|English Translation of National Implementation Law:||[https://www.ip-rs.si/en/legislation/personal-data-protection-act/ English Translation]
|-
|-
| Official Language(s): || Slovenian
|Official Language(s):||Slovenian
|-
|-
| National Legislation Database(s): || [http://www.pisrs.si/Pis.web/ Link]
|National Legislation Database(s):||[http://www.pisrs.si/Pis.web/ Link]
|-
|-
| English Legislation Database(s): || n/a
|English Legislation Database(s):||n/a
|-
|-
| National Decision Database(s): || [http://www.sodisce.si/ Link]
|National Decision Database(s):||[http://www.sodisce.si/ Link]
|}
|}


Line 24: Line 25:


===National constitutional protections===
===National constitutional protections===
''You can help us fill this section!''
The [https://www.us-rs.si/legal-basis/constitution/?lang=en Slovenian Constitution] of 1991 guarantees the protection of personal data at the constitutional level and within the framework of guaranteed human rights. This right is explicitly enshrined in Article 38.


===National GDPR implementation law===
===National GDPR implementation law===
In Slovenia the GDPR is not implemented by the national law. Slovenia remains the only EU country without the implementing act. While the law has not been implemented, the 2004 "Zakon o varstvu osebnih podatkov (ZVOP-1)" remains in force. Due to the lack of legislation, the Information Commissioner is completely '''without the power''' to impose fines and therefore has not been able to impose a single administrative fine since the adoption of the GDPR.
In Slovenia the GDPR is not implemented by the national law. Slovenia remains the only EU country without the implementing act. While the law has not been implemented, the 2004 "Zakon o varstvu osebnih podatkov (ZVOP-1)" remains in force. Due to the lack of legislation, the Information Commissioner is completely '''without the power''' to impose fines and therefore has not been able to impose a single administrative fine since the adoption of the GDPR.


==== Age of consent ====
'''UPDATE'''
 
On April 30, the Ministry of Justice presented new version of the Slovenian Personal Data Protection Law (ZVOP-2). Current status: interdepartmental coordination.
 
====Age of consent====
Not defined, but theoretically: 15 years.
Not defined, but theoretically: 15 years.


==== Freedom of Speech ====
====Freedom of Speech====
''You can help us fill this section!''
''You can help us fill this section!''


==== Employment context ====
====Employment context====
Data protection matters in the work context are regulated in Art. 46 “Zakon o dlovnih razmerjih (Employment Relationships Act, ZDR-1) and in “Zakon o evidencah na področju dela in socialne varnosti (Labour and Social Security Registers Act, ZEPDSV). The employee's consent to the processing of her/his personal data is strictly judged, with the employee being considered the weaker party to the contract, and the employer (controller) must therefore essentially prove that the employee's personal consent was in fact free.
Data protection matters in the work context are regulated in Art. 46 “Zakon o dlovnih razmerjih (Employment Relationships Act, ZDR-1) and in “Zakon o evidencah na področju dela in socialne varnosti (Labour and Social Security Registers Act, ZEPDSV). The employee's consent to the processing of her/his personal data is strictly judged, with the employee being considered the weaker party to the contract, and the employer (controller) must therefore essentially prove that the employee's personal consent was in fact free.


==== Research ====
====Research====
''You can help us fill this section!''
''You can help us fill this section!''


Line 45: Line 50:


===National ePrivacy Law===
===National ePrivacy Law===
''You can help us fill this section!''
Slovenia has implemented the ePrivacy Directive in the Electronic Communications Act (“Zakon o elektronskih komunikacijah, ZEKom-1).
 
Cookies are regulated in Art. 157 ZEKom-1. It should be noted, cookies are not one of the priorities of the Slovenian Information Commissioner. Therefore, the majority of Slovenian websites are not compliant with i.e. the ''Planet 49'' decision.
 
Spam is regulated in Art. 158 ZEKom-1.


==Data Protection Authority==
==Data Protection Authority==
Line 57: Line 66:


===Administrative Courts===
===Administrative Courts===
''You can help us fill this section!''
The decision of the Information Commissioner is final, but it can be challenged in the Administrative Court. The administrative dispute process is extremely slow and involves unnecessary bureaucratic steps that severely limit individual rights. Proceedings before an administrative tribunal can take up to 2 years.


===Constitutional Court===
===Constitutional Court===
''You can help us fill this section!''
''You can help us fill this section!''

Latest revision as of 09:57, 17 May 2021

Data Protection in Slovenia
Si.png
Data Protection Authority: IP (Slovenia)
National Implementation Law (Original): Zakon o varstvu osebnih podatkov (ZVOP)
English Translation of National Implementation Law: English Translation
Official Language(s): Slovenian
National Legislation Database(s): Link
English Legislation Database(s): n/a
National Decision Database(s): Link

Legislation

History

You can help us fill this section!

National constitutional protections

The Slovenian Constitution of 1991 guarantees the protection of personal data at the constitutional level and within the framework of guaranteed human rights. This right is explicitly enshrined in Article 38.

National GDPR implementation law

In Slovenia the GDPR is not implemented by the national law. Slovenia remains the only EU country without the implementing act. While the law has not been implemented, the 2004 "Zakon o varstvu osebnih podatkov (ZVOP-1)" remains in force. Due to the lack of legislation, the Information Commissioner is completely without the power to impose fines and therefore has not been able to impose a single administrative fine since the adoption of the GDPR.

UPDATE

On April 30, the Ministry of Justice presented new version of the Slovenian Personal Data Protection Law (ZVOP-2). Current status: interdepartmental coordination.

Age of consent

Not defined, but theoretically: 15 years.

Freedom of Speech

You can help us fill this section!

Employment context

Data protection matters in the work context are regulated in Art. 46 “Zakon o dlovnih razmerjih (Employment Relationships Act, ZDR-1) and in “Zakon o evidencah na področju dela in socialne varnosti (Labour and Social Security Registers Act, ZEPDSV). The employee's consent to the processing of her/his personal data is strictly judged, with the employee being considered the weaker party to the contract, and the employer (controller) must therefore essentially prove that the employee's personal consent was in fact free.

Research

You can help us fill this section!

Other relevant national provisions and laws

You can help us fill this section!

National ePrivacy Law

Slovenia has implemented the ePrivacy Directive in the Electronic Communications Act (“Zakon o elektronskih komunikacijah, ZEKom-1).

Cookies are regulated in Art. 157 ZEKom-1. It should be noted, cookies are not one of the priorities of the Slovenian Information Commissioner. Therefore, the majority of Slovenian websites are not compliant with i.e. the Planet 49 decision.

Spam is regulated in Art. 158 ZEKom-1.

Data Protection Authority

The Information Commissioner of the Republic of Slovenia (Informacijski pooblaščenec) is the national data protection authority for Slovenia.

→ Details see IP (Slovenia)

Judicial protection

Civil Courts

You can help us fill this section!

Administrative Courts

The decision of the Information Commissioner is final, but it can be challenged in the Administrative Court. The administrative dispute process is extremely slow and involves unnecessary bureaucratic steps that severely limit individual rights. Proceedings before an administrative tribunal can take up to 2 years.

Constitutional Court

You can help us fill this section!