Data Protection in Slovenia
| Data Protection in Slovenia | |
|---|---|
 | |
| Data Protection Authority: | IP (Slovenia) |
| National Implementation Law (Original): | Zakon o varstvu osebnih podatkov (ZVOP) |
| English Translation of National Implementation Law: | English Translation |
| Official Language(s): | Slovenian |
| National Legislation Database(s): | Link |
| English Legislation Database(s): | n/a |
| National Decision Database(s): | Link |
Legislation[edit | edit source]
History[edit | edit source]
You can help us fill this section!
National constitutional protections[edit | edit source]
The Slovenian Constitution of 1991 guarantees the protection of personal data at the constitutional level and within the framework of guaranteed human rights. This right is explicitly enshrined in Article 38.
National GDPR implementation law[edit | edit source]
In Slovenia the GDPR is not implemented by the national law. Slovenia remains the only EU country without the implementing act. While the law has not been implemented, the 2004 "Zakon o varstvu osebnih podatkov (ZVOP-1)" remains in force. Due to the lack of legislation, the Information Commissioner is completely without the power to impose fines and therefore has not been able to impose a single administrative fine since the adoption of the GDPR.
UPDATE
On April 30, the Ministry of Justice presented new version of the Slovenian Personal Data Protection Law (ZVOP-2). Current status: interdepartmental coordination.
Age of consent[edit | edit source]
Not defined, but theoretically: 15 years.
Freedom of Speech[edit | edit source]
You can help us fill this section!
Employment context[edit | edit source]
Data protection matters in the work context are regulated in Art. 46 “Zakon o dlovnih razmerjih (Employment Relationships Act, ZDR-1) and in “Zakon o evidencah na področju dela in socialne varnosti (Labour and Social Security Registers Act, ZEPDSV). The employee's consent to the processing of her/his personal data is strictly judged, with the employee being considered the weaker party to the contract, and the employer (controller) must therefore essentially prove that the employee's personal consent was in fact free.
Research[edit | edit source]
You can help us fill this section!
Other relevant national provisions and laws[edit | edit source]
You can help us fill this section!
National ePrivacy Law[edit | edit source]
Slovenia has implemented the ePrivacy Directive in the Electronic Communications Act (“Zakon o elektronskih komunikacijah, ZEKom-1).
Cookies are regulated in Art. 157 ZEKom-1. It should be noted, cookies are not one of the priorities of the Slovenian Information Commissioner. Therefore, the majority of Slovenian websites are not compliant with i.e. the Planet 49 decision.
Spam is regulated in Art. 158 ZEKom-1.
Data Protection Authority[edit | edit source]
The Information Commissioner of the Republic of Slovenia (Informacijski pooblaščenec) is the national data protection authority for Slovenia.
→ Details see IP (Slovenia)
Judicial protection[edit | edit source]
Civil Courts[edit | edit source]
You can help us fill this section!
Administrative Courts[edit | edit source]
The decision of the Information Commissioner is final, but it can be challenged in the Administrative Court. The administrative dispute process is extremely slow and involves unnecessary bureaucratic steps that severely limit individual rights. Proceedings before an administrative tribunal can take up to 2 years.
Constitutional Court[edit | edit source]
You can help us fill this section!
