Privacy Policy

This Privacy Policy regulates the collection and processing of data within the website of IB Law Firm: https://www.iblawfirm.rs/. By interacting and using any function of the website https://www.iblawfirm.rs/, or the associated sub-site, it will be considered that you have read this Privacy Policy, that you are familiar with all its provisions and that you accept it without any remarks, objections and reserves.

Terms used within this Privacy Policy have the meanings prescribed by the current LPDP, and if necessary, other laws governing specific relations, occurrences, concepts and their meaning. By ticking the checkbox, i.e., by clicking on the “I Accept” button, or a differently marked button with essentially the same function, in the pop-up window that is displayed to new users of the website https://www.iblawfirm.rs/ during the first visit to the website, it will be considered an active, voluntarily done action in order to constitute a valid legal basis for data collection and processing in the manner and for the purposes described in this Privacy Policy. The Data Controller will be able to prove, by electronic record (log), or otherwise, that the data subject has committed the said active, voluntary action by which he has confirmed that he is aware of and agrees with this Privacy Policy.

The mentioned electronic record (log) will be considered legally valid and sufficient proof of the given consent, in the sense of Article 15, paragraph 1 of the LPDP.

This Privacy Policy can be changed at any time, provided that the change will be clearly displayed on the front page of https://www.iblawfirm.rs/. In that case, the data subjects will be required to give new consent for the processing of personal data, in accordance with the changes made to this Privacy Policy.

The rules governing the collection of personal data through Cookies will be presented, within a separate Cookie Policy. Rules related to giving consent to the Privacy Policy within the provided pop-up window, as well as keeping and evidentiary form and power of the electronic record (log), but also the manner of change and

For all additional questions related to the rules and provisions of this Privacy Policy, you can contact us via e-mail: office@iblawfirm.rs and/or by sending an inquiry to the address IB Law Firm, Mileve Marić 5/731 Street, Novi Sad.

The Data Controller may collect different categories of personal data, which are used for different purposes and with different legal bases. Usually, it is a set of data that allows the identification of the person whose data are processed, communication with the person whose data are processed or which are necessary to provide a specific service at the request of that person, or to meet the statutory obligations of the Data Controller, which include name, surname and e-mail address left by the person in order to establish business contact, as well as when making inquiries in the appropriate section.

Data on persons interested in employment in IB Law Firm, which are collected when a person contacts IB Law Firm, available on the front page, i.e., by sending personal data and CV to the email address office@iblawfirm.rs, as follows:

On the website of IB Law Firm there are links to the pages of IB Law Firm on social networks. In addition to this Privacy Policy, the rules prescribed by these platforms (Terms of Service / Terms of Use, Privacy Policy, Cookie Policy) apply to all data collected by these platforms during your visit, as well as to all data that you voluntarily leave on these social networks. IB Law Firm cannot be held responsible for any type of illegal use of personal data, committed by companies that own or control social networks.

The legal basis for the processing of personal data is the free and informed consent of the data subject, i.e., their consent for the purposes specified in this Privacy Policy, in accordance with Article 12, paragraph 1 of the LPDP.

Processing can be performed in order to fulfil the obligations from the contractual relationship, i.e., preparation for the conclusion of the contract. The Data Controller, as a contracting party, offers different types of services to legal entities, entrepreneurs, individuals, etc. In the procedure of concluding and performing obligations from the contractual relationship, the Data Controller processes personal data. Also, in order to exercise his rights, based on the services he provides, as well as to establish a business relationship, the Data Controller collects and processes certain personal data. This especially refers to sending job applications and inquiries via the website https://www.iblawfirm.rs/ and the indicated official e-mail addresses.

In special situations, the collection and processing of personal data may be necessary in order to pursue the legitimate interests of the Data Controller, or a third party, under the conditions and in accordance with Article 15 paragraph 6 of the LPDP. Before collecting and processing personal data of data subjects based on the legitimate interests of the Data Controller, or a third party, if any, in accordance with Article 15 paragraph 6 of the LPDP, the Data Controller will conduct an assessment of legitimate interest based on a tripartite test:

Also, in exceptional situations, processing may be based on the obligation to perform the legal obligations of the Data Controller. The Data Controller falls under the obligations of laws and other regulations that more closely regulate the business activities of law firms and the provision of legal services. When collecting data for the purpose of fulfilling legal obligations, the Data Controller does so exclusively to the extent necessary, and access to the data is provided only to authorized persons and competent state bodies, in accordance with the law.

The Data Controller uses the data for various purposes that are always closely related to the legal basis of the processing. Thus, the main purpose of direct collection and processing of personal data of data subjects is to establish communication with persons interested in establishing business contact and processing applications of interested candidates for employment, at their request. The Data Controller processes personal data for the purpose of fulfilling obligations under the law and other regulations, for the purpose of providing various types of services, for the purpose of fulfilling contractual obligations, for maintaining personal and business contact with its clients, as well as for analysing business results and archiving, in accordance with the law. For all additional processing purposes for which there is a need, the data subject will be informed of all necessary information, before starting such processing operations, and the processing itself will be based on the appropriate legal basis, in accordance with the law.

Depending on the legal basis and the specific purpose, the following categories of persons may have access:

You have the right to:

Certain rights (e.g. the right to delete), in certain situations may be subject to statutory restrictions, and their use may cause various legal consequences, in accordance with the law (e.g. inability to continue to provide certain services, the obligation to compensate for damage, etc.).

Within his business organization, the Data Controller strives to apply the highest possible standards in the field of personal data protection, and applies all necessary organizational, technical and personnel measures, including, but not limited to:

All processors and/or other recipients of personal data are also obliged to apply all prescribed protection measures, in accordance with the signed contract with the Data Controller and the standards and obligations prescribed by law.

The Data Controller strives to keep the data for the period necessary to achieve a specific purpose of processing, after which the data is deleted or made unrecognizable (anonymization measures). The specific retention period, i.e., the criteria by which it is possible to determine it, depends on the purpose for which personal data are processed. Data on candidates for employment are kept until the withdrawal of the given consent of the candidate, and for a maximum of six months from the day of data collection. Data collected for the purpose of establishing business contact, at the initiative of the data subject, are kept until the withdrawal of consent for the processing of this data. The data collected through the Internet browser and cookies are stored within the deadlines provided by the cookies accepted by the person to whom the data relate, and as described in the Cookie Policy of IB Law Firm. Data collected during the implementation of ancillary services are kept as long as necessary to fulfil the contractual obligations, as well as in an adequate period after the termination of the contract in order to carry out accompanying actions and possible obligations prescribed by law.

Regarding all questions related to the processing of personal data, you can get via e-mail: office@iblawfirm.rs and/or by sending an inquiry to the address IB Law Firm, Mileve Marić 5/731 Street, Novi Sad.

We will respond to your inquiry as soon as possible, depending on the complexity of the inquiry itself, but each within 30 days from the date of addressing the data subject, with the possibility of extending the deadline in special situations and with an explanation, in accordance with law.

Personal data collected through the website https://www.iblawfirm.rs/, are not taken out of the Republic of Serbia, except during the possible use of third party cookies, for which IB Law Firm cannot be held responsible. The servers used for data transfer are located within EEA countries where an adequate level of personal data protection is provided. If in exceptional cases the data transfer is performed via a server outside the EEA, such data transfer will be performed with the application of appropriate protection measures, in accordance with the law.

In case of need to transfer personal data to another country, i.e. outside the territory of the Republic of Serbia, the transfer will be made in accordance with all rules prescribed by the applicable LPDP, and in accordance with the situation and need, standard contractual clauses prescribed by the Commissioner for Access to Information of Public Importance and Personal Data Protection will apply.

The provision of data by the data subject is not a legal or contractual obligation, when using the possibilities provided by the website. Failure to provide the requested information as a consequence can only lead to the impossibility of establishing the requested contact, necessary for further communication in this way, i.e., the impossibility of using the services available through the website https://www.iblawfirm.rs/. When processing the data collected through the website, IB Law Firm, as the Data Controller, does not use any automated decision-making, nor profiling of the persons to whom the data relates.

The person whose data were collected retains the rights guaranteed by the applicable LPDP and this policy, with regards that, having in mind the purpose of personal data processing, certain rights may be limited in accordance with the law.