COMMISSIONER
FOR INFORMATION OF PUBLIC IMPORTANCE
AND PERSONAL DATA PROTECTION

logo novi


COMMISSIONER
FOR INFORMATION OF PUBLIC IMPORTANCE
AND PERSONAL DATA PROTECTION



logo novi

COMMISSIONER
FOR INFORMATION OF PUBLIC IMPORTANCE AND PERSONAL DATA PROTECTION

Can shareholders' personal data be publicly posted online without their consent?

No. When the data controller (in this case the joint-stock company) obtains the Single Record of Shareholders from the Central Registry for the purpose of convening a Shareholders' Assembly, it may use such Record solely for that purpose. Any public disclosure of shareholders' identifying information online constitutes inadmissible processing of personal data, since such processing is done without a proper legal basis (explicit legal authority) and for a purpose different from that originally intended. The purpose of obtaining and using the Single Record of Shareholders is regulated in great detail by the Law on Companies and the Law on Capital Market, so any use of that Record for any other purpose is a form of inadmissible processing of personal data.

Monthly Statistical Report
in the field of Access 
to Information
and Personal Data Protection

31.12.2021.
PENDING: 3.118
DONE: 108.330

Read more...