GDPR encompasses legal, organizational and technical measures. The first step in the compliance process is Readiness Assessment. Depending on the outcome and your readiness for compliance, you can initiate certain steps immediately, such as mapping of personal data, drafting evidence of processing activities, and/or identifying your privacy and security risks. Drafting necessary documents (privacy notice, consents, agreements etc.) is very important step towards compliance as well. Taking care of your the privacy and security of your data is an ongoing and proactive process.

When acquiring software from foreign companies, a withholding tax on royalties from copyrights and other related rights is calculated and paid under tax rate of 20%. The tax is paid on the day of payment of the fee to the seller. If Republic of Serbia has entered into an international agreement on double tax avoidance, a company may use preferential (lower) tax rate determined by such international agreement. Precondition for using such lower tax rate is possession of a confirmation on residency of a foreign company for a calendar year in which a payment for a software is performed.

If you are targeting visitors from the EU (which  probably is the case) on your website, you need a cookie warning or a popup notice. In theory, only websites that collect user data by means of cookies need to get consent for doing so from their users. However, virtually all websites set cookies that track users. If you make use of any advertising, plugins, tools for analytics, or has social media-buttons, you need a cookie consent for your website.

GRC is an integrated approach and collection of capabilities that enable an organization to reliably achieve its business objectives, manage risks and act with integrity. It helps for the right people to get the right information at the right time. GRC thus brings efficiencies and solves many problems that organizations have related to high costs, unsuccessful risk management, and inability to address third party risks.

Efficient GRC activities are crucial for successful GDPR compliance process, as well as any other compliance effort.

Founders’ Agreement is an agreement of the owners of a business, which defines ther relationship(s) and determines the course of action in situations that influence development of their business. Regardless of whether you are working in a basement  on your next golden idea, or you are already a successful entrepreneur, it is advised that you sit, brainstorm and think about what potentially could influence your business - positively or negatively. On one hand it enables you to agree on common values and vision, and on the other, it defines your position in case of unforeseen circumstances. Tag along, drag along, preemptive rights, and settling potential disputes are just some of the topics to think about when you are drafting proper Founders’ Agreement.