Privacy Policy

 

Bojovic Attorneys at Law is a law firm based in Belgrade, Serbia and refers to attorney at law Marija Bojović, and cooperating independent attorneys, all admitted and duly licensed with the Belgrade Bar Association (“Bojovic Law Attorneys at Law“, “we” or “us“).

  1. Important Information

 

This privacy policy gives you information about how Bojovic Attorneys at Law, as the controller, collects and uses your personal data belonging to you or your personnel in the context of providing legal services.

Personal Data means information about individuals (including you), and information from which such individuals could be identified (“Personal Data“).

 

You means any individual whose Personal Data we process, including Bojovic Attorneys at Law clients, Bojovic Attorneys at Law client personnel, counterparties, counterparty personnel, other attorneys and advisors, witnesses, suppliers, supplier personnel and general business contacts.

  1. The Personal Data We Collect

We may collect, use, store and transfer different kinds of Personal Data which we have grouped together as follows:

  • Identity data: your first name, last name, company name, and position;
  • Contact data: your billing address, delivery address, email address, and phone numbers;
  • Financial data: your bank account information and payment details;
  • Transaction data: details of payments you have made and services you have purchased from us;
  • Technical data: your Internet Protocol (IP) address, login credentials, browser type and version, time zone and location, browser plug-in details, operating system, platform, device ID, and other technology-related data from the devices you use to access our website;
  • Data related to our services: information provided to us, obtained, or generated during the course of delivering our services, including special categories of data; and
  • Communication preferences: your preferences regarding newsletters and other communications from us.

Where we need to collect Personal Data by law, or under the terms of our engagement with you (as set out in our engagement letter and terms of business), and you fail to provide such data, we may not be able to perform the services.

  1. How is Personal Data Collected?

 

We use different methods to collect Personal Data in the process of carrying out work for you, such as when we communicate by email or other electronic correspondence, telephone, video conferencing software, or our website.

  1. Data Security

We have put in place appropriate security measures to prevent Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process Personal Data on our instructions, and they are subject to a duty of confidentiality.

  1. Purposes for Which We Use Personal Data and Legal Basis

We use your Personal Data only for the following purposes:

  • To check whether we can act for you as a new or existing client or across from you as a counter party or other third party on a matter involving a new or existing client, and carry out all of our regulatory compliance requirements, including conflicts of interest, anti-money laundering, anti-terrorism, sanctions, fraud and background screening;
  • To deliver and enhance our services to you, manage payments, fees and charges and collect and recover money owed to us;
  • To establish, exercise, or defend legal claims, and fulfil regulatory requirements (e.g., performance of KYC process);
  • To manage our relationship with you which will include notifying you about changes to our terms or privacy policy;, and
  • To evaluate your application, assess your suitability for the role, and communicate with you throughout the recruiting process.

The law requires us to have a legal basis for collecting and using your Personal Data. We rely on one or more of the following legal bases:

  • Performance of a contract with you;
  • Legitimate interest, where it is necessary for our legitimate interests as a legal services provider (or those of a third party) to ensure efficient service delivery without disproportionate impact on your privacy;
  • Regulatory and legal obligation, where we need to comply with a legal obligation to which we are subject; and
  • Consent, on which we rely only where we have obtained your active agreement to use your Personal Data for a specified purpose.
  1. Disclosure of Personal Data

 

We may share Personal Data with third parties, such as IT service providers and other service providers, as necessary to fulfill our inquiries and deliver our services. They will process any Personal Data on our behalf and at our discretion. When doing so, we act with reasonable care in selecting external processors and apply adequate contractual provisions to ensure compliance with all relevant legal and regulatory data protection obligations.

In certain occasions, we may be required to disclose certain information to comply with regulatory obligations. In such cases, we will notify you unless we are prohibited from doing so.

 

  1. Transfers

We may transfer Data Data to other countries to provide our legal and related services, as described in this privacy policy. Such transfers may involve sharing your data with jurisdictions outside the European Economic Area (EEA), including locations that do not offer the same level of data protection as your country of residence and are not recognized as providing an adequate level of protection. We will only transfer your Personal Data internationally when it is necessary for the performance of our services to you, for the establishment, exercise, or defense of legal claims, or when it is otherwise essential to fulfill the purposes outlined in this policy.

To ensure the security of your Personal Data during such transfers, we implement appropriate safeguards in line with the General Data Protection Regulation (EU) 2016/679 (GDPR), such as the use of standard contractual clauses.

  1. Data Security

We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.

  1. Third-Party Links

Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

  1. Data Retention

 

We will only retain Personal Data for as long as reasonably necessary to fulfil the purposes we collected it for and to satisfy any legal, regulatory, tax, accounting or reporting requirements for the period of five years following the completion or termination of the engagement. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

 

  1. Legal Rights

 

You have rights under data protection laws in relation to your Personal Data to: (i) request access to your Personal Data, (ii) request correction of the Personal Data, (iii) request erasure of your Personal Data in certain circumstances, (iv) object to processing of your Personal Data, (v) request the transfer of your Personal Data to you or to a third party, (vi) withdraw consent at any time where we are relying on consent to process your Personal Data, and (vii) request restriction of processing of your Personal Data.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

  1. Contact Details

 

If you have any questions about this privacy policy or about the use of your Personal Data or want to exercise your privacy rights, please contact us at contact@bojovic.com.

  1. Complaints

 

You have the right to file a complaint with the relevant local data protection authority, i.e., Serbian Commissioner for Information of Public Importance and Personal Data Protection. However, we would appreciate the opportunity to address your concerns and resolve any issues amicably before you choose to exercise this right. You may contact us at contact@bojovic.com.

  1. Changes to the Privacy Policy and Information Changes

 

We keep our privacy policy under regular review. Previous versions can be obtained by contacting us at contact@bojovic.com.

It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us, e.g., a new address or e-mail address. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete Personal Data that you provide to us.

Last Updated: 25 May 2026