Former Ellex Partner Migle Petkeviciene has joined Sorainen as a Partner.

The data subject has the right to access the data processed by the controller about them, a right guaranteed by both the EU General Data Protection Regulation (“GDPR”) of April 14, 2016, which came into force on May 25, 2018, and the Law on Personal Data Protection of the Republic of Serbia.

On 14 May 2025, significant changes were made to North Macedonia’s personal data protection legislation. The Assembly of the Republic passed an amendment to expand the nations where personal data can be shared freely, without facing third-country transfer restrictions.

Following up on the CJEU's judgment of 9 January 2025, C-416/23, Österreichische Datenschutzbehörde (Demandes excessives), the Austrian Supreme Administrative Court addressed excessive and manifestly unfounded data subject requests to data protection supervisory authorities in six cases (VwGH 29 January 2025, Ra 2023/04/0002; Ra 2022/04/0049; Ro 2023/04/0018; Ro 2022/04/0016; Ro 2022/04/0022; Ra 2020/04/0084). The Austrian Federal Administrative Court added another decision on such requests (BVwG 11 March 2025, W137 2305838-1).

Given the growing emphasis on sustainability and responsible business practices, obligations in the field of ESG are becoming increasingly significant. The banking sector is emerging as one of the key players in this transformation, with evolving regulatory frameworks influencing its operations.

The White-Collar Crime Department of the law firm Musat & Asociatii, having a wide expertise in cybersecurity and in providing legal assistance and representation in complex cases involving cyber fraud, informs its clients and the general public about a newly emerging method of smishing (phishing via mobile phone messaging) in virtual space., which involves perpetrators targeting messaging and calling platform accounts (e.g. WhatsApp) with the intent of compromising and cloning them to commit various crimes.