Central Data File Register, according to the Law on Personal Data Protection (hereinafter the Law), is a unique record of data files established by all controllers processing personal data in the Republic of Serbia (Article 3 paragraph 10 of the Law). It is established and kept by the Commissioner for Information of Public Importance and Personal Data Protection (hereinafter: the Commissioner), (Article 44 paragraph 1 point 3 and Article 52 of the Law).
The purpose of the Central Register is to have every person acquainted with personal data processing. The Central Register represents a continuation of keeping records on personal data processing, which the operators form based on strict obligation deriving from Article 48 of the Law and Ordinance on the Form for Keeping Records and the Method of Keeping Records on Personal Data Processing.
Intents of the controllers to perform personal data processing and to establish data files shall also be entered in the Central Register (Article 49 of the Law).
The Central Register is important both for unique and comprehensive acquainting of persons with processing of their personal data by the controllers, as well as regarding implementing all types of supervision over personal data processing.
This Register is a special record of data files and controllers, consisting of the Register of data files and a catalogue of data files (Article 52paragraphs 2, 3 and 4 of the Law).
The Central Register consists of two segments, as follows:
- Search by controllers handing the data, as well as search of entered data files and the intents to establish data files;
- Entry of the intent to establish data files or entry of the existing data file by the controller, as well as entry or changes or deletion of recorded data files.
The Central Register is public and shall be published on the Internet (Article 52paragraph 5 of the Law), while gaining insight into records on certain data files can be denied only according to Article 52paragraph 7 of the Law. It shall be managed electronically by the Commissioner, while entry of data file by controllers shall be performed on the Internet or by submitting the applications for data files on prescribed forms.
The entry into the Central Register has a declarative character, and the Commissioner shall not pass special decision regarding entry into the Central Register and publishing of data about the files (except in case from Article 52paragraph 7 of the Law), if the entry procedure has been observed, because the entry represents an obligation of the controller, who is liable for correctness of submitted data.
Disrespect for provisions regarding the Central Register and recording of data files entails responsibility for infringement, according to Article 57paragraph 1 points 13 and 14 of the Law.