Who is the Data Protection Authority in Croatia?

The Data Protection Authority in Croatia is the Agencija za zaštitu osobnih podataka (AZOP). You can reach them at https://azop.hr/

How can I check if my Croatia website is GDPR compliant?

You can use PrivacyChecker's free GDPR scanner to instantly audit your website. It checks cookie consent, privacy policy, security headers, and 25+ compliance points relevant to Croatia's data protection requirements.

PrivacyChecker

🇭🇷

GDPR Compliance in Croatia

Hrvatska · Croatian GDPR Implementation Act

TL;DR

Websites targeting users in Croatia must comply with GDPR as implemented locally through the Croatian GDPR Implementation Act. The supervisory authority is the Agencija za zaštitu osobnih podataka (AZOP). Use our free scanner below to check your website instantly.

Check your website's Croatia compliance now

Free audit — 25+ automated checks in 60 seconds

Scan My Website Free →

Data Protection Authority

Authority

Agencija za zaštitu osobnih podataka (AZOP)

Website

azop.hr ↗

Local Law

Croatian GDPR Implementation Act

Language

Croatian

Population

3.9 million

Key Requirements for Croatia

Cookie consent required per ePrivacy directive

DPO required per standard GDPR criteria

Data breach notification within 72 hours

Special rules for video surveillance

Croatian-language privacy notices recommended

Growing enforcement focus on e-commerce

What Makes Croatia Different?

Croatia joined the Euro in 2023. AZOP has been increasing its enforcement activities, particularly targeting e-commerce sites and public sector organizations.

Croatia Website Compliance Checklist

☐

Cookie consent banner that requires opt-in before non-essential cookies

☐

Clear identification of data controller and contact details

☐

Data Processing Agreement (DPA) with all third-party processors

☐

Lawful basis documented for each processing activity

☐

Data Subject Access Request (DSAR) process in place

☐

Data breach notification procedure compliant with 72-hour rule

☐

Data Protection Impact Assessment for high-risk processing

☐

International data transfer mechanisms documented (SCCs, adequacy decisions)

☐

Records of processing activities (ROPA) maintained

Frequently Asked Questions

What are the GDPR requirements for websites in Croatia?

In Croatia, websites must comply with GDPR as implemented by the Croatian GDPR Implementation Act. Key requirements include obtaining explicit consent before setting non-essential cookies, providing a clear privacy policy, appointing a DPO when required, and notifying data breaches within 72 hours to the Agencija za zaštitu osobnih podataka (AZOP).

Who enforces GDPR in Croatia?

The Agencija za zaštitu osobnih podataka (AZOP) is the supervisory authority responsible for enforcing data protection laws in Croatia. They can investigate complaints, conduct audits, and issue fines up to €20 million or 4% of annual global turnover.

How can I check if my website complies with Croatia data protection laws?

Use PrivacyChecker's free scanner to perform an instant audit of your website. Our tool checks 25+ compliance points including cookie consent, privacy policy presence, security headers, tracker detection, and more — all relevant to Croatia's GDPR requirements.

Is your website compliant in Croatia?

Find out in 60 seconds with our free GDPR scanner

Run Free Audit →

GDPR Compliance in Other Countries

🇩🇪Germany 🇫🇷France 🇳🇱Netherlands 🇪🇸Spain 🇮🇹Italy 🇧🇪Belgium 🇦🇹Austria 🇵🇱Poland