Data Protection

Dekorativni zeleni polukrug levi element – Aconto dizajn
Dekorativni zeleni polukrug desni element – Aconto dizajn

1. General Provisions

Aconto d.o.o. Beograd (hereinafter referred to as “Aconto” or “we”) is committed to the security and protection of data belonging to its clients, partners, and website visitors. All activities related to the processing and storage of data are conducted in accordance with:

  • the Law on Personal Data Protection (Official Gazette of the Republic of Serbia No. 87/2018),
  • the Law on Electronic Communications, and
  • generally accepted principles of information security and confidentiality.

Aconto applies all reasonable technical, organizational, and security measures to prevent unauthorized access, disclosure, alteration, or loss of data.
However, by using this website, you acknowledge that no information system is completely secure, and Aconto cannot guarantee absolute protection of data transmitted over the Internet.

2. Categories of Data Protected

Aconto ensures the protection of the following categories of data:

  • personal data provided by users via contact forms, e-mail, or telephone,
  • business and financial data obtained during the provision of accounting and consulting services,
  • internal data of employees, associates, and partners,
  • data from electronic communications (e-mails, server logs, IP addresses).

All such data are processed and stored in accordance with legal grounds and Aconto’s legitimate business interests.

3. Technical and Organizational Security Measures

Aconto implements the following measures to maintain data security and confidentiality:

  • use of SSL/TLS encryption across all web pages and e-mail servers,
  • regular backups and restricted access to servers,
  • password protection, antivirus, and firewall systems,
  • access control based on the need-to-know principle,
  • confidentiality agreements with all employees and partners,
  • mandatory internal procedures for handling and storing business documentation.

4. Confidentiality and Access to Data

Access to personal and business data is strictly limited to:

  • authorized employees of Aconto,
  • contracted data processors (e.g., IT support, hosting providers),
  • competent authorities of the Republic of Serbia — only when required by law.

All persons with access to data are bound by confidentiality obligations and are responsible for any unauthorized disclosure or misuse of information.

5. Data Breach and Incident Response

In the event of any suspected data security breach (e.g., unauthorized access, data loss, malicious attack), Aconto will:

  1. immediately initiate an internal investigation,
  2. take measures to prevent further damage,
  3. notify the Commissioner for Information of Public Importance and Personal Data Protection, where required, and
  4. inform the affected individuals if the breach could endanger their rights or freedoms.

Aconto bears no liability for damages caused by hacking attacks, Internet interruptions, technical failures, or actions of third parties beyond its control.

6. Liability and Limitations

Aconto acts in good faith and in compliance with applicable laws, but:

  • does not guarantee absolute security of data transmission over the Internet,
  • shall not be held responsible for damage caused by unauthorized actions of third parties,
  • is not liable for data loss resulting from force majeure, technical failure, or user negligence (e.g., using a public computer or unsecured network).

Users are advised to implement basic security measures on their side (antivirus protection, password security, and avoidance of sharing confidential data through public channels).

7. Data Subject Rights

Every individual whose data is processed by Aconto has the right to:

  • be informed about the processing of their data,
  • access, correct, or delete their data,
  • request restriction of processing,
  • data portability, and
  • object to data processing.

Requests may be submitted via e-mail to info@aconto.rs, and Aconto will respond within the legally prescribed time frame.

8. Amendments to the Data Protection Policy

Aconto may periodically update this Data Protection Policy to reflect legal, regulatory, or technical changes. All updates will be published on this page and will take effect on the date of publication. Users are encouraged to review this page regularly to stay informed about the latest version.