September the 26th, 2021 - The Republic of Croatia is set to present APIS IT, headed by Sasa Bilic, at an upcoming summit in the Belgian capital of Brussels at the end of this month.

As Poslovni Dnevnik/Lucija Spiljak writes, the development of a cloud strategy and the application of open source and cyber security issues are the main topics of the EURITAS summit entitled "Ensuring Digital Sovereignty of European Governments" which is set be held on the 30th of September in Brussels.

EURITAS is an organisation of European providers of IT services operating within the public sector that brings together eleven IT companies in majority public ownership from eight countries. Along with Croatia, those countries are Austria, Denmark, Finland, Italy, the Netherlands, Germany and Switzerland.

Croatia will be represented at the summit by APIS IT (Agency for Support of Information Systems and Information Technologies), whose President of the Management Board, also Vice President of EURITAS, Sasa Bilic, will participate in the discussion on digital sovereignty. This is a close area to APIS IT, considering that it is Croatia's leading state-owned company for IT solutions for state administration and local self-government, which participates in the development of the national cloud strategy.

As a publicly owned company, APIS IT is focused on the needs of public administration, so the biggest users are the Ministry of Finance, ie Tax and Customs Administration, the Ministry of Justice and Administration and the Ministry of Physical Planning, Construction and State Property for which APIS IT has built and maintains complex information systems.

On the other hand, in cooperation with the Central State Office for the Development of the Digital Society, APIS IT is collaborating on two significant EU projects - the establishment of the Shared Services Centre (CDU) as a state cloud, and e-Business.

As the cloud strategy is one of the key topics of the summit, Sasa Bilic gave a brief overview of cloud services in Croatia and in Europe, but also specifically in the company he leads.

"According to Eurostat data, Croatia's use of cloud services is above the European average, ie in the upper third of the table. This, however, applies to the economy, while we as a technical partner to the Central State Office for the Development of the Digital Society in the cloud platform construction project are particularly focused on public administration. Here we can say that in less than two years since the beginning of the project, we've reached 200 public administration bodies that use the infrastructure and services of the Shared Services Centre, which is an excellent indicator of the justification of the project implemented by the Central State Office. Namely, the planned performance indicator that we need to achieve by the end of 2023, when the project officially ends, is 300 users, which speaks volumes about the interest and needs of public administration bodies,'' explained Sasa Bilic in a bit more detail.

Sasa Bilic also explained why the summit's focus is on primarily digital sovereignty. For the European Union this issue is becoming increasingly important given that 92 percent of the data from the Western world is stored on servers owned by companies outside the EU that aren't subject to European laws on personal data protection, while at the same time, among the largest 20 technology companies have none from the EU.

"Such a state of affairs and dependence on monopolistic suppliers who aren't subject to the European Union's rules of the game is an obvious strategic weakness of the EU, which the prime ministers of Germany, Denmark, Estonia and Finland warned about in a joint letter sent to the European Commission a few months ago.

Control over data, but also hardware and software, they pointed out, is not only an important economic but also a first-class social and security issue. Therefore, the leaders of the four countries, led by German Chancellor Angela Merkel, called on the European Commission to adopt an action plan based on a new digital policy that will be open to cooperation with all, but whose main motive will be digital independence and self-determination.

The Croatian IT giant, which records revenue growth every year, has secured two national data centres in Zagreb and Jastrebarsko that meet the strictest TIER3 security and availability standards.

"Thanks to such a level of security, we can be the first choice for storing all IT systems, applications and data, so, for example, data about people will not have to be stored outside of Croatia. However, an equally important aspect of this topic is that through the construction of digital independence, we can provide and retain high value jobs, which creates the preconditions for the further development of society as a whole,'' explained Sasa Bilic.

The guaranteed availability of data centres stands at an impressive 99.98 percent per year, they have more than 1800 square metres intended for the storage of IT equipment, with the possibility of further expansion, while the delivery of 1.6 MW of electricity is guaranteed through the installation of four electricity sources with a total capacity of 7.2 MW.

This provides capacities that can successfully follow the growing needs of public administration, but also the private sector in the next medium term. According to the company, both data centres have redundant power sources, cooling systems and telecommunications networks, which can guarantee their customers uninterrupted operation and business continuity in all circumstances.

For more, see Made in Croatia.

April the 30th, 2021 - GDPR in Croatian tourism must be as respected as it is in all forms of society. The protection of personal data is of paramount importance when taking information from guests, but just how is GDPR used, respected, and above all not violated in Croatian tourism?

As Poslovni Dnevnik/Suzana Varosanec writes, the processing of personal data of guests for the purpose of putting the detais of a guest into Croatia's well known eVisitor system is based on the Tourist Tax Act and the Ordinance on the eVisitor system, and as such represents a legal obligation of private accommodation owners/managers. In the event that a guest refuses to provide information, the service provider has the right to refuse to provide the service. However, this situation can be circumvented by informing guests in advance about the processing of data through, for example, a privacy policy online.

If GDPR in Croatian tourism is being looked at through the eyes of private accommodation providers who own their own websites, care should be taken to ask for consent for cookies (other than the necessary ones) and a short information notice about them should be provided. Such renters should also have a policy or privacy statement available.

All of the above information was provided during training on personal data protection and harmonisation with the GDPR in Croatian tourism, as part of which an online interactive workshop organised by the Personal Data Protection Agency (AZOP) and the Croatian Chamber of Commerce (HGK). The information was presented to 230 participants who were interested in the correct processing of personal data and specifics in the tourism industry.

Furthermore, the copying and scanning of personal documents and their archiving is not allowed unless OCR scanning methods are used which automatically process only the data that are allowed to be taken and absolutely nothing else. Those guests who pay for excursions (such as in active tourism) don't need to give consent, but must, in accordance with the Law on the Provision of Services in Tourism, be informed both verbally and in writing before the excursion takes place.

The aforementioned training session's aim is to support enterprises in the Croatian tourism industry in harmonising all of their business processes with the provisions of the sometimes confusing GDPR. This form of training was one of the activities conducted by this Agency, within the implementation of the EU project ARC (Awareness Raising Campaign for SMEs), with the same the goal, which is to support SMEs in aligning their business processes with GDPR rules.

For more on Croatian tourism, make sure to follow our travel section.

New rules: tourism service providers know nothing about the new regulation and they could be facing EUR 20 million fines.