Last updated: 15 April 2026 (2026-04-15)
This Privacy Policy explains how Pantera Digital d.o.o. ("Pantera Digital", "we", "us", or "our") collects, uses, shares, and protects personal data in connection with our website at pantera-digital.com and the services we deliver through it. It is written to meet the requirements of Serbia's Law on Personal Data Protection (Zakon o zaštiti podataka o ličnosti, "Sl. glasnik RS" br. 87/2018, "ZZPL") and, where it applies extraterritorially, the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR").
This policy applies whenever you visit our website, contact us, apply for a role, or use a service we deliver online. It does not cover third-party websites that we may link to — those are governed by their own privacy notices.
The data controller is Pantera Digital d.o.o., a company registered in the Republic of Serbia with its registered office at Savski Nasip bb, 11000 Belgrade, Serbia. CRN: 21611166. TIN (Tax Identification Number): 112121665.
For privacy matters you can contact us by:
Our EU representative under Article 27 GDPR: to be appointed. Until a representative is formally appointed, EU-based data subjects may contact us directly through the channels above.
The terms used in this policy follow the definitions in Article 4 of the GDPR and Article 4 of the ZZPL. In particular:
Depending on how you interact with us, we may process the following categories of personal data:
We do not intentionally collect special categories of personal data (Article 9 GDPR / Article 17 ZZPL) through this website. Please do not send us such data unless we have specifically asked for it in a context where it is needed and lawful.
We process personal data only where we have a lawful basis under Article 6(1) GDPR / Article 12 ZZPL. The list below summarises the main purposes and the legal basis we rely on for each:
Where we rely on legitimate interests, we balance those interests against your rights and freedoms. You have the right to object (see Section 10).
In most cases we collect personal data directly from you, for example when you complete a form, email us, or apply for a role. In limited cases we may also receive data from:
Where we obtain data from a source other than you, we will — in line with Article 14 GDPR — provide the information required by that Article within a reasonable period.
We share personal data only where necessary and with appropriate safeguards. The categories of recipients are:
We maintain an internal register of our main processors. If you would like information about a specific processor, please contact us at privacy@pantera-digital.com.
Pantera Digital is established in Serbia, which is outside the European Economic Area (EEA) and, as of the last update of this policy, is not on the European Commission's list of countries providing an adequate level of data protection.
Where personal data is transferred from the EEA to Serbia (for example, when an EU client provides us with personal data to deliver a service), we rely on the Standard Contractual Clauses adopted by the European Commission in Implementing Decision (EU) 2021/914, or on another transfer mechanism permitted by Chapter V GDPR, together with supplementary measures where required.
Where personal data is transferred from Serbia to a third country, we apply the conditions set out in Articles 63 to 69 ZZPL, which include adequacy findings by the Serbian Commissioner, appropriate safeguards (including Serbian-equivalent standard contractual clauses), or specific derogations.
You may request a copy of the safeguards we have put in place by contacting us at privacy@pantera-digital.com.
We keep personal data only for as long as it is needed for the purposes set out in this policy, unless a longer period is required or permitted by law. Indicative retention periods:
Specific retention periods for individual processing activities are available on request.
Under Chapter III GDPR and Part 3 of the ZZPL, you have the following rights in relation to your personal data:
You can exercise any of these rights by contacting privacy@pantera-digital.com. We will respond without undue delay and in any event within the time limits set out in Article 12 GDPR and Article 21 ZZPL (generally 30 days, extendable where the request is complex). We may need to verify your identity before acting on a request.
If you believe we have not handled your personal data lawfully, you have the right to lodge a complaint with a supervisory authority. The primary authority for Pantera Digital is:
Poverenik za informacije od javnog značaja i zaštitu podataka o ličnosti
(Commissioner for Information of Public Importance and Personal Data Protection of the Republic of Serbia)
Bulevar kralja Aleksandra 15, 11000 Belgrade, Serbia
Web: poverenik.rs
If you are located in the European Union or European Economic Area, you may alternatively contact the data protection authority of your country of residence or place of work. A list is maintained by the European Data Protection Board at edpb.europa.eu.
We do not make decisions that produce legal or similarly significant effects on you based solely on automated processing. Where we use tools that profile website usage — for example, aggregated analytics — we design them to work on aggregate or pseudonymised data wherever practicable.
We apply appropriate technical and organisational measures to protect personal data against loss, unauthorised access, disclosure, alteration, or destruction, in line with Article 32 GDPR and Article 42 ZZPL. These measures include encryption of data in transit, role-based access controls, logging and monitoring, staff confidentiality commitments, and a documented incident response process. If we become aware of a personal data breach, we will notify the competent supervisory authority and, where required, affected data subjects within the time limits set by applicable law (typically 72 hours for notification to the authority).
Our website uses a limited number of cookies and similar technologies. Strictly necessary cookies are set by default to operate the site. For non-essential cookies — including analytics, performance, and marketing cookies — we ask for your consent in line with Article 127 of Serbia's Zakon o elektronskim komunikacijama ("Sl. glasnik RS" br. 35/2023) and, where applicable to EU visitors, the ePrivacy Directive (2002/58/EC as amended). You can withdraw or adjust your consent at any time through the cookie preferences control on the site. A more detailed description is available in our forthcoming Cookie Policy.
Our services are intended for business users and are not directed at children. We do not knowingly collect personal data from children under the age of 15 (the digital-consent age under ZZPL). In most EU Member States, the digital-consent age under Article 8 GDPR is 16. If you believe we have inadvertently collected data from a child, please contact us and we will delete it.
If you are based in a jurisdiction that provides additional privacy rights — for example, California (CCPA/CPRA), the United Kingdom (UK GDPR), or Canadian provinces with specific privacy statutes — please contact privacy@pantera-digital.com. Where a jurisdiction-specific addendum applies to our processing of your data, we will provide it on request.
We may update this policy from time to time to reflect changes in our services, in applicable law, or in our processing practices. The "Last updated" date at the top of the page shows when the current version took effect. Where a change is material, we will take reasonable steps to draw your attention to it.
If you have any questions about this policy or about how we handle your personal data, please contact: