Effective as of 01/04/22



European Fund for the Balkans – The Representative Office of Network of European Foundations (“EFB”) respects your rights to privacy, and this Privacy Policy reflects that these rights are guaranteed under the new General Data Protection Regulation (“GDPR”) (when applicable) and the Data Protection Act in effect in the Republic of Serbia (“DPA”) where EFB is operating.


This Policy is prepared for our external contacts, partners, visitors of our website, participants in our programs and other persons with whom EFB comes into contact and whose data we collect and process. This Privacy Policy explains when, why and how do we collect personal data, how we use it, conditions under which we may disclose it to others (when necessary and under certain conditions) and how we keep it secure and confidential.


The website is registered and operated by the European Fund for the Balkans, and therefore the general European Fund for the Balkans’ privacy policy is applicable in regards of handling personal data.


Please read it carefully and contact us if you have any questions or concerns by emailing to Elena Petkovska Gjorgjievska at and calling us at +381 (0)11 32 39 877 or writing to us at European Fund for Balkans, Majke Jevrosime 20, 11000 Belgrade, Serbia.


This policy may change from time to time so please check this page occasionally to ensure that you are fine with any changes.



The controller of your data is Network of European Foundations from Brussels, Royale 94, Belgium (“NEF”) through its representative office in the Republic of Serbia, duly registered with the Serbian Business Registers Agency under the name European Fund for the Balkan, with the office located at Majke Jevrosime 20, 11000 Belgrade, registration no. 17697595 and tax no. 105140294.


As a data controller, we may obtain, collect and process data about you in the following manner:

1.       Personal data you give to us, i.e. the information that you are sharing with us entirely voluntary, in the following cases:


·         When you provide your contact details to us when requesting an information about EFB or our programs, either via telephone, online or face-to-face (name and surname, address, phone number, email address, etc.);

·         When you register to attend events organized by EFB;

·         When you sign up for our Newsletter;

·         When you communicate with us over phone, via email or in another manner;

·         When you conclude contracts or agreements with us;

·         When you apply for a job post (e.g. contact details, data on your education and employment history);

·         When you apply for projects;

·         When you participate in our surveys.


2.       Personal data we may automatically collect:


·         Your visits to our sites, including, but not limited to, traffic data, location data, weblogs and other communication data, and resources you access;

·         Technical information, including anonymous data collected by the hosting server for statistical purposes, the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.


Please refer to the section Cookies for further information.


3.       Personal data we may receive from other sources:


We obtain certain personal data about you from sources outside of our organization which may include third-party sources (e.g. our partner organizations we work with on projects).


The remaining provisions of this policy also apply to any personal data we obtain from these sources.


The personal data we collect might include your name, job title, address, email address, the organization you work for and your phone number.



The table below describes how we may use your data and what we understand to be the lawful basis for our processing:



Lawful basis for processing

Handling communication and exchange of information with our website users, responding to other requests that we receive in any form

Our legitimate interest to respond to queries and to provide information with respect to our activities, work, projects, etc.

Facilitating and organizing data subject’s attendance on our events or seminars

Our legitimate interest to keep track on registered participants so we can make proper organization of the events and communicate any changes with respect time sheet, venue, etc., prior the event

Managing our partners and projects

Performance of a contract concluded with our partners

Sending information which data subject has requested and that may be of his/her interest (this may include information about events, newsletters, publications and updates)


Seeking your views or comments on our work


Entering into a contract with data subject

Undertaking of actions, at the request of the data subject, before the conclusion of a contract

Performance of a contract with data subject and execution of legal obligations arising from such relationship (e.g. payment of a fee and accompanying taxes)

Performance of a contract

Compliance with a legal obligations


Undertaking of actions, at the request of the data subject, before the conclusion of the contract (during selection procedure)

Our legitimate interest to revisit the application within the reasonable time frame upon its submission (six months after the selection procedure ended i.e. after the receipt)

Assisting a public authority or criminal investigation body

Compliance with a legal obligation

Data analytics for reporting and analysis purposes, creating aggregated and anonymized reports and measuring the performance of our website

Our legitimate interests to improve our activities and services

Technical administration of the website and ensuring that it functions properly

Our legitimate interests in ensuring that the website properly functions from a technical / IT point of view

Protecting our operations, rights, privacy, safety or property, and pursuing available legal remedies or limiting the damages that we may sustain

Our legitimate interests to lawfully protect our organization

Any other specific purpose we describe when we collect the data

Respective lawful basis we refer to when we collect the data


The processing of your data is primarily done on a voluntary basis, which means that you are free to give us or to withhold your data.

However, the provision of certain data (e.g. on job candidates, business associates and partners) may be a necessary condition for conclusion and/or performance of a contract and legal obligations arising therefrom.

If you refuse to provide us with data, certain consequences may occur. For example, we will not be able to enter into a contract with you or perform obligations thereunder; or we will not be able to keep you informed on news and developments with respect to our activities and projects.


We keep our retention periods for personal data under review. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal data on our systems for as long as is necessary for the relevant activity, i.e. to achieve the purpose for which we use that data, or as long as is set out in a contract or agreement concluded between you and us or for the period of our obligations under the law. We routinely update our records to ensure those data that are no longer necessary for our work are removed.

Data about the candidates who have applied for a job at the EFB shall be kept during the selection procedure and six months after its completion i.e. after the moment of application receipt if there was no selection procedure. After the expiry of the storage period, we remove the data from our systems, return the files to the candidates if applicable) and/or destroy them in a safe manner, depending on their form (paper or electronic).

We do not retain personal data in an identifiable format for longer than is necessary.


As a rule, personal data that we collect and process are available to our designated staff located in Serbia and at the NEF’s headquarters in Brussels, Belgium.

We will not share your personal data with any third party to use for their own marketing purposes. However, we may disclose your personal data if required to do so by the law.

We may disclose your fata to our third-party service providers, agents, subcontractors and other organizations for the purposes of providing services to us or directly to you on our behalf.

Such third parties may include cloud service providers (such as hosting and email management) or travel agencies, hotels, administrative services or other third parties who provide services to us and assist us in the operation of our organization and website.

When we use third party service providers, we only disclose personal data that is necessary for them to provide their service and we always have a contract in place that requires them to keep your data secure and confidential, and not to use it other than in accordance with our specific instructions.

We may transfer your personal data:


·         if we are under a duty to disclose or share it in order to comply with any legal obligation or when this disclosure is required by applicable laws, court orders or government regulations, to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors and customers;


·         to protect the rights, privacy, safety or our property;


·         if you have consented to the disclosure.


However, we will always undertake measures aimed at ensuring that your privacy rights continue to be protected.



Your data is stored either in our databases in Serbia or in the databases of our server provider in Germany.

When we use a third-party processor, your personal data may be transferred outside both Serbia and the European Economic Area. However, it will only be transferred to countries that have been identified as providing adequate protection for personal data (like New Zealand) or to a third party where we have approved transfer mechanism in place to protect your personal data, for example by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties) or by entering into the Serbian Commissioner’s Standard Contractual Clauses or European Commission’s Standard Contractual Clauses (where applicable).


Subject to applicable laws and certain exemptions, restrictions or circumstances, you have a number of rights under GDPR (where applicable) and DPA, including the right:

·         To access your personal data;

·         To correct, modify and update your personal data;

·         To delete your personal data or restrict its processing;

·         To withdraw your consent at any time; please note that a withdrawal of consent shall not affect the admissibility of processing based on the consent prior to withdrawal;

·         To object to our use of your personal data for automated decisions made about you;

·         To ask us to transfer your personal data in a structured data file (data portability);

·         To file a complaint with a competent supervisory authority and seek a judicial remedy.

These rights may be exercised by written request to the contact details below. A reply will be provided to you within a reasonable delay, in accordance with the applicable regulations.

If you opted-in to receive news from us about our work, events, surveys and other information which we think you might be interested in, you can unsubscribe anytime by clicking the respective link that we provide in each message. Alternatively, please contact us using contact details in the end of this Privacy Policy.

If you would like to exercise any of your rights under DPA or GDPR (where applicable), or if you changed your email address or believe that any other information we hold is inaccurate or out-of-date, please contact us via email or office address given in the end of this Privacy Policy.

If you are concerned about the way we have collected and used your personal data, please contact us as described above and we will do our best to help. If you are unhappy with how we have handled your personal data, you have the right to contact the Commissioner for Information of Public Importance and Personal Data Protection.


We aim at always keeping your data as safe and secure as possible. Once we have received your personal data, we put in place reasonable and appropriate measures and controls to prevent as much as possible any accidental or unlawful destruction, loss, alteration or unauthorized access. Non-sensitive details (such as your email address) are transmitted normally over the internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal data, we cannot guarantee security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.


Cookies are small pieces of information sent to your device and stored on its hard drive to allow our site to recognize you when you visit.

Like many other websites, our website use Google Analytics cookies to obtain an overall view of the volumes and habits of our visitor on our website. Google Analytics is Google’s analytics tool that helps website owners to understand how their visitors engage with their properties. It may use a set of cookies to collect information and report site usage statistics without personally identifying individual visitors to Google. Google Analytics also collects Internet Protocol (IP) addresses to provide and protect the security of the service, and to give website owners a sense of which country, state, or city in the world their users come from. Google Analytics provides a method to mask IP that is collected, so that it uses only a portion of an IP address collected, rather than the entire address.

It is possible to switch off cookies by setting your browser preferences. For more information about cookies and how to switch them off on your device, please visit the applicable Privacy & Terms of the search engine which is in use.

We do not use cookies on our website for marketing purposes. As it is made on WordPress platform, our website contains WordPress cookies that enable technical operation of the website.

Our website contains fields with links to our profiles on Facebook, Twitter, YouTube, LinkedIn, and Vimeo. These fields use parts of the code coming directly from these platforms and which feed cookies to your web browser. You are therefore suggested to read the privacy notices of these companies (which may be updated from time to time) in order to understand the way they process your data using cookies.

The texts on our website may contain links to other internet presentations (e.g. different institutions, civil society organizations, partner organizations and different entities). If you visit some of these presentations via links on our website, please note that we will not be liable for processing of your data that may be done through these websites (including cookies that may be fed by these websites to your web browser or device) and we advise that you get informed on such processing through privacy notices on these websites and/or to adjust the parameters on your web browser so as to prevent the feeding of cookies and following your activities.


We may review this policy from time to time and we will notify you of any changes thereof by posting an updated version on this page with the note if the date of the most recent revision.


Our Data Protection Officer is Elena Petkovska Gjorgjievska. Please direct any inquiries about this policy or the way we process your personal data to our Data Protection Officer using the contact details below:

Postal address:

European Fund for Balkans (for the attention of DPO), Majke Jevrosime 20, 11000 Belgrade, Serbia

Phone number:      

+381 (0)11 32 39 877

Email address: