By using the electronic services of the Republic Geodetic Authority (hereinafter: the eServices), you accept these terms and conditions of use and the monitoring measures that the Republic Geodetic Authority takes to protect their ICT system, which is of general interest for the Republic of Serbia, by the Decision of the Government of the Republic of Serbia on Determining Products and Services of Particular Importance for the Defense of the Republic of Serbia ("Official Gazette of the Republic of Serbia", No. 58/2008, 26/2019), which is in force since April 13, 2019.

Users undertake to use the eServices of the Republic Geodetic Authority exclusively in accordance with legal provisions, strictly adhering to the provisions of the Law on Information Security and other relevant legal and regulatory acts.

The user undertakes to use the eServices of the Republic Geodetic Authority optimally, in accordance with the needs of the implementation of their own activities and not to undertake activities or apply procedures that may in any way jeopardize the functionality of the service provision system or data protection. Otherwise, the Republic Geodetic Authority may restrict the user's access to the eServices for a certain period of time, until the functionality of the service system is established.

In the event of misuse of the service, the user is obliged to take appropriate measures to determine the circumstances under which this occurred and to notify the Republic Geodetic Authority thereof without any delay.

1. Protection of the ICT System of the Republic Geodetic Authority:

The Republic Geodetic Authority has the right to preventive analysis of access to the ICT system as well as analysis of network traffic in order to protect against misuse and malicious activities.

The Republic Geodetic Authority applies the appropriate security measures, procedures and tools to eliminate potential threats that may cause damage, disruption or blocking of access to the electronic eServices of the Republic Geodetic Authority, such as:

1. Computer network monitoring: Using a system for monitoring network traffic and detecting unusual activities on a computer network.

2. Intrusion detection systems: Using advanced detectors to timely detect and respond to unauthorized access or activity on the ICT system of the Republic Geodetic Authority.

3. Malware protection: Using antivirus and antimalware software to prevent infiltration and infection of the system or part thereof with malicious software.

4. Equipment for protection against (DDoS) attacks: Using preventive protection mechanisms that prevent and enable a rapid response to distributed attacks aimed at denying eServices.

5. Network traffic filtering: Application of filters and rules to block access to specific IP addresses, eServices or protocols that may pose a threat to the ICT system of the Republic Geodetic Authority.

6. White/blacklisting and bans: Restricting access to verified and trusted devices, sources and applications only.

7. Intelligent systems for early threat detection: Use of specialized systems and tools for early detection and detection of security incidents.

Communication networks, devices and lines are being constantly monitored and protected from unauthorized access, with a focus on protecting the confidentiality and integrity of data transmitted over public networks.

2. Security Monitoring:

All users using the eServices of the Republic Geodetic Authority accept this type of monitoring and tracking of activities in order to protect the ICT systems of the Republic Geodetic Authority. In the event of malicious activities or misuse, logs and records may be used to notify the competent authorities and take necessary actions and measures.

3. Additional Protection Measures:

The protection of the ICT system of the Republic Geodetic Authority may also include the unannounced application of other measures and tools in order to maintain the security of the ICT system. For the purposes of the ICT system protection, the Republic Geodetic Authority has the right to segment the network in order to isolate eServices and completely restrict access to eServices without prior notice and explanation.

4. Prohibitions:

Any interference, disabling or preventing other users from using the eServices of the Republic Geodetic Authority, as well as any other form of interference with electronic communication, is prohibited.

The publication, transmission, distribution of illegal, false or offensive material is prohibited. The transfer of protected content from the ICT system of the Republic Geodetic Authority with a special level of classification as well as intellectual property rights without the express written consent of the Republic Geodetic Authority to other computer systems is prohibited.

The use of data or information that would violate copyrights, trademarks, patents or other rights is prohibited. The distribution, transmission, or sharing of data/content containing viruses, Trojans or any other malicious software is prohibited.

It is prohibited to intentionally or unintentionally cause damage to the ICT system of the Republic Geodetic Authority or other users of the eServices.

Any unauthorized collection of any information about institutions, organizations and all other users of the electronic eServices of the Republic Geodetic Authority is prohibited without the express written consent of the Republic Geodetic Authority.

Any misrepresentation and use of false identities with the intent to deceive both employees of the Republic Geodetic Authority and other users of the eServices of the Republic Geodetic Authority is prohibited.

Any collection or distribution of information about the properties of communication and server devices, technology, platforms, methods of use, plans, as well as other content that may jeopardize the security of the ICT system is prohibited without the express written consent of the Republic Geodetic Authority.

5. Limitations of Liability:

The Republic Geodetic Authority shall in no case be liable for any direct, indirect or consequential damages arising from the use of the electronic eServices of the Republic Geodetic Authority.

The risk of using the eServices of the Republic Geodetic Authority shall be borne entirely by the user. The Republic Geodetic Authority shall not be liable for any damages arising from the use or inability to use the eServices of the Republic Geodetic Authority.

All potential disputes arising from the use of the eServices of the Republic Geodetic Authority shall be resolved amicably, and if this is not possible, the dispute shall be resolved before the competent court in Belgrade.

6.Privacy Policy:

When providing the eServices of the Republic Geodetic Authority, records are kept of access to the system and use of the services, which contain the following data: username, accessing IP address, and date and time of access.

Usernames:

When processing and storing information about users, the Republic Geodetic Authority stores usernames in order to ensure user identification and manage their access to the eServices of the Republic Geodetic Authority.

IP Addresses:

The Republic Geodetic Authority stores IP addresses from which access to our eServices is made. This information is used for the purpose of analysis and protection against potential security threats and abuse.

Date and Time of Access:

Information about the date and time is stored for each access to our eServices. This data helps to improve security and analyze the use of eServices.

Personal data from the above records are processed with the application of information security and personal data protection measures. The Republic Geodetic Authority acts in accordance with the General Personal Data Protection Policy adopted within the Privacy Information Management System (PIMS) in accordance with the Law on Personal Data Protection and in accordance with the requirements of the SRPS ISO/IEC 27701 standard.

The Republic Geodetic Authority acts in accordance with the Law on Personal Data Protection on the principles of personal data processing, which state the basic responsibilities of the Republic Geodetic Authority as a handler responsible for the implementation of the above principles:

Lawfulness, Fairness and Transparency

Personal data must be processed lawfully, fairly and transparently in relation to the person to whom the data relate ("lawfulness, fairness and transparency"). Lawful processing is the processing carried out in accordance with the Law on Personal Data Protection, or other law regulating processing.

Purpose of Processing

Personal data must be collected for specified, explicit, justified and legitimate purposes and may not be further processed in a manner incompatible with those purposes (“purpose limitation”).

Data Minimization

Personal data must be adequate, relevant and limited to what is necessary in relation to the purposes of the processing (“data minimization”).

Accuracy

Personal data must be accurate and, where necessary, kept up to date. Taking into account the purposes of the processing, all reasonable steps must be taken to ensure that inaccurate personal data are erased or rectified without delay (“accuracy”).

Storage Limitation

Personal data must be kept in a form which permits identification of natural persons only for the period necessary for the purposes of the processing (“storage limitation”).

Integrity and Confidentiality

Personal data must be processed in a manner that ensures appropriate protection of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage by applying appropriate technical, organizational and personnel measures (“integrity and confidentiality”).

7. Use of the “Cookies”

Applications and services of the NSDI, together with other applications of the Republic Geodetic Authority eServices, use "cookies" - text files that record data important for the functioning of the applications, and are stored within the user's web browser.

Necessary cookies allow data on user settings to be saved (for example, choice of language, city, font size, color scheme) and thus allow users to access them later in a more functional manner.

Analytical cookies are used to collect data on how the application is used in order to better understand the needs of visitors, improve the user experience and provide a higher quality of service. For these purposes, the Republic Geodetic Authority uses the Google Analytics service. The data collected in this regard includes, for example, the types of devices from which the portal is accessed (mobile or desktop devices), what are the sources of the visit, which pages/eServices are accessed, what is the interaction with certain elements of the applications (e.g. search field, selection of menu options, buttons for launching eServices, etc.).

Analysis of this data helps the Republic Geodetic Authority, among other things, to determine the existence of broken links, problems in using navigation elements or to improve search results. All of the aforementioned data is processed and used in a anonymized and aggregated manner, i.e. it is not linked in any manner to the identity of citizens, nor is it used to identify individual users of the application. Access to the Google Analytics service is provided exclusively to the authorized persons of the Republic Geodetic Authority, who work on application development and improving user experience.

8. Content Changes

This version of the Terms and Conditions of Use of the Electronic Services of the Republic Geodetic Authority was published in October 2023.