EUEnforcement: August 2, 2026

Croatia — GDPR + EU AI Act + Croatian AI Strategy 2021: AI Compliance Requirements

Q: When does Croatia — GDPR + EU AI Act + Croatian AI Strategy 2021 take effect?

Croatia — GDPR + EU AI Act + Croatian AI Strategy 2021 was effective 2018-05-25 with enforcement beginning 2026-08-02.

Croatia's Agencija za zaštitu osobnih podataka (AZOP) supervises GDPR. Croatia adopted its National AI Development Strategy in 2021, covering AI in tourism (major economic sector), manufacturing, logistics, and public services. Croatia's thriving tech startup scene (Zagreb, Split) and EU membership since 2013 make it an emerging AI market.

Check your compliance — free Download checklist

Key Facts

Effective Date

May 25, 2018

Enforcement Begins

August 2, 2026

Maximum Penalty

€20,000,000 or 4% of global turnover (GDPR); EU AI Act: €35M or 7% global turnover

What Your Business Must Do

2 compliance requirements identified. Critical requirements carry the highest risk of enforcement action.

GDPR AI Compliance — AZOP Supervision

Critical

AZOP enforces GDPR for AI systems processing Croatian residents' data. Croatian hospitality and tourism AI (recommendation engines, pricing algorithms, biometric hotel check-in) face DPIA requirements. AZOP has issued guidance on AI-driven marketing profiling. Automated decision-making rights (GDPR Art. 22) mandatory where AI decisions significantly affect individuals.

Deadline: August 2, 2026

EU AI Act — AI in Tourism & Hospitality

High Priority

Croatia's tourism sector is adopting AI for dynamic pricing, visitor management, and biometric hotel check-in. Facial recognition and biometric AI in hospitality is classified as high-risk under EU AI Act Annex III. Operators must: obtain explicit biometric consent (or have legal obligation basis), conduct DPIA, implement access controls, and ensure data deletion after processing purpose ends.

Deadline: August 2, 2026

Frequently Asked Questions

Does Croatia — GDPR + EU AI Act + Croatian AI Strategy 2021 apply to my business?

Croatia's Agencija za zaštitu osobnih podataka (AZOP) supervises GDPR. Croatia adopted its National AI Development Strategy in 2021, covering AI in tourism (major economic sector), manufacturing, logistics, and public services. Croatia's thriving tec. Use ComplianceIQ's free scanner to get a personalized assessment in under 5 minutes.

What is the penalty for non-compliance?

The maximum penalty under Croatia — GDPR + EU AI Act + Croatian AI Strategy 2021 is: €20,000,000 or 4% of global turnover (GDPR); EU AI Act: €35M or 7% global turnover. Fines are typically scaled by company size, severity of violation, and whether violations were willful or accidental.

How do I comply with Croatia — GDPR + EU AI Act + Croatian AI Strategy 2021?

The 2 requirements above cover the core obligations. The fastest path to compliance is: (1) conduct an AI risk assessment, (2) document your AI systems, (3) implement transparency disclosures where required. ComplianceIQ generates all required documents automatically.

Official Source

https://azop.hr/en

Last updated: 2026-04-14 — verify at source before relying on this information.

Don't leave compliance to chance

ComplianceIQ scans your AI tools, tells you exactly which regulations apply, and generates all required documents — in 30 minutes.

Start your free compliance scan