Is certainly one of the most delicate and questionable topics of privacy law and in information law in general. On one side, employers have the legal right to supervise work of the employees (this is regulated in Employment Relationship Act and also in Civil Servants Act), but on the other side legislation protects privacy of employees at their workplaces (e.g. this is regulated in Personal Data Protection Act).

Protection of privacy and personal integrity is a constitutional right. Employers may collect, process and use personal data of their employees only in cases which are precisely defined in acts or if such actions are required for realization of rights and obligations from employment relationship. In public sector personal data may be processed in respect of individuals that have contractual relations with the public sector or on the basis of the individual’s initiative are negotiating on the conclusion of a contract, provided that the processing of personal data is necessary and appropriate for conducting negotiations for the conclusion of a contract or for the fulfilment of a contract.

Personal Data Protection Act requests personal consent of an individual – is a voluntary statement of the will of an individual that his personal data may be processed for a specific purpose, and this is given on the basis of information that must be provided to such individual by the data controller pursuant to this Act; personal consent of an individual may be written, oral or some other appropriate consent of the individual.

Employer should take actions on making the internal act in which electronic surveillance shall be precisely defined. All legal acts should be included in such act as its basis. Employees should be notified about its content. Such act should be refreshed and monitored constantly to ensure its legality and to sensitize possible abuse promptly.


– producing necessary documents,
– counseling on how to legally build a system of electronic surveillance of employees.


Act (book of regulations) on surveillance at the workplace

– insight into e-mails
– insight into history of activities at the internet
– insight into work on applications
– insight into the usage of work mobile and landline phones
– insight on tracking of company’s vehicles
– recording of conversation (e.g. telephone, internet voice transmissions, etc.)
– archives making and usage of electronic evidence

Rules on whistleblowing

Use of e-documents policy

– classified data use
– personal data use
– intellectual property use (use of copyrighted documents)

Software acquiring and installing policy

– sources form which employees are permitted to install a piece of software
– installaton at the workplace/ at home
– installing of shareware
– …

Applications use policy

– e-mails (whom, subject, what kind of attachments, language, disclaimer)
– web browsers (java, javascript, cookies, secure connections, security of browsers in general)
– …

Web services use policy

– external e-mails
– online billboards
– chatrooms
– pornographic sites
– gambling sites
– …

Technical measures for digital protection policy

– anti-virus software
– firewall
– passwords
– encription and coding
– e-signatures
– backups

Hardware use policy

– biometric devices
– desktops
– laptops
– handhelds
– smartphones


Our legal advisory service is designed for companies and organizations, which want to supervise their employees at work by using electronic devices and want to do that in accordance with law.


Data, information and other content, made available on the web portal www.iepri.si is to be used for informative purposes only. Website manager consequently accepts no responsibility for its completeness, accuracy, correctness and any damages that might arise from the use of incorrect, incomplete or inaccurate data, information or content.

Furthermore, no natural and/or legal person that participated in the elaboration of this website shall not be liable for any damages arising from access to, use or the inability to use the data, information or content, made available on this website or any errors, irregularities or deficiencies.

In case of any links to other websites (outside the web portal www.iepri.si and its sub-websites) the website manager notes that these links are not under his supervision and is therefore not liable for their availability and content. At the same time the website manager notes that it will not nor is he authorized to transmit any complaints with regard to the availability and content of these links.

The website manager reserves the right to, at any time and in any way, partially or completely modify, supplement or delete the published data, information and other content content, regardless of the reason and without prior notice.