PURPOSE, SCOPE, AND METHODS OF PROCESSING
“The subject of this processing is data regarding the visitors/users of the website (hereinafter referred to as the ‘data subject’).
All data related to the data subjects is carefully protected to prevent loss, destruction, falsification, or unauthorized access.
All employees of the Controller are obliged to respect the confidentiality of the data subjects’ information and are committed to implementing activities with caution to maintain the confidentiality of your data and implement measures for their protection.
For this purpose, the controller has integrated a comprehensive work policy and ensured technical and operational conditions for the protection of personal data.
All collected data is processed in accordance with the legal regulations for personal data protection, to the extent necessary and sufficient exclusively for achieving the purposes of data processing, taking into account the privacy of the data subjects.
When conducting personal data processing activities, the necessary technical and organizational measures are implemented to ensure the required level of data security, including protection against unauthorized or unlawful processing, as well as accidental loss, destruction, or damage.
Data and personal information are not shared with third parties unless there is a legal obligation and legal basis for such sharing, as determined in accordance with the applicable regulations for personal data protection.
The website is not intended for individuals under 18 years of age, and the Controller does not aim to collect and process personal data of such individuals. In case a person under 18 years of age has provided their personal data without the consent of a parent or guardian, the Data Protection Officer of the Controller should be informed as soon as possible.
The obtained data is used to improve the offerings, enhance the appearance and functionality of the website, and facilitate easy, simple, and secure usage of the website by visitors.
These files can only be read by the network server in the domain that sent them. One of the main purposes of cookies is to provide users with conveniences that save them time.
For the purposes of direct marketing, personal data is collected and processed through the website, and it is collected solely based on consent provided by individuals whose data is being processed. Data subjects have the option to withdraw their consent for the processing of personal data for direct marketing purposes at any time.
These data are provided by the data subject to the data controller by filling out a form available on the controller’s website, through which the data subject agrees to receive promotional materials and notifications via the provided contact channels.
The data collected through the website is retained for as long as necessary to fulfill the purposes for which they are processed, and personal data voluntarily provided by the data subject for direct marketing purposes is retained until it is withdrawn by the data subject.
USERS’ RIGHTS (DATA SUBJECTS)
The data subject has the right to obtain confirmation from the controller as to whether their personal data or personal data concerning them are being processed, and if so, to access the personal data and the following information:
- The purposes and legal basis for processing the personal data and the recipients or categories of recipients to whom the personal data have been or will be disclosed;
- The personal data concerning the data subject and the source of the data;
- The logic involved in any automatic processing that has an impact on the data subject.
The controller is obliged to respond to the data subject within 15 (fifteen) days from the date of receiving the request.
Once the controller has responded to the data subject’s request for access to their personal data, they are not obliged to respond again to the same or similar request from the data subject, provided that no changes have been made to the personal data, unless six (6) months have passed since the receipt of the previous request until the new request.
Upon the data subject’s request, the controller is obliged to supplement, correct, delete, or cease the use of personal data if the data is incomplete, inaccurate, or not up to date, and if their processing is not in accordance with the provisions of the Law on Personal Data Protection.
If the controller determines that the personal data is incomplete, inaccurate, or not up to date, they must supplement, correct, or delete the data, regardless of whether the data subject has submitted a request for supplementation or correction of personal data.
Given the complexity of the work and the existence of a large number of requests, the Controller reserves the legal right (Article 16, paragraph 3 of the Law on Personal Data Protection) to extend the deadline by 2 months, and at each extension of 30 days, the applicant will be informed accordingly.
If the Controller does not comply with the request, the data subject has the right to report the case to the Data Protection Agency.
According to Article 16, paragraph 5 of the Law on Personal Data Protection, this request is processed free of charge. If the data subject’s requests are obviously unfounded or excessive, especially in the case of their repetitive nature, the controller may:
- Charge a fee, taking into account the volume, complexity, and time required to provide the requested information or communication or to comply with the request;
- Refuse to act on the request.
The Controller is obliged to provide a copy of the personal data being processed to the data subject upon their request. If the data subject submits the request electronically, the information will be provided to the data subject in the usual manner used for electronic forms unless the data subject requests otherwise.
The attached document ‘REQUEST FOR ACCESS AND CORRECTION OF PERSONAL DATA’ can be used for all requests, and it should be completed and sent to email@example.com with the subject line ‘TO THE DATA PROTECTION OFFICER.’
TRANSFER OF DATA TO OTHER COUNTRIES
Due to the choice of a suitable hosting provider for the activities conducted through this website, a Macedonian representative of a foreign hosting provider (German hosting provider within the EU) has been selected, which operates in accordance with legal norms for the protection of personal data and has implemented appropriate technical and organizational measures.
A document titled “Notification of the Transfer of Personal Data to a Member State of the EU or EEA in accordance with Article 48(3) of the Law on Personal Data Protection” has been submitted to the Data Protection Agency for the transfer of data.
CONSENT AND CHANGES TO THE TERMS
The Controller has the right to modify the terms, but any changes become effective upon the publication of this web page.
Data Protection Officer:
Contact for Data Protection-related inquiries: firstname.lastname@example.org with the subject line “TO THE DATA PROTECTION OFFICER.”