This Privacy Policy provides general information about the processing of collected personal data when you visit the Controller’s website. The controller collects only those personal data that are necessary to exercise its own rights and obligations.

1. Controller of personal data collections

The controller of the personal data is Prilepska Pivarnica AD Prilep (hereinafter the Controller), headquartered at Cane Kuzmanoski 1 Prilep, with company registration number 4071344.

The controller is a joint-stock company established in accordance with the provisions of the Law on Trade Companies and registered in the single trade registry maintained by the Central Registry of the Republic of Macedonia.

Personal data is processed in accordance with the provisions of the Personal Data Protection Law, the by-laws of the Personal Data Protection Agency and the acts of the Controller on technical and organizational measures for personal data processing.

2. Users and categories of users of personal data

The controller collects data related to the following categories of people:

• Visitors to the Controller’s website prilepskapivarnica.com.mk. Usually, the Controller collects navigation data that is used to analyse data from visits to the website, as well as to maintain its information security. Read the Controller’s cookie policy to learn more about the use of cookies.
• People who submit notifications and requests to the Controller on different grounds defined in the positive regulations that deal with the issue of protection of personal data processing.

3. Categories of data being processed

3.1. Navigation data

When visiting the Controller’s website, logs with the following data are created for each visitor:

• Internet protocol (IP) address;
• The device accessed from, type and model;
• Operating system;
• Browser type, plugins and version;
• The pages visited on the website and the time spent on each page;
• The URL of the page that redirected you to the Controller’s website and, in some cases, the keywords you used in trying to find the Controller’s website;
• The language of the browser used;
• Country (it is determined by the IP address).

Server logs are automatically being deleted within 15 days, unless circumstances require longer retention (for example, to investigate a virus or malicious attack).

The controller maintains the servers independently. We carry out all website activities internally or externally (depending on the case), including the logs that are being created and the analysis of the data that is being transferred from the visits to the website of the Controller.

3.2. Data that users submit voluntarily

The personal data that we collect from visiting the website of the Controller are those that visitors voluntarily submit for specific purposes, in order to enable the exercise of the Controller’s rights and obligations.

We might collect some of the following categories of personal data: (1) full name, (2) address, (3) phone number, (4) fax, (5) e-mail.

4. How we collect personal data

We collect personal data via various channels, including:

• through the use of the website, including the linked forms;
• via the e-mail of the Controller;
• via mail;
• via fax;
• orally.

For the oral requests, a representative of the Controller prepares a record which is signed by them and by the person who submitted the oral request. This record is also filed in the Controller’s archive.

5. Categories of users of personal data

The personal data processing activities related to the online services available through the Controller’s website are performed by the employees responsible for these services or the persons in charge of performing the activities in question.

We do not share data with third parties about the natural persons who visited the Controller’s website, except in the following cases:

• when hiring processors, they will be obliged to act according to the instructions of the Controller and the positive regulations in the field of personal data and ensure the protection of personal data that are processed during the provisioning of those services.
• at the request of a court, police or other authorities and bodies for the exercise of their competences and only if there is a legal basis for it.

6. How long we store the collected data

The data we collect is stored in accordance with the positive regulations and the period required to achieve the purpose of the processing and these are determined in the (review) with the terms of storage of personal data of the Controller.

7. What are the rights of natural persons?

The rights of natural persons, in relation to the processing of their personal data, are:

• the right to be informed about the processing of personal data;
• the right of access to personal data;
• the right to correction and deletion of personal data;
• the right to limit the processing of personal data;
• the right to make a complaint.

For additional information and/or exercise of your rights for the protection of personal data, you can contact the Data protection officer – Aleksandar Mateski at the following e-mail: mateski@pripiv.com.mk or via phone 048/421-450.

8. The right to submit a request to the PDPA  

If there are grounds for suspicion that the way in which the Controller processes personal data violates the provisions of the Personal Data Protection Law, persons may submit a request to the Personal Data Protection Agency (PDPA) as a supervisory body, which will be handled in the same way as any other submitted request, in accordance with the provisions of the Personal Data Protection Law and the by-laws.

9. Change of Privacy policy

The privacy policy will be regularly changed and supplemented according to the changes and the activities of the Controller.

10. Upload of Privacy policy

This Privacy Policy will be uploaded to the Controller’s official website.

If you wish to exercise the abovementioned rights arising from the Personal Data Protection Law, please access the following links, fill out the appropriate form and send it back to us via the electronic or postal address indicated above.

•        Request for deletion of personal data

•       Request for correction of personal data

•       Request to limit the processing of personal data

•       Request for withdrawal of consent

•       Request for access to personal data

•       Complaint