Based on the Law on Trade Companies and the Statute of Prilepska Pivarnica AD Prilep, the provisions of the Personal Data Protection Law, as well as the by-laws of the Personal Data Protection Agency, the Board of Directors of Prilepska Pivarnica AD Prilep at the meeting held on 12th August 2021 passed the following:
- Controller of personal data collections
The controller of the personal data is Prilepska Pivarnica AD Prilep (hereinafter the Controller), headquartered at Cane Kuzmanoski 1 Prilep, with company registration number 4071344.
The controller is a joint-stock company established in accordance with the provisions of the Law on Trade Companies and registered in the single trade registry maintained by the Central Registry of the Republic of Macedonia.
Personal data is processed in accordance with the provisions of the Personal Data Protection Law, the by-laws of the Personal Data Protection Agency and the acts of the Controller on technical and organizational measures for personal data processing.
- Users and categories of users of personal data
The controller collects data related to the following categories of people:
- People who submit notifications and requests to the Controller on different grounds defined in the positive regulations that deal with the issue of protection of personal data processing.
- Categories of data being processed
3.1. Navigation data
When visiting the Controller’s website, logs with the following data are created for each visitor:
- Internet protocol (IP) address;
- The device accessed from, type and model;
- Operating system;
- Browser type, plugins and version;
- The pages visited on the website and the time spent on each page;
- The URL of the page that redirected you to the Controller’s website and, in some cases, the keywords you used in trying to find the Controller’s website;
- The language of the browser used;
- Country (it is determined by the IP address).
Server logs are automatically being deleted within 15 days, unless circumstances require longer retention (for example, to investigate a virus or malicious attack).
The controller maintains the servers independently. We carry out all website activities internally or externally (depending on the case), including the logs that are being created and the analysis of the data that is being transferred from the visits to the website of the Controller.
3.2. Data that users submit voluntarily
The personal data that we collect from visiting the website of the Controller are those that visitors voluntarily submit for specific purposes, in order to enable the exercise of the Controller’s rights and obligations.
We might collect some of the following categories of personal data: (1) full name, (2) address, (3) phone number, (4) fax, (5) e-mail.
- How we collect personal data
We collect personal data via various channels, including:
- through the use of the website, including the linked forms;
- via the e-mail of the Controller;
- via mail;
- via fax;
For the oral requests, a representative of the Controller prepares a record which is signed by them and by the person who submitted the oral request. This record is also filed in the Controller’s archive.
- Categories of users of personal data
The personal data processing activities related to the online services available through the Controller’s website are performed by the employees responsible for these services or the persons in charge of performing the activities in question.
We do not share data with third parties about the natural persons who visited the Controller’s website, except in the following cases:
- when hiring processors, they will be obliged to act according to the instructions of the Controller and the positive regulations in the field of personal data and ensure the protection of personal data that are processed during the provisioning of those services.
- at the request of a court, police or other authorities and bodies for the exercise of their competences and only if there is a legal basis for it.
- How long we store the collected data
The data we collect is stored in accordance with the positive regulations and the period required to achieve the purpose of the processing and these are determined in the (review) with the terms of storage of personal data of the Controller.
- What are the rights of natural persons?
The rights of natural persons, in relation to the processing of their personal data, are:
- the right to be informed about the processing of personal data;
- the right of access to personal data;
- the right to correction and deletion of personal data;
- the right to limit the processing of personal data;
- the right to make a complaint.
For additional information and/or exercise of your rights for the protection of personal data, you can contact the Data protection officer – Aleksandar Mateski at the following e-mail: firstname.lastname@example.org or via phone 048/421-450.
- The right to submit a request to the PDPA
If there are grounds for suspicion that the way in which the Controller processes personal data violates the provisions of the Personal Data Protection Law, persons may submit a request to the Personal Data Protection Agency (PDPA) as a supervisory body, which will be handled in the same way as any other submitted request, in accordance with the provisions of the Personal Data Protection Law and the by-laws.
If you wish to exercise the abovementioned rights arising from the Personal Data Protection Law, please access the following links, fill out the appropriate form and send it back to us via the electronic or postal address indicated above.
Prilep Brewery AD Prilep