Based on the Law on Trade Companies and the Statute of Prilepska Pivarnica – Prilep Brewery S.A. Prilep, the provisions of the Law on Personal Data Protection, as well as the bylaws of the Personal Data Protection Agency, the Management Board of Prilepska Pivarnica – Prilep Brewery S.A. Prilep at the meeting held on 12.08.2021 adopted the following:
- Personal data collection controller
The personal data controller is Prilepska Pivarnica – Prilep Brewery S.A. (from now on referred to as the Controller), based in Prilep on “Cane Kuzmanoski” no. 1 Prilep, with CIN 4071344.
The Controller is a joint-stock company established following the provisions of the Law on Trade Companies and registered in the single trade register kept at the Central Register of the Republic of Macedonia.
Personal data are processed per the provisions of the Law on Personal Data Protection, the bylaws of the Agency for Personal Data Protection, and the bylaws on technical and organizational measures for processing the Controller’s personal data.
- Users and categories of users of personal data
The Controller collects data related to the following categories of persons:
- Persons who submit notifications and requests to the Controller on various grounds defined in the regulations in force that process the issue of protection of personal data processing.
- Categories of personal data being processed
3.1. Navigation data
When visiting the Controller’s website, logs are created for each visitor with the following data:
- Internet Protocol (IP) Address;
- The device from which it is accessed, type, and model;
- Operating System;
- Browser type, plug-in and version;
- The pages visited on the website and the time spent on each side;
- URL of the page that transferred you to the Controller’s website and, in some cases, the terms you used in trying to find the Controller’s website;
- The language of the browser being used;
- Country (determined by the IP address).
Server logs are automatically deleted within 15 days unless circumstances require a more extended hold (for example, to investigate a virus or malicious attack).
The controller independently maintains the servers. We conduct all activities on the website internally or externally (as the case may be), including the logs that are created and the analysis of the data transmitted from the visits to the website of the Controller.
3.2. Data that user voluntarily submit
Personal data that we collect from the visit to the Controller’s website are those that visitors voluntarily submit for specific purposes to enable the removal of the rights and obligations of the Controller.
We may collect any of the following categories of personal data: (1) first and last name, (2) address, (3) contact phone, (4) fax, and (5) email.
- How we collect personal data
We collect personal data through various channels, including:
- Through the use of the website, including the forms set up for use on the website;
- By e-mail of the Controller,
- By post,
- By fax,
For oral requests, minutes shall be prepared and signed by the person who submitted the oral request and by the person employed by the Controller, who has compiled the minutes and registered in the archives of the Controller.
- Personal data user categories
The personal data processing activities related to the online services available through the Controller’s website are performed by the employees responsible for these services or those in charge of performing the activities in question.
We do not share data about individuals obtained from visiting the Controller’s website with third parties, except in the following cases:
- In case of hiring processors, which will oblige them to act on the instructions of the Controller and the regulations in force in the field of personal data and ensure the protection of personal data processed in the provision of those services.
- At the request of a court, police, or other authorities and bodies for the exercise of their competencies and only if there is a legal basis for doing so.
- Retention time of collected data
The data we collect are stored following the regulations in force and the period required to achieve the purpose of the processing and are determined in the (review) with deadlines for storing the Controller’s personal data.
- What are the rights of natural persons?
The rights of natural persons concerning the processing of their data are:
- The right to be informed about the processing of personal data,
- The right to access personal data,
- The right to rectification and deletion of personal data,
- The right to restrict the processing of personal data,
- The right to object
For further information and/or the exercise of your personal data protection rights, you can contact Personal Data Protection Officer – Aleksandar Mateski at the following e-mail: firstname.lastname@example.org or by phone at 048/421-450.
- The right to submit a request to the PDPA
Suppose there are grounds for suspicion that how the Control processes personal data violates the provisions of the Law on Personal Data Protection. In that case, persons may submit a request to the Personal Data Protection Agency as a supervisory body, which will be handled the same way as any other submitted request, following the provisions of the Law on Personal Data Protection and the bylaws.
If you wish to exercise the above rights arising from the Law on Personal Data Protection, please access the following links, fill in the appropriate form, and send it to us via the electronic or postal address listed above.