Privacy Policy

PRIVACY NOTICE FOR ICT SMART SOLUSNS DOOEL Skopje

Web country https://credy.mk/, is owned by ICT SMART SOLUSNS DOOEL Skopje, a company for marketing and services, with registered office at 7699603, Skopje Blvd. 18/2-2 - reon 42, 1000 Skopje (the "Company" or "Controlloroot" or "we" or "us"), which as the controller of personal submissions has the responsibility for processing personal submissions of any visitor to the Website.

This Privacy Policy ("Policy") tells you how we collect and process personal submissions, as well as the methods by which submissions are collected and for which purposes the Company processes them for you.

By accessing our website, you acknowledge that you have read, understand and agree to this Policy. If you do not agree to this Policy, we ask that you do not access this website or deliver any personal submissions that could be used in connection with a credit application.

We can make amendments to the ovaa Policy. These amendments and additions shall be applied at the time of the adoption of the revised policy of the web country.

I. VOVED

1.1 Objectives of the Policy

The protection of natural persons in relation to the processing of personal data is the fundamental right of every natural person. We respect the privacy of natural persons and the privacy of legal persons who use our services and we protect the privacy of personal data that is processed in the course of using our services. The company is dedicated to respecting the rights of the subjects and taking all measures to protect their privacy.

1.2 Definitions and names

"Law", is the Law on the Protection of Personal Subjects (Official Gazette No. 42/20 with its successive amendments and supplements);
A "personal submission" is a collection of information that is made available to you, including submissions that have been subject to legal records and databases, and submissions that have been legally subject to third parties through whom you may be directly or indirectly identified, either on the basis of an identifier such as a first and last name, a mathematical number of digits, location passwords, an internet identifier, a telephone number or on the basis of one or more fields specific to your identity;
"Processing of Personal Submissions" means any operation or set of operations that may be performed on your Personal Submissions, whether automatically or otherwise, as applicable: collecting, imagining, organizing, structuring, hearing, adapting or changing, influencing, consulting, seeing, using, discovering, translating, converting or otherwise making available, reconciling or combining, limiting, breaking or reducing;
"Controller" means a natural or legal person, a public authority, a public body or a legal entity established by the State for the purpose of exercising certain powers, an agency or other body which, alone or jointly with others, controls the purposes and manner of processing your Personal Data;
The company is a controller and processes personal submissions, and in some cases processes personal submissions together with other controllers of personal submissions (sub-controllers) or direct processors of personal submissions;

"Personal data processor" means a natural or legal person who processes personal data on behalf of a controller;
The "Authority for the Protection of Personal Submissions", the Agency for the Protection of Personal Submissions ("APPS") is an autonomous and independent public authority, competent to supervise the legality of the activities of processing of personal submissions on the territory of the Republic of North Macedonia;
"Personal Complaints Officer", a person appointed by the Controller according to his professional ability and knowledge in the field of personal complaints. The position of the Personal Subjects Protection Officer ("PSPO") is at the highest level in the management of personal submissions as the Controller in terms of coordination of the processing, which is governed by the rights of the subjects of personal submissions.

II. ON THE PROCESSING OF PERSONAL DATA

With this Policy, we aim to inform all persons who access and/or use the website for the purpose of processing and collecting personal data about the persons to whom they may be found or made available, as well as that we implement technical and organizational measures to protect the personal data of those who use the website of the Company. When processing personal submissions, we shall honour them in the legally prescribed manner.

2.1 Lawfulness of the processing of personal data

We process personal data only if and to the extent that the subject of the personal data has consented to processing for one or more specific purposes; to the extent that the processing is necessary for the performance of a contract where the data subject is a party to the contract or to carry out the data subject's barring activities prior to his or her adherence to the contract; to the extent that the processing is necessary for the performance of a legal obligation of the controller; as long as the processing is necessary to protect the privacy interests of the subject of the personal data or of another natural person; to the extent that the processing is necessary for the performance of a task of legitimate interest or in the exercise of an official authority of the controller established by law, or to the extent that the processing is necessary for the purposes of the legitimate interests of the controller or of a third party, except where such interests do not override the interests or fundamental rights and freedoms of the subject of the personal data which are the subject of the personal data, in particular where the subject of the personal data is a child.

2.2 Rights of the subjects of personal submissions

2.2.1 Transparency

We take appropriate measures to secure the processing of all information that is submitted to the subject of personal submissions in a precise, transparent, understandable manner and in an easily accessible form, with the use of plain language, especially for information that is intended for a child. Information may be given in writing or by other means, including where appropriate by electronic means. In the case of the subject of personal submissions, the information may be given orally, provided that the identity of the subject of the personal submissions is proven by other means.

2.2.2 Right of attachment of the subject of personal submissions

You have the right to know at any time whether we are processing your personal data or personal data about you and to access the personal data and information about the purposes of the processing; the categories of personal data that are being processed; the recipients or categories of recipients to whom the personal data are or will be disclosed, especially recipients in third countries or international organisations; the time period for which personal whistleblowers are to be heard, and, if this is not possible, the criteria that are to be used to determine that period; the right to have personal data rectified or erased or to restrict the processing of personal data, including the right to object to such processing, and the right to have an automated process of detection, inclusion and profiling.

2.2.3 Right to repair and breeching

2.2.3.1 You have the right to ask and obtain from us, within 15 days from the date of submission of the barrage, a correction to the extent that there are inaccurate personal data, with the express right to supplement the inaccurate personal data by providing a supplementary statement.

2.2.3.2 You have the right to request and obtain from us, within 30 days from the date of submission of the request, to delete your personal data, as long as the personal data is no longer needed for the purposes for which it was collected or otherwise processed; as long as you consent to the processing; until you object to the processing where no legitimate purposes for the processing have been identified; until your personal data have been unlawfully processed; personal data must be erased in order to comply with a law established by law which is applicable to the controller; or until personal data have been collected in a country using the services of an IT service.

2.2.4 Right to restrict processing

You have the right to restrict the processing as long as the accuracy of the personal data is contested by the subject of the personal data, for a period that allows the controller to verify the accuracy of the personal data; if the processing is unlawful and the subject of the personal data objects to the reading of the personal data, where instead it restricts low-level use; for processing purposes, the controller has no further use of the personal files, but the subject of the personal files bars them from being used to replace, enhance or remove his legal rights, or as long as the subject of the personal data objects to the processing in order to verify whether the legitimate interests of the controller outweigh the interests of the subject of the personal data.

2.2.5 Right of subcontractors to carry

You, as the subject of personal data, have the right to obtain your personal data, which you have given to the controller in a structured, usually corrupt, machine-readable format, where you have the right to transfer these data to another controller without interference, unless: the processing is based on consent, or on a contractual obligation and the processing is carried out in an automated manner.

2.2.6 Right to a sentence

You, as the subject of personal data, have the right to lodge a complaint with the controller at any time, on the basis of a specific situation relating to you, against the processing of your personal data, including profiling. In most cases, we may no longer process personal data unless we can demonstrate that there are relevant legitimate processing interests that override your interests, rights and freedoms, or to defend, protect or defend our legal rights. To the extent that personal data is processed for direct marketing purposes, you have the right at any time to object to the processing of personal data in connection with any type of marketing that includes profiling to the extent that it is related to direct marketing.

2.3 Possible categories of personal subjects

The processing of personal categories of personal data is prohibited, unless such processing is permitted by law and in accordance with legal provisions.

2.4 Stuffiness and credulity

We protect personal data with strict respect to the applicable Macedonian regulations and the principles of the Law, as well as the framework set by the European Union directives on the protection of personal data (including the Directive (EU) 2016/679).

Your submissions are heard on our free servers or on the servers of our service providers or business partners (or in some cases, submissions are also heard in paper form, with the use of a soodvetna sphytina). Submissions are delivered and correlated in accordance with our (or our service providers' or business partners') non-profit policies and standards, sometimes in accordance with applicable laws and required non-profit measures.

If we cannot ensure that the transmission of submissions over the Internet, the Web or the Company is fully protected from unauthorized attacks, we and our business partners will endeavor to implement technical and organizational measures for the physical and personal protection and security of automated information systems in connection with your submissions in accordance with applicable laws.

2.5 Transmission to third countries

We process your personal contributions in the Republic of North Macedonia and the European Economic Area, but there could be cases in which we would have to transfer your personal contributions, and the truths would be processed, to a country above the European Economic Area.

2.6 Your rights in relation to the protection of personal data

You have all the rights in relation to your personal submissions, according to the processing headquarters, which you can verify via the bar, which you can submit in person, by post (including e-mail), telephone or fax. If your application or barrier has an acceptance number, it is considered, we confirm your identity and the right of what you want to test and we deliver it within 3 days of the acceptance of the barrier. In the case of a complex case or for the duration of the reception of multiple bars, the response period may be extended for additional 30 days of which you shall be notified. In the event of a barrack break, we will put in writing the reasons for the break.

The enforcement of these rights is subject to individual claims, for example in the case of the protection of our interests (e.g. the prevention of wrongful acts) or our interests or the rights and freedoms of third parties.

In case you are not satisfied with the way your submissions are processed or our response to the exercise of your rights, you have the right to lodge a complaint with the Agency for the Protection of Personal Submissions, located at ul. 18, Goce Delchev Str., Skopje, web side: https://dzlp.mk/prizlnlp. Please be so kind as to resolve the issue with us, if you have the right at any time to contact the Agency for the Protection of Personal Data Submitters.

III. ORGANISATION AND MANAGEMENT

3.1 Controller of personal feeders

The Company is responsible for the processing of personal data which it undertakes alone or together with other controllers where it has the responsibility to take measures to ensure and be able to demonstrate compliance with the personal data protection regulations.

The company may also process personal submissions in the role of processor when it has the role of credit intermediary of a banking or non-banking financial institution.

3.2 Internal rules

We apply organisational and technical measures to ensure and consistently be able to prove that the processing of personal data is in accordance with the legal requirements, and these measures are additionally applied whenever necessary.

IV. THE AGITATION OF THE POLICY

From time to time, we may amend this Policy. These changes shall be applied at the time of the adoption of the revised policy of the web country.