Privacy policy

Privacy Policy of the Central Registry provides general information about processing of personal data when the users visit our website http://www.crm.com.mk /and/or when they are using one of our services. The Central Registry of the Republic of North Macedonia (hereinafter: CR) collects only those personal data that are necessary to perform the legal tasks and authorizations
For the protection against unauthorized access and use of personal data of its users and entities for which it stores /and processes data, the Central Registry undertakes all necessary technical and organizational measures, in accordance with: legislation and bylaws related to personal data protection, Rulebook on technical and organizational measures for ensuring the security and protection of the processing of personal data of the Central Registry, the Information Security Policy in the Central Registry and other documents adopted in this area.
Information related to the processing of personal data
-Controller of personal data is CR, with head office in Skopje on Blvd. Kuzman Josifovski Pitu no.1.
-Personal data are collected for specific, clear and legally determined purposes and are processed in a manner that is in accordance with those objective and in accordance with the Law on Personal Data Protection ("Official Gazette of RNM"issue No. 42 on 16 February 2020).
-Central Registry shall appliy technical and organizational measures for protection of personal data that provides:
Confidentiality - protection of data from unauthorized disclosure and access;
Integrity - ensuring accuracy and truthfulness, ie that the data cannot be modified in an unauthorized manner;
Availability - providing access to authorized users to information and information systems when needed;
Non-Repudiation - the assurance that someone cannot deny the validity of something.
 Central Registry collects data from:
- Users  with or without a user profile on the Central Registry website - http://www.crm.com.mk/ .
Central Registry automatically collects data which are used to analyze the visits on our website i.e. using of our website and the information security.  More information about cookies and how they are used, you can find in Cookies Policy on the following website.

-Legal entities and natural persons regarding the submission of applications for registration, amendment and/or deletion of requests for data and information from other registries maintained by the Central Registry and other services of CR.
In these applications/requests there are information about the submitter of the application/request and personal data of other persons involved in the application/request that are required to act in accordance with the legal regilations of the Central Registry.
-Natural persons that ask questions, request data and information, have complaints, compliments or other requests regarding the scope of work of the Central Registry.
These requests usually include personal data (for example: Name and Surname and information for contact), and they should be exclusively related to their need. The person who submits the request is the one who is fully responsible. For example: According to the Law on Free Access to Public Information or other law, submitters are required to submit certain data in order to process the requests for access to information.

Categories of data that are processing:
Data of website visits
- When a user visit the CR website( with or without a user profile), a log entries are created with the following data:
• IP address;
• User device from where he accesses, type and model;
• Operating system;
•  Web-Browser , plugins and version;
•  Pages the user visit on the CR website and the time his spends/use on each page;
URL of the website which redirected to CR website and in some cases the key words being used to find the CR website;
• Web Browser language they use;
•  Country;
•   Parameters used for searching data;
• Server logs are stored and regulated by internal regulations which are adopted in accordance with the positive legal regulations. For more details, the user may be informed at his request.
 Data that Users voluntarily submit
- Users who access the CR website can be divided into two categories. User with or without user profile 
• For users without a user profile, only the IP address of the user who access and use the services of the Central Registry is recorded.
• For users with a user profile, more data needs to be recorded besides the IP Address of the user for creating the user profile, since using the services of the Central Registry requires appropriate authentication( authentication of the user) and appropriate authorization ( determine the rights – authorizations for using resources.)  

- Data which the Central Registry collects from its users of the CR website are information which they have voluntarily submitted for specific objectives (applications for registration or requests for information from the registries), that will enable the Central Registry to exercise its legal rights regarding the services, customer care, complaints, compliments and comments by asking questions and/or suggestions on various topics in the scope of work of the Central Registry, as well as for inquiry, for providing feedback from the users or any other request for using services of the Central Registry.

Controller rights regarding mishandling personal data and abuse
If the Central  Registry determine abusive usage access to the website in order to illegally gain access to information and applications or to make the Central Registry website unavailable, in that case the recorded data can be used and submitted  to  the authorities responsible for detecting and sanctioning abuses linked to the illegal use of websites and cybercrime.

Collecting of Personal Data
Personal data are collected through various channels, including:
- Using the CR website, through the centralized user profile management system and all other information systems used for registration and distribution of data and information, i.e. for fulfilling the legally determined competencies of the CR;
- E - mail contact addresses of the Central Registry available on the website and
- Other contact forms available on the website.

Processing of Personal Data
-  Central Registry processes personal data for objectives determined by the law, in order to perform activities in accordance with the provisions of the Law on Personal Data Protection.
- Central Registry does not share data about the user and/or about his visit on the CR website, with third parties, except in the following cases:
• If the Central Registry hire external service providers as data processors and will oblige them to act according to the Central Registry Regulations and provide protection of the personal data while they are processing, when providing the services. 
On behalf of a court, police or other bodies to perform their duties only if there is legal basis for it.

Data Storage Life Span
The data which Central Registry collects are kept in accordance with the law and for a period required to achieve the purpose of processing the data, with timeframes determined for storage of personal data of the Central Registry.

The rights of the subject regarding the processing of personal data are:
- To be informed about the processing of personal data or the right to be informed about the processing of personal data;
-the right to access personal data;
- the right to rectification (correction) and erasure of personal data;
- the right to restrict the processing of personal data;
- the right to object;
- For any additional information regarding the exercise of the right for protection of your personal data, visitors or users may contact the Data Protection Officer of the Central Registry, whose contact information are published on the website.

The right to submit complaints to the Central Registry
- If by any means it is considered that the Central Registry violets the provisions of the Law on Personal Data Protection, the subject has the right to submit complain to the Central Registry, according to the Law on Personal Data Protection.
- The subject may submit the complain through the CR website or the contact information published in the CONTACT section.

 Changes of Privacy Policy
- Our Privacy Policy shall be regularly changed and harmonized in accordance with the changes have occurred and with the legal changes.

Protection against mishandling and abuse
The Central Registry undertakes all necessary technical and organizational measures to protect personal data from unauthorized access as well as their misuse, using regular controls and the latest technological mechanisms in this area.
Information management Policy of the Central Registry.
Data Protection Officer – Angela Sazdova-Doneva- 02/3288187  Angela.S.Doneva@crm.org.mk