Pursuant to Article 231 of the Law on trade Companies, Article 22 of the Agreement for Establishment of Company “Comfy-Angel” Prilep DOO, provisions of the Law on Personal Data Protection, as well as bylaws of the Agency for Personal Data Protection, provisions of the Law on Electronic Communications, Managers of the Company on 31.12.2021, adopted the following:

PRIVACY POLICY

1. Controller of personal data collections
       1) Controller of personal data is „Comfy-Angel“, Prilep DOO (hereinafter Controller), based in Prilep on str.„Aleksandar Makedonski“ no.1г/13, Republic of North Macedonia, with company ID         (EMBS) 5885086, Tax no.(EDB) 4021004142979.
       2) The Controller is a limited liability company established in accordance with the provisions of the Law on Trade Companies and registered in the single trade register kept by the Central            Register of the Republic of North Macedonia.
       3) The personal data are processed in accordance with the provisions of the Law on Personal Data Protection, the bylaws of the Agency for Personal Data protection and the acts for technical an organizational measure for personal data processing of the Controller. Additionally, the Controller strives to apply acts arising from the regulatory bodies of the European Union, certainly those relating to the protection of personal data processing.

2. Personal data protection policy 

- Which data are collected and how;

- How are your information used;
- How do we protect your data;
- Who do we share your information with;

2.1. Which data are collected and how?

       1) Your privacy is important to us, so we only collect the information needed for:
       - Providing conditions and support;
       - Improving you experience;
       - Improving the service and informing about the new services that we are developing for you;
       - Compliance with the legal regulations.

      2) The data that you give by entering in the forms when using the services, are     automatically collected when you use our website or we receive them           from external sources when you use the service of an external partner of the user (eg. Receipt for payment, etc.)
      3) We collect the data you enter when:
      - Register, fill out surveys, questionnaires, and other online forms,
      - Providing support, advice or responding to complaints,
      - Payment for services or refunds,
     - Navigation data – during the visit of Controller’s website for each visitor log the following data are created:
             - Internet Protocol (IP) address;
             - The accessing device, type and model;
             - Operating system;
             - Type of browser, plugins and version;
             - Pages visited on the website and the time spent on each page;
             - URL of the page that takes you to the Controller`s website and, in some  cases, the terms you used to search the Controller`s website;
             - Language of the browser that was used;
             - Country (specified by the IP address).
       4) Thereby, we collect your name, address, contact information, e-mail, and other information that you enter.
       5) We request a special permit for the collection and processing of special categories of personal data, such as sexual orientation, health condition, religion, religious affiliation and similar.
       6) The data we collect or process, we cannot know if they refer to children, and if we find out that we process such data, we will close the account and initiate deletion of the data. In case when guardian of the person whose data we are processing, contacts us and the guardian can be identified or has access to personal data, we can change the data upon his written request.

2.2. How are your information used?

     1) Collected data, as well as data that we detect through the provision of services are processed only for the following purposes:

   - to provide information and assistance,
   - to facilitate the using of services on the Controller`s website,
   - to conduct surveys and adapt to your needs,
   - to inform you about the new services and service updates,
   - to provide information on events and special offers of the Controller,
   - to provide information from our partners that might be of your interest,
   - to prevent fraud or other prohibited or illegal activities.

2.3. How do we protect your data?

     1) The Controller is fully committed to protecting your data from unauthorized access, detection, and deletion, regardless of where they are stored or processed, or the format they are on.
     2) The Controller applies recognized information security standards: 
    - implements technical and organizational protection measures based on risk assessment,
    - checks the collection of information, methods of storage and processing,
    - where possible the data are pseudonymized and anonymized,
    - measures are taken that can identify and/or prevent unauthorized collection and misuse of personal data and reduce potential harm.
     3) In accordance with the Law on Personal Data Protection, the Controller shall take all technical and organizational measures for protection against accidental or illegal destruction of     personal data, their accidental loss, modifying, unauthorized disclosure or access. At the same time, we warn of the possibility of misuse of your data by third-party unauthorized persons, who received them illegally, for which we request to be informed immediately. In the contrary all the risks of abuse are on you.
     4) It is not allowed to collect personal information through other users such as e-mail addresses, telephone numbers or to receive or receiving them in any other way without a prior consent of the users. It is also not allowed to copy, modify, or expand the content of advertisements of other persons. If you notice any abuse, please let us know immediately so we can take appropriate actions.

2.4. Who do we share your information with?

    1) Third parties will process your data only:

    - for the purposes of providing services of the Controller such as: payment services, data analyses, delivery of electronic or territorial mail, customer support services, data validation and similar;

    - for the purposes of providing services of the webpage such as: hosting, IT services, accounting services and services or lawyers, auditors and other consultants.

    - if the data transfer is regulated by the law in other to:

            - comply with relevant laws, bylaws, or other regulations,
            - detect, prevent, and resolve fraud and security or technical difficulties related to user`s web site or user’s personal data.
   2) All persons that have access to your data have an obligation to maintain the confidentiality within the agreed confidentiality, as well as the implementation of organizational and technical protection measures.

    3) The Controller can share your data for own and other persons protection. The Controller reserves the right to disclose your personal information if it is required by law and when he believes that disclosure is necessary to protect his rights and/or in accordance with a court proceeding, court order, or legal process related to our web site.

For more information on transferring data to third parties, send a request via e-mail: aleksandarjov@comfy-angel.com.mk.

Deadline for storage of collected data
The data we collect are stored in accordance with the positive regulations and the period required to achieve the objective of processing and are determined in the (review) with deadlines for storage of personal data of the Controller.

4. What are your rights for protection of personal data?
     1) Your rights regarding the processing of personal data are:
      - Right to be informed about processing of personal data,
      - Right to access personal data,
      - Right to correct and delete personal data,
      - Right to restrict the processing of personal data,
      - Right to object
     2) If your data can be used for advertising material or similar, we will ask for a written consent from you in advance, and you have the right to immediately inform us about your request that the data should not be used for such purposes.
    3) For additional information and/or applying your rights for personal data protection, you can contact the Personal Data Protection Officer – Aleksandar Jovanovski on the following e-mail: aleksandarjov@comfy-angel.com.mk or on the telephone number 075/361-499.

5. Right to submit a request to the Agency for Personal Data Protection
      1) If there are grounds for suspicion that the manner in which the Controller processes personal data violets the provisions of the Law on Personal Data Protection, the persons may submit a request to the Agency for Personal Data Protection as a supervisory body, which will be acted upon as per any other submitted request, in accordance with the provisions of the Law on Personal Data Protection and the bylaws of the Insurance Supervision Agency.

6. Updating the privacy policy
     1) The privacy policy will be regularly modified and updated in accordance with the changes and activities of the Controller.

7. Displaying the privacy policy
     1) This privacy policy will be displayed on the official internet web page of the Controller.

8. Other information
     1) Please carefully read the Privacy Policy. Your use and/or registration on any section of the web site means that you accept our Privacy Policy. If you do not agree to this Privacy Policy, please do not use the web site. Your use of this web site implies that you accept the possible changes of the Privacy Policy.