KB First Pension Company a.d. Skopje (hereinafter: the Company) in accordance with its business activity, also performs personal data processing in accordance with the applicable regulations in the R.N. Macedonia.
The personal data collected by the Company in the role of a Controller, which are further subject to processing, are collected only for purposes determined by law, and for each other purpose the Controller provides a separate Statement of Consent for processing personal data by the personal data subjects.
In compliance with the law, the Company, within its primary activity, has the obligation to inform its members about their rights regarding the pension insurance, as well as about information related to their status in the Company, changes in the legislation, the movement at the financial markets, realized yields, collected fees and other information related to the pension system. In the processing of personal data, the Company uses appropriate techniques and organizational measures in order to ensure protection of their processing.
In this regard, the Company currently conducts regular internal controls, external audits, vulnerability assessment and penetration tests that determine and confirm the level of confidentiality, reliability, integrity and availability of IS and data processed within it.
The time limitations for the storage of the processed data are defined in accordance with the law and internal acts, and after the expiration of the time limitations for storage, the data are destroyed in accordance with the stipulated internal procedures.
The Company strives to provide as up-to-date data as possible from the personal data subjects in order to inform them in a timely manner.
The collections of personal data processed by the Company are reported in the central register of the +al Data Protection Agency of the Republic of North Macedonia (hereinafter: AZLP), and for every change the Company additionally notifies the AZLP, in accordance with the Law..
Regarding the personal data processing, the Company gives special authorizations for the processing to the persons who have a contracted business relationship with the Company. These authorized persons, before starting their work and at the same time by organizing continuous trainings, get acquainted with the protection of personal data processing.
The authorized persons have personally signed a Statement on confidentiality and protection of personal data processing.
When using the personal account portal, the Company collects the following categories of data from the persons who log in: username, password (non-legible form), IP address, date and time of login. The exchange of data between the portal of the Company and the persons logging in to the portal (example: username and password) takes place via an encrypted connection (https). Pursuant to the Law, each member and retired member of the funds, managed by the Company, shall receive an appropriate username and password to log in to the portal.
Using the contact form, the subjects submit the following data to the Company: name and surname, e-mail, telephone. The exchange of data between the website (contact form) of the Company and the subjects entering the data in the form, takes place through an encrypted connection (https). The data provided to the Company through this form will be used only for communication with the provider of the data regarding their message.
This service is used to obtain general information about the pension system, information about the Company, as well as to obtain information about the status of the subjects who are members of some of the funds managed by the Company. The data provided to the Company through the chat, will be used only to communicate with the provider of the data regarding their message.
This service is used to obtain general information about the pension system, information about the Company, as well as to obtain information about the status of the subjects who are members of some of the funds managed by the Company. All calls to the contact phone of the Company, according to a written letter from MAPAS, are recorded in order to control the quality of service and improve the information knowledge of the members. In this regard, AZLP has adopted a special decision approving the processing of biometric data, performed by authorized persons in the Company.
According to the Law on Personal Data Protection, you have rights that we are obliged to inform you about. The rights available to you depend on the purpose, i.e. the reason for processing your personal data. You can find more information on this topic on the website of the Agency for Personal Data Protection www.dzlp.mk , i.e. you can ask a question to our personal data protection officer at email@example.com or to the competent state body, i.e. regulatory body at firstname.lastname@example.org.
In addition, you can find the basic information regarding the mentioned rights:
You have the right to request copies of your personal information from us. This right always applies. There are some exceptions, according to the law, meaning that you cannot always get all the information we process.
You have the right to ask from us to correct information you think is incorrect. You also have the right to ask us to complete information that you think is incomplete. This right always applies.
In certain circumstances, you have the right to ask us to delete your personal data. This right applies only under certain conditions in accordance with the law.
You have the right to ask us to restrict or discontinue the processing of your personal data in certain circumstances in accordance with the law.
You have the right to object the processing only if the processing of your personal data is not part of our legal obligations or is in our legitimate interest.
This applies solely to the information you provide to us. You have the right to ask us to transfer the information, i.e. the personal data that you give us, from one organization to another (controller) or to give it to you. This right applies only if we process personal data based on your consent, or in the process of concluding an agreement where you are one party, i.e. if the processing is automated or if we process your data for the purpose of implementing the legal obligations in the field of criminal law and procedure.
You will not be required to pay any fee or compensation for exercising the abovementioned rights, unless, depending on your request, it is associated with a particularly large number of operations or activities related to fiscal implications of which you will be informed in advance. Regarding the abovementioned, certain exceptions are stipulated in compliance with the Law on Personal Data Protection. In order to exercise your rights, in accordance with the indicated regulation, i.e. acting upon your request, we have a period of one month to respond in compliance with the law.
We work to high standards when it comes to processing your personal data, however should you have any questions or problems, feel free to contact us at email@example.com and we will be pleased to answer.
If in any case your dissatisfaction continues, you can file a complaint about the way we process your personal data to the Agency for Personal Data Protection at firstname.lastname@example.org.
Relevant forms related to the rights of personal data subjects are available on the website of the Company in the section „Documents for members”.
The Company does not perform profiling of the subjects of personal data for any purpose..
The company can perform direct marketing only with the prior consent of the personal data subjects.
Cookies are small files used to collect information that allow recognition of your computer or device during your next visit to our website, thus allowing faster access. Also, in certain cases, we write information in the form of “Cookies” on your computer, or other device you use in order to adjust the visit to the websites according to your needs and habits.
All information stored within the “Cookies” will be used only for the needs of the website in a way that your privacy will not be endangered, nor compromised.
When you visit our website, we may collect some other information or data from your search, such as the IP address, the content of the Company website that you have visited, when you have visited it and from which website you have been redirected.
When you visit our website we use a third party service – Google Analytics to collect standard access information and details of visitors’ behaviour, but in a way that no one can be identified, nor is Google allowed to reveal the identity of those who visited our website.
We use persistent cookies, which remember the search/session when the user shuts down the browser, in order to maintain the user’s status.
When you first access our website, you have the opportunity to get acquainted with the type of cookies and the opportunity to choose what cookies you will allow to be placed on your device. For this purpose, a special window (pop-up) appears with information about cookies.
You can also choose cookies through the option – Cookie settings, on the home screen of the Company’s website.
The “Help” menu in the Internet browser toolbar of your computer provides the following user information:
There is a lot of information about cookies in case you want to read more, such as: www.allaboutcookies.org (in English).
For example, if you are using Internet Explorer version 11.0, you must do the following:
The company does not perform video surveillance in any form.
The Company provides personal data of the personal data subjects only to entities with which it has a contracted business relationship and it has concluded an Agreement for security of information system and protection of personal data processing where the manner and conditions for their processing are regulated in detail.
Pursuant to the Law on Personal Data Protection, other countries are countries where an appropriate level of personal data protection is provided, i.e. these are EU member states or member states of the European Economic Area. The Company may transfer personal data for the purpose of fulfilling an Agreement, in the interest of the personal data subject, between the Controller and a third party in an EU Member States or European Economic Area member states.
In case of a security incident, disclosure or loss of personal data, the Company, if it has contact data, informs the affected personal data subjects about the incident, and in case of a larger incident, the Company informs about it through a public announcement or through an appropriate publication on its website, no later than 72 hours after learning of the incident.
The Facebook component is integrated on our website. Facebook is a social network – a place for social meetings on the Internet that allows users to communicate with each other in cyberspace. The social network can serve as a platform for exchanging opinions and experiences or for obtaining personal or business information. Facebook allows users to create private profiles, post photos, and connect through friend requests.
Facebook, Inc., 1 Hacker Way, Menlo Park, California 94025, United States of America (USA) is a data controller of the US and Canadian subjects. If the subject resides outside of the USA or Canada, the controller is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.
Whenever you visit our website, which has the Facebook component integrated (Facebook plug-in), the web browser of your information system is automatically prompted to send an overview of the relevant Facebook component. An overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/. During this technical process, Facebook gets information about which website you have visited.
Facebook always receives information about visiting our website when you are logged in to Facebook while visiting our website. If you do not want this information to be shared on Facebook, sign out of your Facebook account before visiting our website.
The data protection guide posted by Facebook is available at https://facebook.com/about/privacy/. It contains information about the collection, processing and use of personal data by Facebook. In addition, it explains what settings Facebook offers to protect your privacy. Additionally, various settings options are available to disable Facebook data transfer.
The Instagram component is integrated on our website. Instagram is a service that can be described as an audio-visual platform allowing users to share photos and videos, as well as spread such data on other social networks.
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland is the controller of personal data processed via Instagram.
Whenever you visit our website, which integrates the Instagram component (Insta button), the web browser of the user’s information system automatically requests an overview from the relevant Instagram component. During this technical procedure, Instagram knows which website you have visited.
If you are logged in to Instagram at the same time, Instagram detects all the visits to our website by you and the total time spent on our website. These data are collected through the Instagram component and linked to your Instagram account. If you click the Instagram button integrated on our website, Instagram links this data to your personal Instagram account and saves the personal data.
Instagram receives information through the Instagram component that you have visited our website, provided you are logged in to Instagram at the same time as you visit our website. It happens regardless of whether you clicked the Instagram button or not. If you do not want this information to be shared on Instagram, sign out of your Instagram account before visiting our website.
Additional information and applicable provisions for the protection of personal data on Instagram can be found at the following link:
The YouTube component is integrated on our website. YouTube is an Internet video portal that allows you to publish videos for free, as well as watch, view and comment on them for free. YouTube allows you to post all kinds of videos, and at the same time you can have full access to movies, TV shows, music videos, announcements and videos made by users through the Internet portal.
Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland is a controller of personal data processed via YouTube.
Each time you click on one of the separate pages on this Web site, which is managed by the controller and has an integrated YouTube component (YouTube video), the web browser of the user’s information system is automatically requested to download the relevant YouTube component. More information about YouTube can be found at https://www.youtube.com/about/.
YouTube and Google will receive information through the YouTube component that the personal data subject has visited our website, if the personal data subject is logged in to YouTube during the visit to our web site; this happens regardless of whether the person clicked a video on YouTube or not. If the personal data subject does not want this information to be transmitted to YouTube and Google, they should log out of their own YouTube account before visiting our website.
The Google Analytics component is integrated on our website. Google Analytics is a web analytics service for collection and analyses of web site user behaviour data. Among other things, information is collected about the website of the user (so-called Referrer), as well as how often and how long the visit to the website lasts. Web analytics is mainly used to optimize the website.
The company that provides the Google Analytics component is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.
Google Analytics places a cookie on the user’s information system. The definition of cookies is explained above. By setting a cookie, Google can analyse the use of our website. The cookie is used to collect and store personal data, such as access time, access point and frequency of visits to our website by the user. With each visit to our website, such personal information, including the IP address used by the user to access the Internet, will be transmitted to Google in the USA and stored by Google in the USA. Google may transfer this personal information to third parties.
By properly adjusting the browser you can prevent the placement of cookies through our website, but also permanently prohibit the placement of cookies. This customization of the browser would also prevent Google Analytics from placing cookies on your information system. Additionally, cookies already used by Google Analytics can be deleted at any time through a web browser or other software program.
Additional information and applicable data protection provisions from Google can be downloaded at:
Google Analytics is further explained at the following link:
The servers of the KB First Pension Company’s website are in the Republic of North Macedonia, meaning there is no transfer of personal data performed.
This Policy shall enter into force on the day of its adoption. This Policy, as well as its new and/or modified versions, will be made public on the Company’s website.