Privacy Policy

This Privacy Policy explains how MEPSO AD (“MEPSO”, “we”) processes the personal data of users of the MEPSO Cyber Awareness training platform (the “Platform”). MEPSO guarantees the protection of personal data in accordance with the Law on Personal Data Protection and other applicable regulations of the Republic of North Macedonia, as well as the principles of the General Data Protection Regulation (GDPR).

Please read this Policy carefully to understand what data we collect, for what purposes, and what your rights are.

1. Data Controller

The data controller is MEPSO AD, headquartered in Skopje, Republic of North Macedonia. For any questions regarding data protection, you may contact the Personal Data Protection Officer at: obuka@mepso.com.mk.

2. Personal data we process

The Platform is an internal tool for training MEPSO employees and engaged persons. We process the following categories of data:

  • Account/identity data: name, work email, organizational unit/sector. This data is obtained from MEPSO’s corporate sign-in system (Microsoft Entra ID / SSO).
  • Training data: course enrolments, lesson and topic progress, test and quiz results, completion status, earned certificates, points and level from the gamification system.
  • Technical and security data: sign-in date and time, IP address, basic browser/device information, and activity log (audit log) records used for security and to prevent concurrent logins.

MEPSO does not process special categories of personal data (sensitive data) through this Platform.

3. Purposes and legal basis

We process personal data to:

  • deliver and record mandatory cyber-security awareness training;
  • track progress, assess, and issue certificates;
  • report training completion to the relevant MEPSO functions;
  • ensure the security and integrity of the Platform.

The legal basis is the performance of employment obligations and MEPSO’s legitimate interests as an employer, as well as compliance with legal obligations.

4. How data is collected

Most data is collected automatically when you access and use the Platform with your corporate account via secure sign-in (SSO). Additional data is generated as you complete the training (e.g., results and completions).

5. Sharing of data

Your data is available only to authorized persons at MEPSO (training administrators and sector supervisors) for the purposes stated above. Data may also be processed by service providers (e.g., Platform hosting) acting as processors, under contract and only on MEPSO’s instructions. We do not sell your data and do not share it for advertising purposes. Data may be disclosed to competent state authorities only on a legal basis.

6. Retention period

We retain personal data for the duration of your access to the Platform and for the period necessary to fulfil the purposes of this Policy, i.e., the period defined by MEPSO’s internal rules and applicable law (e.g., records of completed training and certificates). After that period, data is deleted or anonymized.

7. Data security

MEPSO applies appropriate technical and organizational measures to protect personal data, including corporate-identity sign-in with multi-factor authentication, encrypted communication (HTTPS), access control, and activity logging. Nonetheless, no transmission of data over the internet can be completely secure.

8. Your rights

As a data subject, you have the right to: request access to your data; request rectification, completion, or erasure; request restriction of or object to processing. Submit your request to the Personal Data Protection Officer at obuka@mepso.com.mk. MEPSO will respond within the legally prescribed deadlines.

9. Supervisory authority

If you believe your rights have been violated, you may file a request with the Agency for Personal Data Protection of the Republic of North Macedonia.

10. Changes to this Policy

This Policy may be updated from time to time. The amended version is published on this page and takes effect on the date of publication.

Last updated: June 2026.

error: Content is protected !!