In the period from 20 to 24th September, a short-term expert Marko Trošelj has conducted an expert mission within Component 3 of the EU-funded Twinning project “Support to the Implementation of the Modernised Data Protection Legal Framework” in Skopje. Together with colleagues from PDPA https://dzlp.mk/en, he developed a Guide on data transfers to third countries and international organisations, a Guide on codes of conduct and certification and a Guide on data protection in the financial sector.
The purpose of the guidelines is to help data controllers in North Macedonia to understand their obligations arising from the Law on Personal Data Protection and to facilitate the compliance with the Law. Marko also held meetings with the representatives of the financial institutions to get deeper insights into their needs and problems they are dealing with in relation to the new Law on Personal Data Protection https://lnkd.in/eEvbPJXN.
One of the topics of interest for the representatives of the financial sector is data protection impact assessment (DPIA). What they see as the main problem is the specific methodology on how to adequately carry out the procedure itself.
Furthermore, they are interested in the topics of the right to erasure and how to act on specific requests of data subjects when certain data is needed to be collected and retained for a certain period of time in accordance with a special law.
Also, the topics discussed within the awareness raising guidelines are the principle of minimization, data breach, data portability, data protection officer and legitimate interest assessment. Further topics discussed were whether consent is applicable in some processing activities, the question of anonymization, activities related to marketing and offering certain products to customers, for example through a telephone number available in the public directory.
We are very thankful to our colleagues from PDPA in North Macedonia for the wonderful cooperation and we are looking forward to new successful expert missions.