Project budget: 700 000 EUR
Foreseen duration: 15 months
On 1 June 2021 the Consortium composed of Croatian Personal Data Protection Agency, German Foundation for International Legal Cooperation (IRZ) and Central Finance and Contracting Agency (CFCA) started with the implementation of the project Support to the Implementation of the Modernised Data Protection Legal Framework in the Personal Data Protection Agency of the Republic of North Macedonia.
The leading member state in the project is the Republic of Croatia, Croatian Personal Data Protection Agency which will be co-operating with Central Finance and Contracting Agency (CFCA) and German Foundation for International Legal Cooperation (IRZ) acting as the Junior project partner. The beneficiary country is the Personal Data Protection Agency of the Republic of North Macedonia.
The Personal Data Protection Agency of North Macedonia, Croatian Personal Data Protection Agency and German Foundation for International Legal Cooperation (IRZ) are organising a kick-off meeting to present Twinning project “Support to the Implementation of the Modernised Data Protection Legal Framework in North Macedonia”. The event will be held in Skopje on 30 September 2021 from 10 a.m. to 2 p.m. During the event, high government officials, representatives from the EU delegation in North Macedonia, project leaders from Croatia, North Macedonia and Germany, as well as experts from North Macedonian, Croatian and German data protection authorities will present project objectives, specific project purpose, results to be achieved and activities to be implemented. The agenda of the event will follow soon.
Ensuring and implementing an adequate legal framework and harmonizing the national legislation with the EU legislation in the field of the personal data protection is highly important since it brings to the citizens a sense of security and trust that their personal data will be adequately protected.
The focus, priorities and interventions of this Twinning Project will be designed to be fully synergic with and addressing the principles and objectives relevant for personal data protection and will contribute to the performance of the Personal Data Protection Agency (PDPA) for implementation of the modernized data protection framework.
The overall objective of this project is to improve the protection of fundamental rights and the national system for personal data protection in the Republic of North Macedonia in accordance with the standards of the European Union acquis.
The specific objective of this project is to improve the performance of the Personal Data Protection Agency (PDPA) for the implementation of the modernized data protection framework through strengthening institutional capacities, legal and regulatory framework and public awareness on data protection.
COMPONENT 1 (Result 1) Legal and institutional framework for implementation of the novelties of the new Law for Personal Data Protection strengthened
At least 9 guidances for the following (non-exhaustive) topics: consent and transparency for personal data processing, the right to data portability, data protection impact assessment, data protection by design and by default, techniques of pseudonymisation and anonymization, processing of personal data for scientific and historical research and statistical purposes, international transfers of personal data, automated individual decision-making and profiling, controller-processor relations, maintaining records of processing activities and derogations will be developed.
Enhancing Standard Operating Procedures (SOPs) and other administrative documents for implementing new tasks and powers of PDP
Number of Standard Operating Procedures (SOPs) for effective performance of the new tasks and powers of PDPA (prior consultation, authorizations, data breach notifications, enforcement powers, accreditation and certification, transfer of personal data) will be developed.
Harmonization of sector regulation with the new data protection framework
Methodology for harmonization of sector legislation and data protection impact assessment sector regulation according to the Law on personal data protection, when drafting new legislation and making amendments, will be published on web site and delivered to ministries/or other relevant institution.
COMPONENT 2 (Result 2) Enhanced capacity of PDPA’s staff and relevant institutions to implement the new data protection framework according to European best practices
Our goal is to improve knowledge and best practices of PDPA’s staff and representatives from government institutions and law enforcement for implementation of the novelties of GDPR and EU Police Directive regarding: transparency, data subject rights, data breach notifications, privacy impact assessment, privacy by design and privacy by default, pseudonimisation and anonymization, accountability of data controllers, transfers of personal data to third countries or international organisations, procedures of accreditation and certification, new enforcement powers.
At least 8 trainings delivered about GDPR and EU Police Directive enhancing the knowledge of PDPA’s staff including representatives from judiciary, Ministry of internal affairs and other law enforcement authorities.
COMPONENT 3 (Result 3) Awareness about the rights and obligations of the new data protection framework improved
Our goal is to increase availability of tools and resources (templates, model documents, privacy notices, cookies policies) for data controllers/processors to comply with the new data protection framework on PDPA’s web page and social media.
To reach that goal, practical information and documentation toolkit (e.g. templates, model documents, privacy notices) to help data controllers/processors demonstrate accountability according to the new Law on personal data protection will be produced and published on PDPA’s web site.
In addition, practical information and templates for citizens how to protect their personal data and exercise data subject rights especially online and on social networks, direct marketing and telecommunications, data held by the police, health organizations, educational institutions, credit institutions will be produced and published on PDPA’s web site and social media.