PRIVACY POLICY (GDPR – LEGALLY HARDENED)

Privacy Policy for Eco Logic

Last updated: January 2026.


This Privacy Policy governs the processing of personal data by Eco Logic, a
non-profit organization established in Skopje, North Macedonia (“Eco Logic”,
“we”, “us”, “our”), in compliance with the General Data Protection Regulation (EU)
2016/679 (“GDPR”) and applicable national data protection laws.

1. Data Controller

Eco Logic
Address: Branislav Nušić 13-1/17, 1000 Skopje, North Macedonia
Email: ecologic.mk@gmail.com


Eco Logic acts as the Data Controller within the meaning of Article 4(7) GDPR.

2. Scope of Application

This Policy applies to all personal data collected through:
Website: https://ecologic.mk

  • Email communications
  • Online forms
  • Cookies and tracking technologies

3. Categories of Personal Data

We may process:

  • Identity Data (name, surname)
  • Contact Data (email, phone)
  • Technical Data (IP address, browser type, device ID)
  • Usage Data (navigation behavior)
  • Communication Data (messages submitted)

4. Legal Bases for Processing

We process personal data strictly under:

  • Article 6(1)(a) – Consent
  • Article 6(1)(b) – Contractual necessity
  • Article 6(1)(c) – Legal obligation
  • Article 6(1)(f) – Legitimate interests

Legitimate interests include:

  • Website security
  • Service improvement
  • Organizational communication

5. Purpose of Processing

Your data is processed to:

  • Respond to inquiries
  • Provide organizational information
  • Improve website performance
  • Ensure compliance with legal obligations
  • Prevent fraud and misuse

6. Data Processing Agreements (DPA)

All third-party processors (hosting providers, analytics services, IT vendors) are
bound by Data Processing Agreements (DPAs) in accordance with Article 28
GDPR, ensuring:

  • Confidentiality obligations
  • Security measures
  • Sub-processor restrictions
  • Audit rights

7. International Data Transfers

Where data is transferred outside the EEA, we ensure compliance via:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions
  • Additional safeguards where required

8. Data Retention Policy

We retain personal data only as necessary:

  • Contact inquiries: up to 12 months
  • Legal obligations: as required by law
  • Analytics data: anonymized where possible

9. Data Subject Rights

Under GDPR, you have the right to:

  • Access (Art. 15)
  • Rectification (Art. 16)
  • Erasure (Art. 17)
  • Restriction (Art. 18)
  • Data portability (Art. 20)
  • Objection (Art. 21)

You may lodge complaints with the competent supervisory authority.

10. Security Measures

We implement:

  • Encryption (SSL/TLS)
  • Access controls
  • Data minimization
  • Regular security audits

11. Automated Decision-Making

We do not engage in automated decision-making or profiling under Article 22 GDPR.

12. Third-Party Links

We are not responsible for external websites’ privacy practices.

13. Policy Updates

We reserve the right to amend this Policy at any time.

14, Contact

ecologic.mk@gmail.com