Republic of North Macedonia: DZLP adopts rulebook on high risk personal data processing
The Directorate for Personal Data Protection ('DZLP') adopted, on 11 May 2020, the rulebook on high risk personal data processing activities ('the Rulebook'). In particular, the Rulebook prescribes the form and content of the data processing notification to DZLP for processing with high risk to the rights and freedoms of natural persons. In particular, the Rulebook outlines that the notification is comprised of two parts, distinguishing between requirements for legal and physical persons, and that organisations must include, among other things, the name of the data controller, tax number, description of the processing, address, telephone number, email address, and the name and contact details of the data protection officer. In addition, the Rulebook highlights that data controllers must keep records of processing activities and notify the DZLP of any changes to the information in the notification within 30 days from the date of the change.