PHONE NUMBER
+389 (0) 2 2532 000
Privacy Policy
This Privacy Policy describes the approach of OKTA AD-Skopje (hereinafter referred to as "OKTA") to the processing of personal data. It has been prepared with the aim of informing you in a transparent and clear manner about how we collect, use, and process your personal data, regardless of whether you are a user of our website, a buyer/potential buyer, a supplier of goods and services, a project contractor, a visitor to our premises, a collaborator, a contracting party, etc. The personal data collected and processed by individuals employed at fuel stations that are part of the retail network under the OKTA brand, although owned and operated by our partners, are also subject to this Privacy Policy, and the processing is carried out in accordance with the conditions and measures defined in this policy.
WHAT IS PERSONAL DATA?
Personal data is information that relates to you as an individual, for example: name and surname, address, unique identification number, phone number, location data, email, online identifier, i.e., personal data is any information through which a specific individual can be identified directly or indirectly.
WHO IS RESPONSIBLE FOR THE PROCESSING OF PERSONAL DATA?
OKTA is part of the Hellenic Group (HellenIQ Energy), a leading energy group in the region, and this policy applies to all personal data processed by OKTA as a member of this group.
OKTA, headquartered at Street 1, No. 25 Miladinovci, Skopje is the controller of the personal data processed through this website and when using our products. This responsibility applies to all methods of processing, including data of our clients, visitors, contractors, associates, truck drivers, as well as other persons whose personal data we process as part of our business activities.
The provision of any information or content by you as a personal data subject is voluntary and is subject to this Privacy Policy.
The Policy governs the right to privacy and the security of personal data that is subject to processing. This Privacy Policy may be updated. You will be notified of any changes in a manner determined by OKTA, either by email or by posting the updated version of this Policy on the website.
For questions related to the processing of your personal data, you can contact our Data Protection Officer, Marija Peshevska-Stanishikj, at the following email: MPeshevskaStanishikj@helpe.gr and/or at the phone number 02 2532 150.
By visiting our website, you acknowledge that you are aware of and agree with the content of our Privacy Policy.
WHOSE PERSONAL DATA DO WE PROCESS?
We may process data relating to the following categories of individuals:
• Visitors to our website https://www.okta-elpe.com/
• Buyers/potential buyers - wholesale
• Project contractors
• Truck drivers
• Suppliers of goods and services
• Contractors
• Associates
• Individual service providers who are natural persons (consultants)
• Visitors to our premises
• Buyers/users of OKTA fuel station
• Individuals employed at fuel stations that are part of the retail network under the OKTA brand
WHAT PERSONAL DATA DO WE COLLECT?
Data collected through visits to the website: information about connection/login, website visitor’s online activity data, IP address of the website visitor, device information.
Data about employees of service providers, buyers and potential buyers, project contractors, suppliers of goods and services, contractors, associates who are legal entities: name, surname, address, contact details (phone number, email), ID card number and job position, legal entity, type of contract and service, data for providing the service.
Data on individual service providers (natural persons/consultants): full name, address, Unique Identification Number, payment information, type of contract and service, service provision details, financial and tax information.
Data for identification of truck drivers: name, surname, phone number, vehicle registration plates (the truck), driver’s license number, passport number, and ADR permit.
Data collected during procedures related to the selection of suppliers of the Company (tender procedures and evaluation processes) for suppliers, authorized representatives, employees, subcontractors, and contact persons of suppliers—their agents: name, surname, age, work experience, information about vehicles used for transporting the company’s products (driver’s license number, ADR permit, vehicle registration, insurance policy).
Data collected when entering OKTA’s premises: ID card number or passport number, vehicle registration plate number, time and date of entry and exit.
Data from video surveillance collected during visits to our premises. Notices regarding video surveillance are posted in the premises, as well as general information regarding the video monitoring.
Data collected through the use of services at our fuel station: name, surname (if required), transaction information (e.g., payment method, amount), and contact details if voluntarily provided.
Your personal data is processed in accordance with the applicable legal regulations in the Republic of North Macedonia.
WHERE ARE PERSONAL DATA COLLECTED FROM?
Personal data are collected directly from you, through the completion of various company forms, exchange of business cards, by phone, through documents you send to the Company, through electronic communication (website, via our email: okta.info@helpe.gr), or when you otherwise communicate with us.
Personal data are also collected from other sources, for example from third parties with whom you have not had previous communication or do not have a recognizable relationship. Additionally, for the purposes of risk assessment and compliance, the company may collect personal data from third parties such as LexisNexis.
FOR WHAT PURPOSE DO WE USE PERSONAL DATA?
• To fulfill contractual obligations and effectively provide trade in solid, liquid, and gaseous fuels and similar products.
• To manage the risks of the business.
• To fulfill legal obligations for taxation and accounting, and compliance with product quality regulations.
• To protect the company’s property (facilities, infrastructure, equipment, etc.).
• To research and monitor user behavior, habits, and interests, to analyze advertising effectiveness, for statistical purposes, and to improve the services offered.
LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
The processing of your personal data is always carried out on an appropriate legal basis, in accordance with applicable regulations. The legal basis may be:
• Performance of a contract: This applies when personal data are needed for the conclusion, execution, and management of a contract between OKTA and our suppliers, clients, partners, contractors, etc. For example, when a supplier provides us with data about their employees, drivers, or authorized representatives so that we can fulfill contractual obligations between our companies.
• Your consent – This applies when you provide your personal data and agree for us to process it for marketing communication, information sharing, and promotional activities. For example:
1. OKTA may process and use publicly posted comments, opinions, or other content that users leave on the company’s official social media profiles (e.g., Instagram, LinkedIn), exclusively after obtaining explicit prior consent from the author of the comment. This consent also applies to the use of personal data for identification, preferences, and contact purposes, in order to determine which services and marketing promotions may be of interest to you, as well as for conducting marketing, promotional, or communication activities. Consent is always requested and documented before any use. You have the right to withdraw your consent at any time and request that your comment or personal data no longer be used, after which we will act without delay. Additionally, to withdraw your consent for marketing offers, you may send a message to the following email: MPeshevskaStanishikj@helpe.gr and contact our Data Protection Officer.
2. We may store certain cookies on your device. Cookies are small text files placed on your device by websites you visit. We may place analytical cookies (also known as performance cookies, which measure/record your interaction with our website to help us make improvements) on your device. Please refer to our Cookie Policy on our website for more information about the different types of cookies we use and their purpose.
• Our legitimate interests: This applies when you provide us with your personal data and we use them to:
1. Ensure our website is safe and secure and it functions properly
2. Respond to your questions and requests.
3. Exercise any legal claims or for statistical purposes.
4. Provide physical security, protect property through access control systems to our premises and video surveillance.
5. Manage suppliers of goods and services and other business-related activities, as well as for internal administrative purposes.
6. Monitor compliance with Company practices and procedures.
7. Manage business operations and processes, including planning and organizing work, investments, analysis, and sales development.
• To comply with a specific legal obligation – This refers, for example, to cases where OKTA processes and archives personal data included in contracts with suppliers/clients, etc. (name, surname, signature, positions of authorized persons) to fulfill legal obligations under the legislation of the Republic of North Macedonia. Specifically, we are legally required to retain contracts for a certain period for tax, accounting, and archiving purposes.
WHO CAN ACCESS THE DATA?
We would like to emphasize that OKTA processes your personal data with the highest level of responsibility and transparency, and such data is never sold. Access may only be granted to authorized persons, members of the Group, or trusted partners, and only when necessary to fulfill legal obligations, contractual purposes, or the legitimate interests of the company, always in accordance with applicable data protection laws.
The access to personal data is controlled based on the need-to-know principle. This means that the access to the personal data will be assigned only to those persons and departments within OKTA who need it to perform their work tasks, provide services, or fulfill legal and contractual obligations. Where permitted, OKTA may share some of your personal data, including data collected through cookies, to reconcile and update the information you share with us, perform statistics based on your characteristics, and tailor its communications to you.
Your personal data may also be processed on our behalf by our trusted suppliers (third parties).
We always strive to ensure that all third parties we work with keep your personal data secure and use it exclusively for the purposes for which it was entrusted, in accordance with our written instructions and applicable laws. For example, we may entrust services that require the processing of your personal data to:
• Advertising, marketing, digital, and social media agencies to help us conduct promotions, marketing, and campaigns, as well as to analyze their effectiveness;
• Third parties who assist us in providing IT services, such as platform providers, hosting services, database maintenance and support, as well as our software and applications;
• Independent third parties, telecommunications operators, marketing partners, as well as competent authorities who have legal authorizations and may use personal data for their own purposes.
Our relationship with third parties is regulated based on a legally binding contract, which stipulates that appropriate security and safety measures for your personal data are taken.
TRANSFER OF PERSONAL DATA
Personal data will not be transferred to third countries outside the European Union, NATO, or the European Economic Area.
In cases where OKTA transfers personal data to third countries outside the borders of the European Union, NATO, or the European Economic Area, appropriate measures are taken and applied to protect your data, such as the conclusion of data processing agreements (standard contractual clauses issued by the European Commission or the Data Protection Agency, other contractual clauses, or protective mechanisms).
HOW LONG WILL THE DATA BE RETAINED?
We will retain your personal data only as long as necessary to fulfill the purposes for which it was collected and to meet legal and business obligations. We determine the retention period based on several factors to ensure that data is not kept longer than necessary. These factors include:
• The purpose for which we process your personal data;
• Our legal and regulatory obligations related to that personal data, for example, obligations arising from financial operations and financial reporting;
• Any request from you to delete your personal data; and
• Our legitimate interests in managing our own rights, for example, defending any legal claims or for statistical purposes.
When we no longer need to use your personal data, it will be removed from our systems and records or anonymized so that you can no longer be identified through it.
RIGHTS OF DATA SUBJECTS
One of the fundamental principles of the Law on Personal Data Protection is the protection of the rights of data subjects. In this context, you as data subjects have the following rights:
• Right to be informed about the processing of your personal data: To be clearly and transparently informed about how and why your personal data is processed;
• Right of access to personal data: To obtain confirmation whether and which of your personal data is being processed and to receive a copy of that data;
• Right to rectification: To request correction of inaccurate or incomplete personal data relating to you;
• Right to erasure (“right to be forgotten”): To request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, when you withdraw your consent, or when processing is unlawful;
• Right to restriction of processing: To request restriction of the processing of your personal data in certain cases (for example, when you contest the accuracy of the data or when processing is unlawful but you do not want deletion and request restriction of its use, when it is no longer necessary for us to keep it but it is needed for you to exercise legal claims, when you object to processing based on our legitimate interests until it is verified that those interests override your interests as a data subject);
• Right to object to the processing of personal data: To object to the processing of your personal data, especially when processing is based on legitimate interest or is used for direct marketing purposes;
• Right not to be subject to automated decision-making, including profiling: Not to be subject to a decision based solely on automated processing, unless necessary for the conclusion or performance of a contract, permitted by law, or based on your explicit consent;
• Right to data portability: To receive your personal data in a structured, machine-readable format or to have it transferred to another company, when provided in an automated manner, based on a contract or your consent.
For additional information and/or to exercise your rights regarding personal data protection, you can contact our Data Protection Officer, Marija Peshevska-Stanishikj, at the following email: MPeshevskaStanishikj@helpe.gr and/or at the phone number 02 2532 150.
Requests for exercising personal data rights:
• Form No.1 – Request for access to personal data
• Form No.2 – Request for rectification of personal data
• Form No.3 – Request for erasure of personal data processing
• Form No.4 – Request for restriction of personal data processing
• Form No.5 – Request for data portability
• Form No.6 – Request for withdrawal of consent for personal data processing
• Form No.7 – Objection to personal data processing
RIGHT TO COMPLAIN TO THE PERSONAL DATA PROTECTION AGENCY
If you believe your right to personal data protection has been violated, you can submit a complaint to the Personal Data Protection Agency (PDPA) regarding the processing of your personal data. The complaint can be submitted by sending a request to the PDPA via the email address: info@privacy.mk or through their website: https://dzlp.mk/prizlnlp.
CHANGES TO THE PRIVACY POLICY
Our aim is to regularly review and update the content of this Privacy Policy to remain aligned with relevant legal and regulatory requirements and to ensure optimal protection of personal data. Any further changes to the Policy, according to changes in the company’s processes and activities, will be published on this website.
July 2025
This Privacy Policy describes the approach of OKTA AD-Skopje (hereinafter referred to as "OKTA") to the processing of personal data. It has been prepared with the aim of informing you in a transparent and clear manner about how we collect, use, and process your personal data, regardless of whether you are a user of our website, a buyer/potential buyer, a supplier of goods and services, a project contractor, a visitor to our premises, a collaborator, a contracting party, etc. The personal data collected and processed by individuals employed at fuel stations that are part of the retail network under the OKTA brand, although owned and operated by our partners, are also subject to this Privacy Policy, and the processing is carried out in accordance with the conditions and measures defined in this policy.
WHAT IS PERSONAL DATA?
Personal data is information that relates to you as an individual, for example: name and surname, address, unique identification number, phone number, location data, email, online identifier, i.e., personal data is any information through which a specific individual can be identified directly or indirectly.
WHO IS RESPONSIBLE FOR THE PROCESSING OF PERSONAL DATA?
OKTA is part of the Hellenic Group (HellenIQ Energy), a leading energy group in the region, and this policy applies to all personal data processed by OKTA as a member of this group.
OKTA, headquartered at Street 1, No. 25 Miladinovci, Skopje is the controller of the personal data processed through this website and when using our products. This responsibility applies to all methods of processing, including data of our clients, visitors, contractors, associates, truck drivers, as well as other persons whose personal data we process as part of our business activities.
The provision of any information or content by you as a personal data subject is voluntary and is subject to this Privacy Policy.
The Policy governs the right to privacy and the security of personal data that is subject to processing. This Privacy Policy may be updated. You will be notified of any changes in a manner determined by OKTA, either by email or by posting the updated version of this Policy on the website.
For questions related to the processing of your personal data, you can contact our Data Protection Officer, Marija Peshevska-Stanishikj, at the following email: MPeshevskaStanishikj@helpe.gr and/or at the phone number 02 2532 150.
By visiting our website, you acknowledge that you are aware of and agree with the content of our Privacy Policy.
WHOSE PERSONAL DATA DO WE PROCESS?
We may process data relating to the following categories of individuals:
• Visitors to our website https://www.okta-elpe.com/
• Buyers/potential buyers - wholesale
• Project contractors
• Truck drivers
• Suppliers of goods and services
• Contractors
• Associates
• Individual service providers who are natural persons (consultants)
• Visitors to our premises
• Buyers/users of OKTA fuel station
• Individuals employed at fuel stations that are part of the retail network under the OKTA brand
WHAT PERSONAL DATA DO WE COLLECT?
Data collected through visits to the website: information about connection/login, website visitor’s online activity data, IP address of the website visitor, device information.
Data about employees of service providers, buyers and potential buyers, project contractors, suppliers of goods and services, contractors, associates who are legal entities: name, surname, address, contact details (phone number, email), ID card number and job position, legal entity, type of contract and service, data for providing the service.
Data on individual service providers (natural persons/consultants): full name, address, Unique Identification Number, payment information, type of contract and service, service provision details, financial and tax information.
Data for identification of truck drivers: name, surname, phone number, vehicle registration plates (the truck), driver’s license number, passport number, and ADR permit.
Data collected during procedures related to the selection of suppliers of the Company (tender procedures and evaluation processes) for suppliers, authorized representatives, employees, subcontractors, and contact persons of suppliers—their agents: name, surname, age, work experience, information about vehicles used for transporting the company’s products (driver’s license number, ADR permit, vehicle registration, insurance policy).
Data collected when entering OKTA’s premises: ID card number or passport number, vehicle registration plate number, time and date of entry and exit.
Data from video surveillance collected during visits to our premises. Notices regarding video surveillance are posted in the premises, as well as general information regarding the video monitoring.
Data collected through the use of services at our fuel station: name, surname (if required), transaction information (e.g., payment method, amount), and contact details if voluntarily provided.
Your personal data is processed in accordance with the applicable legal regulations in the Republic of North Macedonia.
WHERE ARE PERSONAL DATA COLLECTED FROM?
Personal data are collected directly from you, through the completion of various company forms, exchange of business cards, by phone, through documents you send to the Company, through electronic communication (website, via our email: okta.info@helpe.gr), or when you otherwise communicate with us.
Personal data are also collected from other sources, for example from third parties with whom you have not had previous communication or do not have a recognizable relationship. Additionally, for the purposes of risk assessment and compliance, the company may collect personal data from third parties such as LexisNexis.
FOR WHAT PURPOSE DO WE USE PERSONAL DATA?
• To fulfill contractual obligations and effectively provide trade in solid, liquid, and gaseous fuels and similar products.
• To manage the risks of the business.
• To fulfill legal obligations for taxation and accounting, and compliance with product quality regulations.
• To protect the company’s property (facilities, infrastructure, equipment, etc.).
• To research and monitor user behavior, habits, and interests, to analyze advertising effectiveness, for statistical purposes, and to improve the services offered.
LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
The processing of your personal data is always carried out on an appropriate legal basis, in accordance with applicable regulations. The legal basis may be:
• Performance of a contract: This applies when personal data are needed for the conclusion, execution, and management of a contract between OKTA and our suppliers, clients, partners, contractors, etc. For example, when a supplier provides us with data about their employees, drivers, or authorized representatives so that we can fulfill contractual obligations between our companies.
• Your consent – This applies when you provide your personal data and agree for us to process it for marketing communication, information sharing, and promotional activities. For example:
1. OKTA may process and use publicly posted comments, opinions, or other content that users leave on the company’s official social media profiles (e.g., Instagram, LinkedIn), exclusively after obtaining explicit prior consent from the author of the comment. This consent also applies to the use of personal data for identification, preferences, and contact purposes, in order to determine which services and marketing promotions may be of interest to you, as well as for conducting marketing, promotional, or communication activities. Consent is always requested and documented before any use. You have the right to withdraw your consent at any time and request that your comment or personal data no longer be used, after which we will act without delay. Additionally, to withdraw your consent for marketing offers, you may send a message to the following email: MPeshevskaStanishikj@helpe.gr and contact our Data Protection Officer.
2. We may store certain cookies on your device. Cookies are small text files placed on your device by websites you visit. We may place analytical cookies (also known as performance cookies, which measure/record your interaction with our website to help us make improvements) on your device. Please refer to our Cookie Policy on our website for more information about the different types of cookies we use and their purpose.
• Our legitimate interests: This applies when you provide us with your personal data and we use them to:
1. Ensure our website is safe and secure and it functions properly
2. Respond to your questions and requests.
3. Exercise any legal claims or for statistical purposes.
4. Provide physical security, protect property through access control systems to our premises and video surveillance.
5. Manage suppliers of goods and services and other business-related activities, as well as for internal administrative purposes.
6. Monitor compliance with Company practices and procedures.
7. Manage business operations and processes, including planning and organizing work, investments, analysis, and sales development.
• To comply with a specific legal obligation – This refers, for example, to cases where OKTA processes and archives personal data included in contracts with suppliers/clients, etc. (name, surname, signature, positions of authorized persons) to fulfill legal obligations under the legislation of the Republic of North Macedonia. Specifically, we are legally required to retain contracts for a certain period for tax, accounting, and archiving purposes.
WHO CAN ACCESS THE DATA?
We would like to emphasize that OKTA processes your personal data with the highest level of responsibility and transparency, and such data is never sold. Access may only be granted to authorized persons, members of the Group, or trusted partners, and only when necessary to fulfill legal obligations, contractual purposes, or the legitimate interests of the company, always in accordance with applicable data protection laws.
The access to personal data is controlled based on the need-to-know principle. This means that the access to the personal data will be assigned only to those persons and departments within OKTA who need it to perform their work tasks, provide services, or fulfill legal and contractual obligations. Where permitted, OKTA may share some of your personal data, including data collected through cookies, to reconcile and update the information you share with us, perform statistics based on your characteristics, and tailor its communications to you.
Your personal data may also be processed on our behalf by our trusted suppliers (third parties).
We always strive to ensure that all third parties we work with keep your personal data secure and use it exclusively for the purposes for which it was entrusted, in accordance with our written instructions and applicable laws. For example, we may entrust services that require the processing of your personal data to:
• Advertising, marketing, digital, and social media agencies to help us conduct promotions, marketing, and campaigns, as well as to analyze their effectiveness;
• Third parties who assist us in providing IT services, such as platform providers, hosting services, database maintenance and support, as well as our software and applications;
• Independent third parties, telecommunications operators, marketing partners, as well as competent authorities who have legal authorizations and may use personal data for their own purposes.
Our relationship with third parties is regulated based on a legally binding contract, which stipulates that appropriate security and safety measures for your personal data are taken.
TRANSFER OF PERSONAL DATA
Personal data will not be transferred to third countries outside the European Union, NATO, or the European Economic Area.
In cases where OKTA transfers personal data to third countries outside the borders of the European Union, NATO, or the European Economic Area, appropriate measures are taken and applied to protect your data, such as the conclusion of data processing agreements (standard contractual clauses issued by the European Commission or the Data Protection Agency, other contractual clauses, or protective mechanisms).
HOW LONG WILL THE DATA BE RETAINED?
We will retain your personal data only as long as necessary to fulfill the purposes for which it was collected and to meet legal and business obligations. We determine the retention period based on several factors to ensure that data is not kept longer than necessary. These factors include:
• The purpose for which we process your personal data;
• Our legal and regulatory obligations related to that personal data, for example, obligations arising from financial operations and financial reporting;
• Any request from you to delete your personal data; and
• Our legitimate interests in managing our own rights, for example, defending any legal claims or for statistical purposes.
When we no longer need to use your personal data, it will be removed from our systems and records or anonymized so that you can no longer be identified through it.
RIGHTS OF DATA SUBJECTS
One of the fundamental principles of the Law on Personal Data Protection is the protection of the rights of data subjects. In this context, you as data subjects have the following rights:
• Right to be informed about the processing of your personal data: To be clearly and transparently informed about how and why your personal data is processed;
• Right of access to personal data: To obtain confirmation whether and which of your personal data is being processed and to receive a copy of that data;
• Right to rectification: To request correction of inaccurate or incomplete personal data relating to you;
• Right to erasure (“right to be forgotten”): To request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, when you withdraw your consent, or when processing is unlawful;
• Right to restriction of processing: To request restriction of the processing of your personal data in certain cases (for example, when you contest the accuracy of the data or when processing is unlawful but you do not want deletion and request restriction of its use, when it is no longer necessary for us to keep it but it is needed for you to exercise legal claims, when you object to processing based on our legitimate interests until it is verified that those interests override your interests as a data subject);
• Right to object to the processing of personal data: To object to the processing of your personal data, especially when processing is based on legitimate interest or is used for direct marketing purposes;
• Right not to be subject to automated decision-making, including profiling: Not to be subject to a decision based solely on automated processing, unless necessary for the conclusion or performance of a contract, permitted by law, or based on your explicit consent;
• Right to data portability: To receive your personal data in a structured, machine-readable format or to have it transferred to another company, when provided in an automated manner, based on a contract or your consent.
For additional information and/or to exercise your rights regarding personal data protection, you can contact our Data Protection Officer, Marija Peshevska-Stanishikj, at the following email: MPeshevskaStanishikj@helpe.gr and/or at the phone number 02 2532 150.
Requests for exercising personal data rights:
• Form No.1 – Request for access to personal data
• Form No.2 – Request for rectification of personal data
• Form No.3 – Request for erasure of personal data processing
• Form No.4 – Request for restriction of personal data processing
• Form No.5 – Request for data portability
• Form No.6 – Request for withdrawal of consent for personal data processing
• Form No.7 – Objection to personal data processing
RIGHT TO COMPLAIN TO THE PERSONAL DATA PROTECTION AGENCY
If you believe your right to personal data protection has been violated, you can submit a complaint to the Personal Data Protection Agency (PDPA) regarding the processing of your personal data. The complaint can be submitted by sending a request to the PDPA via the email address: info@privacy.mk or through their website: https://dzlp.mk/prizlnlp.
CHANGES TO THE PRIVACY POLICY
Our aim is to regularly review and update the content of this Privacy Policy to remain aligned with relevant legal and regulatory requirements and to ensure optimal protection of personal data. Any further changes to the Policy, according to changes in the company’s processes and activities, will be published on this website.
July 2025