Privacy Policy

Effective date: 19 September 2025

1) Who We Are

Controller: weblab.mk (“we”, “us”). We operate from North Macedonia and serve users internationally, including the EU/EEA and the UK.

Contact (privacy): This email address is being protected from spambots. You need JavaScript enabled to view it. | General: This email address is being protected from spambots. You need JavaScript enabled to view it.

2) Scope

This Policy explains how we collect and use personal data when you use our website and services. We comply with the Law on Personal Data Protection of North Macedonia, and—where applicable—EU GDPR and UK GDPR.

3) What We Collect

  • Contact data: Name, email, message content (when you submit forms).
  • Technical/usage data: IP address, device/browser info, pages visited, timestamps, referrers (server logs and analytics).
  • Cookies: Essential cookies for site operation; non‑essential cookies (e.g., analytics) only with your consent where required.

4) How We Obtain Data

  • Directly from you when you contact us or submit forms.
  • Automatically via cookies, pixels, and similar technologies.

5) Purposes & Legal Bases

  • Provide and secure the site (operation, security, fraud prevention): Legitimate interests.
  • Respond to inquiries and perform requested services: Contract or Legitimate interests.
  • Analytics and improvements (Google Analytics 4): Consent (EU/EEA/UK and where required). We only load non‑essential cookies after consent.
  • Legal compliance (e.g., to comply with requests from authorities): Legal obligation.

6) Cookies & Consent

Essential cookies are necessary for the site to function. Non‑essential cookies (e.g., analytics) are used only if you give consent through our cookie banner (where implemented). You can withdraw consent at any time via the banner or your browser settings. Blocking cookies may impact site functionality.

7) Vendor: Google Analytics (GA4)

We use Google Analytics 4 to measure usage and improve performance.

  • Data processed: page views, events, approximate location, device/browser identifiers, and related telemetry. GA4 does not expose IP addresses to us; Google may process IPs transiently for geolocation and security.
  • Legal basis: Your consent (EU/EEA/UK and where required). Analytics is disabled until you consent.
  • Retention: GA4 event data retention is controlled by our property settings (commonly 2–14 months). Aggregated reports may persist longer.
  • Transfers & safeguards: Google may process data in the EU/EEA, the UK, and the USA. Where required, transfers rely on appropriate safeguards (e.g., EU Standard Contractual Clauses).
  • More info: Google Privacy Policy: policies.google.com/privacy · GA opt‑out: tools.google.com/dlpage/gaoptout

8) Hosting & International Transfers

Our website is hosted in the United Kingdom. Personal data may therefore be processed in the UK and other countries where our service providers operate.

EEA users: The UK is currently covered by an EU adequacy decision, permitting transfers from the EEA to the UK without additional transfer tools. Where we (or our vendors) transfer data to countries without an adequacy decision, we use appropriate safeguards, such as the EU Standard Contractual Clauses (SCCs) or equivalent mechanisms.

We aim to comply with the Law on Personal Data Protection of North Macedonia, EU GDPR (for EU/EEA users), and UK GDPR (for processing in the UK).

9) Sharing

We share personal data with trusted processors (e.g., hosting, email delivery, analytics) under contracts that protect your data, and with authorities where required by law. We do not sell personal data.

10) Security

We implement reasonable technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or loss. No method is 100% secure.

11) Retention

We keep personal data only as long as necessary for the purposes described above, then delete or anonymize it. Server logs are typically retained for a limited period unless needed for security or legal reasons.

12) Your Rights

Depending on your location (including EU/EEA/UK), you may have the right to:

  • access and obtain a copy of your data;
  • rectify inaccurate or incomplete data;
  • erase data in certain circumstances;
  • restrict or object to processing;
  • data portability; and
  • withdraw consent at any time (where processing is based on consent).

 

You also have the right to lodge a complaint with your local supervisory authority. We encourage you to contact us first so we can address your concerns.

13) Children

Our site is not directed to children. For the Republic of North Macedonia, a “child” means a person under 18 years of age. We do not knowingly collect personal data from individuals under 18. If you are under 18, please use the site only with the involvement and consent of a parent or legal guardian.

If you believe we have collected personal data from a child, contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. and we will promptly review and delete such data where appropriate.

Note for EU/EEA users: Some countries set a digital consent age between 13–16. Where required, we will seek consent from a parent or legal guardian.

14) Changes to This Policy

We may update this Policy from time to time. The latest version will be posted on this page. Continued use of the site indicates acceptance of the updated Policy.

15) Contact

Privacy inquiries: This email address is being protected from spambots. You need JavaScript enabled to view it. · General inquiries: This email address is being protected from spambots. You need JavaScript enabled to view it.