Satisfying our customers is our main focus. This principle guides all our activities and applies to our everyday engagements. The key elements are transparency, high-quality service and achievement of customer loyalty in the long term. Our different products and services are always present in the market with aim to meet customers’ requirements and needs. 

Nevertheless, there may be occasions when our customers’ satisfaction is not on the expected level and we make effort to overcome this by recommending suitable solutions.

We, as a trusted partner are always open to receive any appreciation, request, complaint or suggestion in order to ensure customer satisfaction.

For this purpose you can contact us through the following features:

• by filling the contact form
• post to:

HALKBANK A.D. Skopje

Quality and Complaint Management Department

St. “Kiril i Metodij” no.54, 1000 Skopje

• by using the complaint brochure
  
• by calling the following telephone number: +389 2 3240 800
  

Personal Data Protection and Privacy Statement

This statement:

• Describes the personal data that we collect;
• How we collect data and why;
• How data will be used and who we can disclose or transfer data to and why;
• How data can be corrected or deleted;
• The measures that we take to protect data; and
• The process and contact information that customers can use to raise enquiries, concerns and complaints.  

Which Personal Data?

Personal data (“Personal Data”) refers to all and any information relating to you obtained by us in the course of and as a result of the provision of any products and services by us to you. Such Personal Data includes but not limited to your name, mailing address, telephone number(s) and personal email address and Personal ID number. We shall treat your Personal Data as confidential and will accord due level of care in accordance with our Personal Data Protection Law and its related bylaws and regulations.

Purpose of the Collection of Personal Data

When you do provide us with personal data, we usually use it to respond to your inquiry, process your order or provide you access to specific information or offers. Also, to support our customer relationship with you:

• we may store and process personal data and share it with other Halkbank’s affiliates to better understand your business needs and how we can improve our products and services; or
• we (or a third party subcontractor on our behalf) may use personal data to contact you about a Halkbank offer in support of your business needs or to conduct online surveys to understand better our customers' needs.

If you choose not to have your personal data used to support our customer relationship (especially direct marketing or market research), we will respect your choice. We do not sell or otherwise market your personal data to third parties.

Direct Marketing

From time to time, we may contact you via mail, electronic-mail, telephone (call or SMS-Text) or facsimile, to inform about our products and services, or about special offers and promotions that we think may be of interest to you. You can let us know at any time if you no longer wish to receive marketing material (by contacting formally through our Branch offices) and we will remove your details from our direct marketing database.

Withdrawals of Consents

Should you wish to withdraw your consent for us to send you sales and marketing information via a specific mode or all modes of communications (e.g., mail, email, telephone calls, SMS-Text), please visit us in one of our branches and notify us by writing a new consent.

Ensuring Personal Data is up-to-date

We rely on the Personal Data we hold in conducting our business. Therefore, it is very important that the Personal Data we hold is accurate, complete and up-to-date.

If you find that the Personal Data we hold about you is incorrect, please contact us immediately and we will correct it.

Access to Personal Data by individuals

You can access most of the Personal Data we hold about you by contacting us formally through our Branch offices.
We may charge an access fee to cover the reasonable cost of retrieving the information and supplying it to you.

Access to Personal Data may be refused in a number of circumstances, such as where the Personal Data relates to anticipated legal proceedings or the request for access is frivolous or vexatious.

Security of Personal Data

Security of Personal Data is important to us and we take all reasonable precautions to protect Personal Data from misuse, loss, unauthorized access, modification or disclosure.

Retention

We will retain your Personal Data for a reasonable period for the purposes as cited or until you request for us to delete the Personal Data, or as required by law.

Acceptance and Links to other Websites

This Halkbank’s website may contain links to other websites, which are provided solely as a convenience to you and not as an endorsement by Halkbank of the contents of other web sites. The other web sites may have their own policies, which Halkbank does not control, and thus are not addressed or controlled by this statement or the Halkbank’s Information Security Policy. 

Cookies in e-Banking

A cookie is a piece of data stored on your hard drive containing information about you. Halkbank uses cookies in order to identify a user session, but usage of a cookie is in no way linked to any personally identifiable information while on the Halkbank website.

When you view one of our Web sites, we may store some data on your computer in the form of a "cookie" to automatically recognize your PC next time you visit. Cookies can help us in many ways, for example, by allowing us to tailor a Web site to better match your interests or to store your password to save you having to re-enter it each time. If you do not wish to receive cookies, please configure your Internet browser to erase all cookies from your computer's hard drive, block all cookies or to receive a warning before a cookie is stored.

Most browsers are initially set up to accept cookies. Though most cookies expire after a certain period of time, you can choose to delete a cookie file at any time. You can do so by resetting your browser to refuse all cookies or to indicate when a cookie is sent. 

However, some Halkbank features or services may not function properly without cookies. Some of our service sites such as about monitoring our satisfaction survey use cookies on the Halkbank site. Halkbank AD Skopje has no access to or control over these cookies. This privacy statement covers the use of cookies by the Halkbank AD Skopje site only and does not cover the use of cookies by anyone else.

Protection from cyber attacks

Recently, both globally and locally, frequent cyber attacks of companies have turned into common events, which might produce serious consequences, from financial and brand image point of view.

Therefore, as a continuation of the happenings taking place in October, which has been named cyber security awareness month, HALKBANK AD Skopje stays committed to dedicating part of its time to provide basic cyber-related education to its clients.

Reading this message will not take up more than 5 minutes of your time, but in turn, it can save you from wasting your precious time and finances.

Of course, all recommendations of technical natures, such as the use and the regular updating of your antivirus software, the rules applying to the protective network (the firewall), the upgrading of the OS and apps you are using remain in place, being essential pillars of the protective system against cyber attacks. Nevertheless, the weakest link in the overall chain of defense and protection is undoubtedly the human factor. This is also well known to malicious users and their intent is clearly to take advantage of this fact.

That is why we have decided to look at some of the most common attacks which are being employed currently, so you can be well informed of the recent developments, and thus, help protect yourself better.

1. Man-in-the-middle attack

One of the most common cyber attacks entailing rather large financial consequences is the attack conducted through intrusion into computer systems, interception and altering electronic messages, supplying new and altering existing invoices, introducing new and different bank instructions for payments etc.

An intrusion into communications via email is an event in which clients are being sent new invoices from an existing supplier in which payment instructions have been altered. Such alteration usually include changes to the bank account/IBAN to other banks in the same country, in banks abroad, or even alteration of the name of payment beneficiary abroad.

Therefore, we recommend that you pay great deal of attention to payment instructions received in your invoices or separately and always verify the validity and authenticity of instructions through a communication medium other than email communication, such as phone call, text or through social networks.

The same applies to the instructions that you are sending to your clients via email, and we recommend that you verify the validity and authenticity of instructions through a medium other than your email.

2. Spoofing attack or identity fraud

Lately, there have been many events in which clients are sent an email which, at first glance, looks like a completely valid notification email from their bank or other institution which they know well and trust. However, once checked in details, such email clearly contains some unusual parameters, based on which it can be concluded that it is invalid.
The most common examples of that kind are as follows (we will start from the simplest ones and we will go up to some of the most complicated ones):

- A client does not expect an email with such contents, simply because if you do not have an account with a given bank, that bank would not have sent you an email.

- In addition, if you have not made any transactions recently, then it is unlikely that you will be sent a confirmation for a transaction that has taken place.

In these two examples above, email are usually sent with an attachment (excel, word, pdf, zip, 7z…) containing the malicious software (virus, Trojan…). In such cases, it is possible that a regular message that has previously been sent by the bank to any of its clients is used as a vector to propagate malicious software. DO NOT OPEN THE DOCUMENT!!!

3. Phishing attacks

Phishing is well-thought scam whose final objective is to collect sensitive data, most often digital marks for personal identification, such as user names and passwords, card PIN codes or PIN codes used to access digital certificates. In such events, the scammer masks itself to look like a trustworthy entity in the electronic communication with whom the user has already communicated.

- Email asking you to enter your personal data, such as: user's password, PIN code to your card, single-use codes and other personal data.

If any of the above occurs, irrespectively whether such person is contacting you by phone, email or is trying to assist you in solving any type of technical issue, please terminate the communication with that person immediately and inform the Customer Support of the Bank.

We truly hope that the information we have shared here will prove to be useful.

It’s all about the people.

Kindest regards,
HALKBANK AD Skopje