Back to Frameworks

Law on Personal Data Protection (Official Gazette No. 42/2020)

North Macedonia
v2020 (amended by Law No. 12/2021)
8 domains
8 controls

North Macedonia's Law on Personal Data Protection (Official Gazette No. 42/2020), effective February 2020, replaces the 2005 law and aligns with the EU GDPR. The Agency for Personal Data Protection oversees enforcement. The law incorporates GDPR principles, data subject rights, DPO requirements, data breach notification obligations (added by Law No. 12/2021), and increased administrative fines.

Verified

Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.

Framework Domains (8)

Cross-Border + Articles 47-52 + MKPDP-8

1 controls
Controls in the Cross-Border + Articles 47-52 + MKPDP-8 domain of Law on Personal Data Protection (Official Gazette No. 42/2020)1 controls
CodeTitle
MKPDP-Cross-Border-Transfers-MKPDP-8-Articles-47-52-Adequacy-SCC-BCR-EU-Schrems-Convention-108North Macedonia PDPL Cross-Border + MKPDP-8 + Articles 47-52 + EU Adequacy

Enforcement + Articles 110-112 + AZLP + Codes

1 controls
Controls in the Enforcement + Articles 110-112 + AZLP + Codes domain of Law on Personal Data Protection (Official Gazette No. 42/2020)1 controls
CodeTitle
MKPDP-Enforcement-Sanctions-Article-110-111-112-Administrative-Fines-AZLP-Cooperation-MKPDP-16-Codes-Certification-MKPDP-18North Macedonia PDPL Enforcement + Articles 110-112 + AZLP + Codes + Certification

Governance + DPO + ROPA + DPIA + PbD + Training

1 controls
Controls in the Governance + DPO + ROPA + DPIA + PbD + Training domain of Law on Personal Data Protection (Official Gazette No. 42/2020)1 controls
CodeTitle
MKPDP-Governance-DPO-MKPDP-3-Records-of-Processing-MKPDP-4-DPIA-MKPDP-5-Privacy-by-Design-MKPDP-12-Training-MKPDP-15North Macedonia PDPL Governance + DPO + ROPA + DPIA + Privacy by Design + Training

Lawful Basis + Consent + Notice + Direct Marketing

1 controls
Controls in the Lawful Basis + Consent + Notice + Direct Marketing domain of Law on Personal Data Protection (Official Gazette No. 42/2020)1 controls
CodeTitle
MKPDP-Lawful-Basis-Consent-Notice-Transparency-Privacy-Notices-MKPDP-1-9-Direct-Marketing-MKPDP-17North Macedonia PDPL Lawful Basis + Consent + Notice + Transparency + Direct Marketing

Scope + Official Gazette 42/2020 + AZLP + GDPR

1 controls
Controls in the Scope + Official Gazette 42/2020 + AZLP + GDPR domain of Law on Personal Data Protection (Official Gazette No. 42/2020)1 controls
CodeTitle
MKPDP-Scope-Application-North-Macedonia-Official-Gazette-42-2020-February-2020-Effective-24-August-2021-AZLP-GDPR-AlignmentNorth Macedonia PDPL Scope + Official Gazette 42/2020 + GDPR Alignment + AZLP

Security + Processor + Breach Notification + Articles 30-37

1 controls
Controls in the Security + Processor + Breach Notification + Articles 30-37 domain of Law on Personal Data Protection (Official Gazette No. 42/2020)1 controls
CodeTitle
MKPDP-Security-Processor-Breach-Notification-MKPDP-6-7-10-Articles-36-37-Personal-Data-Breach-72-Hour-AZLPNorth Macedonia PDPL Security + Processor + Breach Notification + 72-Hour

Special Categories + Children Age 14 + Sensitive

1 controls
Controls in the Special Categories + Children Age 14 + Sensitive domain of Law on Personal Data Protection (Official Gazette No. 42/2020)1 controls
CodeTitle
MKPDP-Special-Categories-Sensitive-Children-MKPDP-11-Age-14-Parental-Consent-Health-Genetic-BiometricNorth Macedonia PDPL Special Categories + Children + Age 14 + Parental Consent

Subject Rights + Articles 22-29 + MKPDP-2

1 controls
Controls in the Subject Rights + Articles 22-29 + MKPDP-2 domain of Law on Personal Data Protection (Official Gazette No. 42/2020)1 controls
CodeTitle
MKPDP-Data-Subject-Rights-Access-Rectification-Erasure-Restriction-Portability-Object-Articles-22-25-MKPDP-2North Macedonia PDPL Data Subject Rights + Access + Rectification + Erasure + Portability

Your Compliance Coverage

If you comply with Law on Personal Data Protection (Official Gazette No. 42/2020), you already cover:

Maps to 35 other frameworks

8 total controls
APPI
1 source controls mapped|2 target controls covered
13%
Vermont Artificial Intelligence and Consumer Data Act (AICDA)
1 source controls mapped|2 target controls covered
13%
Russia Federal Law on Personal Data (152-FZ)
1 source controls mapped|1 target controls covered
13%
Privacy Act 1988 (Australia)
1 source controls mapped|2 target controls covered
13%
Jamaica Data Protection Act 2020
1 source controls mapped|2 target controls covered
13%
FTC GLBA Safeguards Rule (16 CFR Part 314)
1 source controls mapped|1 target controls covered
13%
13%
Jordan Draft Personal Data Protection Law (2022)
1 source controls mapped|2 target controls covered
13%
Kentucky Consumer Data Protection Act
1 source controls mapped|2 target controls covered
13%
AWS Well-Architected Security Pillar
1 source controls mapped|3 target controls covered
13%
Austria Data Protection Act (Datenschutzgesetz, DSG, amended 2018)
1 source controls mapped|3 target controls covered
13%
Iowa Consumer Data Protection Act
1 source controls mapped|2 target controls covered
13%
Azure Security Benchmark
1 source controls mapped|3 target controls covered
13%
IEEE 7000
1 source controls mapped|1 target controls covered
13%
Family Educational Rights and Privacy Act (FERPA)
1 source controls mapped|2 target controls covered
13%
FDA 21 CFR Part 11
1 source controls mapped|3 target controls covered
13%
13%
South Korea PIPA
1 source controls mapped|1 target controls covered
13%
Indonesia PDP Law
1 source controls mapped|1 target controls covered
13%
ISMAP (Japan)
1 source controls mapped|1 target controls covered
13%
ISO/IEC 27400:2022
1 source controls mapped|2 target controls covered
13%
Georgia Law on Personal Data Protection (2012)
1 source controls mapped|1 target controls covered
13%
Azerbaijan Law on Personal Data (2010)
1 source controls mapped|2 target controls covered
13%
India DPDP Act
1 source controls mapped|1 target controls covered
13%
Indiana Consumer Data Protection Act
1 source controls mapped|1 target controls covered
13%
Japan AI Guidelines
1 source controls mapped|1 target controls covered
13%
13%
ISO/IEC 27011:2024
1 source controls mapped|3 target controls covered
13%
ICH E6(R3) - Good Clinical Practice
1 source controls mapped|1 target controls covered
13%
ASD Strategies to Mitigate Cyber Security Incidents
1 source controls mapped|1 target controls covered
13%
Florida Digital Bill of Rights (FDBR)
1 source controls mapped|1 target controls covered
13%
Law No. 172-13 on the Protection of Personal Data
1 source controls mapped|1 target controls covered
13%

Frequently Asked Questions

What is Law on Personal Data Protection (Official Gazette No. 42/2020)?

Law on Personal Data Protection (Official Gazette No. 42/2020) is a compliance framework from North Macedonia with 8 domains and 8 controls. North Macedonia's Law on Personal Data Protection (Official Gazette No. 42/2020), effective February 2020, replaces the 2005 law and aligns with the EU GDPR. The Agency for Personal Data Protection oversees enforcement. The law incorporates GDPR principles, data subject rights, DPO requirements, data breach notification obligations (added by Law No. 12/2021), and increased administrative fines. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.

How many controls does Law on Personal Data Protection (Official Gazette No. 42/2020) have?

Law on Personal Data Protection (Official Gazette No. 42/2020) has 8 controls organised across 8 domains. The largest domains are Cross-Border + Articles 47-52 + MKPDP-8 (1 controls), Enforcement + Articles 110-112 + AZLP + Codes (1 controls), Governance + DPO + ROPA + DPIA + PbD + Training (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.

What frameworks does Law on Personal Data Protection (Official Gazette No. 42/2020) map to?

Law on Personal Data Protection (Official Gazette No. 42/2020) maps to 35 other compliance frameworks. The top mapping partners are APPI (13% coverage), Vermont Artificial Intelligence and Consumer Data Act (AICDA) (13% coverage), Russia Federal Law on Personal Data (152-FZ) (13% coverage). Use our comparison tool to explore control-level mappings between frameworks.

How do I get started with Law on Personal Data Protection (Official Gazette No. 42/2020) compliance?

Start your Law on Personal Data Protection (Official Gazette No. 42/2020) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Law on Personal Data Protection (Official Gazette No. 42/2020) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 8 controls and track your progress.

Start Your Compliance Journey

Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 723 frameworks.

Get Started Free →

Free forever — no credit card required