Privacy Policy

1. Subject and scope of application


The Privacy Policy describes how we may collect and use personal data, as well as the rights and choices available to our visitors and users regarding such information.

Crnogorski elektroprenosni sistem AD (hereinafter: CGES) is committed to the privacy of its visitors and users and is fully dedicated to protecting your personal data and its proper use in accordance with the Law on Personal Data Protection. The senior management of CGES, as well as all employees and external collaborators, are obliged to protect all intellectual property.

Information security and the protection of personal data at CGES is based on:

  • Information security policy for employees and external collaborators;
  • Organising information security through internal organisation and ensuring security when using employees' own devices, working remotely and using mobile devices;
  • Human resources security from an information security perspective through pre-employment vetting of candidates, in-employment training, and defined responsibilities following the termination of employment.
  • Responsibilities for property, information classification and handling media;
  • Control of access to networks and network services, user access management, user responsibilities, control of access to systems and applications, as well as cryptographic controls;
  • Physical security and security of the working environment, protection of equipment, operational and communications security;
  • Supplier relationships from an information security perspective
  • Incident management from an information security perspective;
  • Business continuity management;
  • Compliance with legal and contractual obligations.

For anyone who wishes to remove or delete their personal data, we have made this possible by allowing you to contact us electronically via email: dpo@cges.me, or by post to the address:

Montenegrin electricity transmission system AD Podgorica,
18 St. Petar Cetinjski Boulevard, 81000 Podgorica,

with the mandatory indication 'FOR DPO'.

Information security is the responsibility of all employees and external users. Please read this policy and ensure you fully understand it before accessing or using any of our services.

2. Purpose of the Policy

CGES describes in this Privacy Policy how we collect and use personal data relating to our website visitors. The purpose of this Policy is to provide you with a clear explanation of when, why and how we collect and use your personal data, as well as an explanation of your legal rights.

This Policy is not intended to alter the terms of any contract you have with us, nor any rights you have under applicable data protection legislation.

If you access or use any of our services, you accept that you have read this Privacy Policy.

3. Reference documents

  • Personal Data Protection Act
  • GDPR – General Data Protection Regulation (EU)
  • Law on Free Access to Information

4. What data do we collect?

We collect two types of information: personal data (which can be used to uniquely identify an individual) and non-personal data (which does not identify an individual). We collect data in relation to our users and visitors, users of our users and others listed in this Policy, namely:

1. Non-identifying data relating to visitors or unidentified users, which may be available to us or is automatically collected. Such non-personal data does not allow us to identify the visitor or user from whom the data was collected. The data we collect mainly consists of technical and aggregate usage data, such as visitor and user overviews, etc.

2. Personal data, namely data that identifies an individual or may lead to the identification of an individual with reasonable efforts, or may be of a private or sensitive nature ('Personal Data'). The personal data we collect mainly consists of contract and contact information (e.g. email addresses, as well as data necessary for exercising the rights and obligations of shareholders in CGES). For the avoidance of doubt, any non-personal information that is linked to personal data in order to improve the services we offer is considered and treated by us as personal data. We collect personal data relating to visitors and users of our website.

5. How do we collect data?

We collect data in the following ways:

  1. Information required for signing the contract, in accordance with the law.
  2. Information we collect when you visit our site, including cookies and other tracking technologies.
  3. Third-party data, where applicable.

6. Why do we collect data?

We collect personal and non-personal data for:

  1. Provision and management of services;
  2. Development and improvement of our services;
  3. Providing customer support;
  4. Statistical processing for the purpose of improving services;
  5. Improvements to security and fraud prevention.

We use personal data only when:

  • is it a legal obligation, or
  • There is a legitimate interest of CGES, whilst respecting the right to privacy.

The services are not intended for persons under the age of 18.

7. Where do we store your data?

Data is stored on the CGES infrastructure in a secure physical environment, compliant with GDPR requirements.

All service providers who process data on behalf of CGES are required to comply with the NDA and data protection regulations.

You can:

  • access your data,
  • to correct them
  • Request deletion of data.

The application is submitted via:

Email dpo@cges.me
📮 or by post, marked 'FOR THE DPO'.

8. Job applications

CGES may collect candidates' data (contact details, CV) during the recruitment process. The data is used solely for recruitment purposes and is not retained once the recruitment has closed.

Candidates can request access, amendment or deletion of their data via: dpo@cges.me

9. Sharing personal data with third parties

CGES collaborates with third parties that provide services such as:

  • hosting
  • cyber security
  • web analytics
  • communication services
  • e-mail systems,
  • remote access
  • Performance measurement

Contracts are signed with risky suppliers:

  • Personal Data Processing Agreement (GDPR-compliant)
  • NDA agreements

Third parties may have access to the data only for the purpose of providing the service to CGES.

10. Use of cookies and tracking technologies

CGES uses cookies to:

  • maintenance and improvement of services,
  • tracking user preferences,
  • identifying technical problems,
  • Measurement of campaign effectiveness.

More information is available in the 'Cookie Settings' section on the official CGES website.

11. Your rights regarding your personal data

In accordance with the GDPR, you have the right to:

  • access to your data,
  • obtaining a copy,
  • an update and correction,
  • delete
  • processing limitation
  • submitting an appeal to the competent authority.

For all enquiries, please contact: dpo@cges.me

CGES will take all measures to process your request within the statutory time limit.