The policy covers the processing of personal data in accordance with the requirements of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the Regulation).
2. For the purposes of the Data Protection Regulation, we are:
Information about the Personal Data Administrator:
1. Name of the company __________
2. UIC / BULSTAT: __________
3. Headquarters and address of management: __________
4. Correspondence data: __________
5. E-mail: __________
6. Phone number: __________
Information concerning the data protection officer:
1. Name: __________
2. Correspondence data: __________
3. Phone number: __________
4. Email: __________
Information on the competent supervisory authority:
1. Name: Commission for Personal Data Protection
2. Headquarters and address of management: Sofia 1592, Blvd. “Prof. Tsvetan Lazarov ”№ 2
3. Data for correspondence: Sofia 1592, Prof. Tsvetan Lazarov ”№ 2
4. Phone number :02 915 3 518
5. Email: [email protected] , [email protected]
6. Website: www.cpdp.bg
Information we collect
3. By using this website, you agree to this Policy.
4. We collect personal data only if they are provided directly by you – your email address, name, home or work address and telephone number, which you submit with your explicit consent so that you can use the services of the website, receive information from us for new services and promotions and our newsletter, or you wish to make a purchase.
5. We use analytical and statistical tools to track the details of your visits to our website and the resources you access, which includes, but is not limited to, traffic data, location, web logs, and other communication data (which do not identify you personally)
6. The payment information (debit and credit card details) that is submitted when you make purchases from our website / e-shop is not received by us and is not stored with us. The information is processed according to strict payment security protocols – PCI-DSS of Visa and Mastercard. We do not have access to this information. We share your personal information with payment processors, but only for the purpose of completing the relevant transaction. Processors are not allowed to use your personal data for purposes other than making the relevant payment, and have an explicit requirement to maintain the confidentiality of your personal data and payment data.
Use of your information
7. We process and store your personal data that you have provided to us in accordance with the requirements of the Regulation.
8. The information we collect and store is used solely to provide services to you, and to fulfill our contractual obligations with you. In addition, we may use the information for the following purposes:
a. Notify you of changes to the website, such as improvements, changes in services and products;
b. If you are an existing customer, we may contact you with information about products and services similar to those we have offered you so far;
c. When we have your consent, to provide information to selected third parties to contact you and offer products and services that we believe may be of interest to you;
d. To send you our e-newsletters periodically.
Providing your information
9. We may provide your information to regulatory authorities in compliance with the law and contribute to fraud protection and reduce credit risk;
10. When you have given your consent, we may provide your data to selected third parties to contact you and offer products and services that we believe may be of interest to you;
11. If you do not want your data to be used by us or by third parties, you will have the opportunity to withdraw your consent through the informed consent form or by contacting us directly at the address, telephone, email.
12. We inform you that we do not provide personally identifiable information to advertisers, but we may periodically provide such information in the form of aggregated and anonymized statistics on website visits.
Control of the use of your data
13. If you have given your consent to the use of your personal data for specific purposes, you may withdraw your consent or correct it at any time. If you do not want us to use your data or want to correct the consent you have given us, you can contact us at the indicated contacts.
Where we store and transfer your data
14. As part of the services to you, the information you provide may be transferred and / or stored in countries outside the European Economic Area (EEA), as we use remote web servers to serve the website and some aspects of our services that we can be based outside the EEA, or we can use servers outside the EEA – mainly data stored in the cloud. The data can also be processed by employees outside the EEA.
16. We do not collect, process or disclose sensitive personal information, such as race, religion, or political affiliation, without your explicit consent.
17. We may disclose your personal information outside of our group:
a. In case we sell or buy a business or assets, in which case we may need to disclose your personal data to the seller / buyer;
b. If our business is purchased from a third party, the personal data of all our customers will be part of the assets we transfer to the buyer. These transfers will be subject to the conditions of confidentiality and protection of your personal data and the conditions of confidentiality will be preserved and valid.
18. In all other cases, we will process, disclose or share your personal data only if required by law or when required in order to comply with and comply with legal requirements.
19. You have the right to refuse to process your personal data for marketing purposes at any time by contacting us at the indicated contacts.
20. The transmission of information via the Internet or e-mail is not secure. While we do our best to protect your personal information, we cannot guarantee the security of the data as it is transmitted by you to our site; any such transmission is your risk. Once we receive your information, we will use strict procedures and protocols to protect it.
21. When we have given you (or you have created) a password to use sections of our site, you are responsible for maintaining the confidentiality of your password. You must select the password complexity level.
Links to third parties
22. You can find links to third party sites. These websites have their own privacy policies that you should be aware of. We are not responsible for their policies because we have no control over them.
24. The Data Protection Regulation gives you the right to access your personal data that we have with us. Please contact us for instructions on completing a Data Access Request. The service is free and we will complete it within 30 days.
25. You have the right to correct the consents, limit the scope of the consents, terminate the processing, delete the personal data (within the statutory limits). To exercise your rights, please contact us.
26. We may periodically update the policy, which is why we encourage you to review it periodically to determine how we protect your personal data.