Personal Data Protection
The information collected about the Users, representing personal data within the meaning of the Regulation, is used only to improve the user experience, for statistics, for feedback and for marketing purposes. The information specified in the previous sentence is not provided to third parties, except in cases where this information is required by the appropriate legal procedure by a state body or a competent institution.
By submitting an inquiry, Users consent to the information provided being used for the purposes of direct marketing and receiving commercial communications. Users have the right to object to the processing of their personal data for marketing purposes by sending a written message to the Supplier at the address or e-mail indicated in the contacts.
No personal profiles are created on the Supplier’s Website and no personal information is collected for each user. No data is provided to third parties.
The data collected through the form for sending inquiries (name, e-mail, telephone) serve only to enable the Supplier to respond to the inquiries sent. They are confidential, not used for other purposes and not shared with third parties.
The Supplier collects the following personal data that Users provide while using the Website: name; phone number; email.
Purposes of processing
The Supplier uses the Users’ personal data only for specific purposes, previously indicated at the time of collection and after his express consent (when consent is a legal basis for processing), or for additional compatible purposes in accordance with the law.
The purposes for which the Supplier processes personal data of Users are:
– to respond to inquiries submitted through the contact form;
– to provide effective service to the Users and to improve the content and functionality of the Website;
– to improve the quality of the products and/or services offered;
– for feedback to Users;
– to request the opinion of the Users about the offered products and/or services;
– for marketing and advertising purposes;
Legal basis for processing
Article 6, paragraph 1, b. a) of the Regulation is the legal grounds for which the Supplier requires the consent of the Users for the purposes of specific processing. In the event that processing is carried out, which is necessary for the implementation of measures before the conclusion of a contract, for example in the case of inquiries concerning products and/or services offered by the Supplier, the legal ground is Article 6, paragraph 1, b. b) of the Regulation.
Processing that does not fall under the legal grounds mentioned above, but is necessary for the benefit of the legitimate interests of the Supplier, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, is based on Article 6 para. 1, b. f) of the Regulation. In this case, the legitimate interest of the Supplier is to carry out its activities for the benefit of its customers, employees and partners.
Terms of storage of personal data
The personal data of the Users are stored for a period of 1 /one/ year. After this period, the data will be deleted or anonymized.
Tax and accounting legislation in the Republic of Bulgaria requires the Supplier to compile certain accounting and commercial information, including storing this information for a certain period, as well as any other information and documents relevant to taxation. When fulfilling this obligation, the relevant information and documents, which also contain personal data of the Users, are stored by the Supplier for the periods stipulated in the relevant laws.
When there are no other reasons that oblige the Supplier to store (part of) the Users’ personal data, they may request the deletion of their information.
The Supplier strives to use appropriate organizational, technical and administrative measures to protect personal data. For this purpose, it applies all legal and technical measures to protect personal data in accordance with Article 32 of the Regulation, as well as taking into account the latest technological advances.
In order to protect the Users’ personal data from misuse by third parties, the information submitted by them is encrypted using the SSL (Secure Socket Layer) protocol. Users should note, however, that despite adequate steps to protect information, no website, Internet connection, computer system or wireless connection is completely secure.
Rights of Users
- Right to information and access:
At any time, Users have the right to receive free information about whether the Supplier processes their personal data and the ways in which they processes them, including purposes of processing, types of data, recipients of data, rights of Users and others. If the Users wish to take advantage of their right of access, they may contact the Supplier at any time at the address or e-mail indicated in the contacts.
- Right to data portability:
When the processing of Users’ personal data occurs in an automated manner based on their consent or on the basis of a contractual agreement, Users have the right to receive a copy of the data in a structured, widely used and machine-readable format.
- Right to rectification:
Users have the right to request the correction of their personal data without undue delay if such data are inaccurate, as well as to have the data supplemented in case of incomplete information.
- Right to erasure (right to be forgotten):
Users have the right to request the deletion of all personal data processed by the Supplier at any time in the following situations:
– the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
– Users wish to withdraw their consent on which the data processing is based and there is no other legal basis for the processing;
– Users wish to object to processing pursuant to Article 21(1) of the Data Protection Regulation and there are no overriding legitimate grounds for the processing, or object to processing pursuant to Article 21(2) of the Regulation;
– the personal data were processed illegally;
– the personal data must be deleted in order to comply with a legal obligation under the law of the European Union or the law of a Member State that applies to the administrator;
- Right to object to processing based on legitimate interest:
Users have the right to object to the processing of their personal data based on the Supplier’s legitimate interest. The Supplier will stop processing the personal data of the relevant User, unless it is proven that there are compelling legal grounds for doing so that take precedence over the User’s interests and rights or due to legal claims.
- Right to object to direct marketing:
Users have the right to object to receiving marketing communications, including profiling and analysis for direct marketing purposes.
Users can opt out of direct marketing by sending a message to the address or e-mail indicated in the contacts.
- Right to restriction of processing:
Users have the right to request restriction of processing when one of the following circumstances applies:
– if they claim that their personal data is inaccurate, the Supplier will limit the processing until it passes a check on the accuracy of the data;
– the processing is unlawful, but the data subject does not want the personal data to be deleted, but instead requires the restriction of its use;
– if the Supplier no longer needs the personal data of the Users for the purposes of processing, but it is necessary for the establishment, exercise or defence of legal claims;
– if the Users object to the processing based on the legitimate interest of the Supplier, in which case the processing of the data will be restricted pending the result of the verification of the legal grounds.
- Right to withdraw consent:
Users have the right to withdraw their consent to the processing of their personal data at any time when this processing is based on consent.
- Right to submit a complaint to a supervisory authority:
If the Users believe that the Supplier processes their personal data in an unlawful manner, they have the right to file a complaint with a supervisory authority in the European Union.
The supervisory authority of the Republic of Bulgaria is:
The Commission for Personal Data Protection
Sofia 1592, 2 Prof. Tsvetan Lazarov Blvd.,
For any questions regarding the use of personal data and their protection or to withdraw consent for their processing, Users can contact the Supplier at the address indicated in the contacts or at the following e-mail: firstname.lastname@example.org.