Informationen über den für die Datenverarbeitung Verantwortlichen:
Manik IT EOOD, ist ein im Handelsregister der Registeragentur eingetragenes Unternehmen mit
Eingetragener Sitz und eingetragene Anschrift: Ohrid 20, 9000 Varna
Tel: +359 896 611612
We we process your personal data on the following grounds:
- A contract between you and us to perform its obligations thereunder;
- Explicit consent from you – the purpose is stated for each specific case;
- Under a statutory obligation
В the following paragraphs you will find information about the processing of your personal data depending on the basis on which we process it.
FOR THE PERFORMANCE OF A CONTRACT OR IN THE CONTEXT OF PRE-CONTRACTUAL RELATIONS
We we process your personal data in order to fulfil contractual and pre-contractual obligations obligations and to enjoy the rights under the contracts concluded with you.
Objectives of processing:
- establish your identity;
- management and execution of your request and concluded contract;
- preparation and sending you a bill/invoice for the services you use with us;
- Retention of correspondence relating to made ordering, processing requests, reporting problems, etc.
- preparation of user profile;
On the basis of the concluded contract between us and you, we process information about the type and content of the contractual relationship as well as any other information related to the contractual legal relationship, including:
- personal data for contact contact address, email, phone number;
- identification details – full name, unique nationality number or ID number of foreigner, permanent address;
- Data on orders placed through the user Profile;
- emails, letters, information about your requests for Troubleshoot problems, complaints, requests, grievances;
- credit or debit card information, number of bank account or other banking and payment information in connection with the Payments;
The processing of the personal data mentioned is mandatory for us to be able to conclude the contract with you and fulfill it.
We we provide your personal data to third parties, our main purpose is to offer quality, fast and comprehensive service.
Personal we provide data to the following categories of recipients (personal data controllers data):
- postal operators and courier companies;
- persons performing consultancy services in various Spheres.
The data collected on this we delete 5 years after the termination of the contractual relationship, regardless of whether due to expiration of the contract, termination or other grounds. The period is determined by the 5-year limitation period period for possible claims under the contract.
FOR THE IMPLEMENTATION OF REGULATORY DUTIES
Possible there is a legal obligation for us to process your personal data. В these cases we are obliged to carry out the processing, such as:
- Obligations under the AML Act Money;
- performance of obligations in connection with the sale by distance, off-premises sales provided for in the Protection of consumers;
- providing information to the Commission for the Protection of consumers or third parties provided for in the Consumer Protection Act;
- providing information to the Commission for the Protection of personal data in relation to obligations under the legal framework for data protection;
- obligations provided for in the Accounting Act and Tax and Social Security Procedural Code and other related regulations, in relation to the keeping of proper accounting records;
- providing information to the court and third parties, in within the framework of proceedings before a court, in accordance with the requirements of the applicable proceedings regulations;
- age verification when shopping online.
The data, collected pursuant to a statutory obligation, we delete after the obligation for collection and storage be implemented or dropped. For example:
- under the Accounting Act for storage and processing of accounting data (11 years),
- Duties to provide information to the court, competent state authorities, etc. grounds provided for in the legislation in force (5 years).
When it is lawful for us obligation, we may provide your personal data to the competent public authority, natural or legal person.
WITH YOUR CONSENT
We we process your personal data on this basis only after explicitly, your unambiguous and voluntary consent. We will not provide any adverse consequences for you if you refuse the processing of personal data.
Consent is a separate basis for processing your personal data and the purpose of the processing is stated herein, and does not meet the objectives listed in this policy. If us consent accordingly and until it is withdrawn or terminated any contractual relationship with you, we prepare suitable proposals for products/services.
At this basis, we only process the data for which you have explicitly given us your Consent. The specific details are determined on a case-by-case basis. Typically, data include:
At this reason we may provide your data to marketers agencies and third parties.
Provided consents may be withdrawn at any time. Withdrawal of consent has no impact on the performance of contractual obligations. If you withdraw your consent to the processing of personal data in any or all of the ways described above, we will not use your personal data and information for the specified above objectives.
The data, collected on this basis, we delete at your request or 1 year after their initial collection.
PROCESSING OF ANONYMISED DATA
We we process your data for static purposes, this means for analyses in which the results are only aggregated and therefore the data are anonymous. It is impossible to identify a specific person from this information.
How we protect your personal data
About ensure adequate protection of the company’s and its customers’ data, we apply all necessary organisational and technical measures provided for in Data Protection Act.
С for maximum security in the processing, transmission and storage of your data, we can use additional protection mechanisms such as encryption, pseudonymization, etc.
Rights of Users
Each User of the Site enjoys all the rights of protection of personal data under Bulgarian and European law Union.
Each User is entitled to:
- Awareness (in relation to the processing of personal its data by the controller);
- Access to your own personal data;
- Correction (if data is inaccurate);
- Erasure of personal data (right ‘to be forgotten”);
- Restriction of processing by the controller or processor;
- Portability of personal data between different Administrators;
- Objection to processing of personal data;
- The data subject shall also have the right not to be subject to a decision based solely on automated processing involving profiling that produces legal effects for the data subject or by similarly affects him to a considerable extent;
- Right to a judicial or administrative remedy, in in the event that the data subject’s rights have been violated.
The user may request deletion if one of the following applies the following conditions:
- The personal data are no longer necessary for the purposes for which that have been collected or otherwise processed;
- The user withdraws his/her consent, on which the is based on the processing of the data and has no other legal basis for Processing;
- The data user objects to the processing and there are no legitimate grounds for the processing which override;
- Personal data have been unlawfully processed;
- Personal data must be erased in order to comply with a legal obligation under Union or Member State law which shall apply to the administrator;
- The personal data was collected in connection with offering information society services to children and consent is given by the person having parental responsibility for the child.
The user has the right to restrict the processing of their personal data by the controller when:
- Challenge the accuracy of the personal data.. In this case the restriction of processing is for a period which allows the controller to verify the accuracy of the personal data;
- The processing is unlawful, but the User does not wish to personal data to be erased, but requires instead a restriction of their use;
- The controller no longer needs the personal data for processing purposes, but the User requires them for the establishment, the exercise or defence of legal claims;
- objects to processing pending verification whether the legitimate grounds of the controller override the interests of Consumer.
Right to portability.
The data subject has the right to obtain the personal data which affect him and which he has provided to an administrator, in a structured, broadly used and machine-readable format and has the right to transfer these data to another controller without interference from the controller to whom personal data have been provided where processing is based on consent or of a contractual obligation and the processing is carried out in an automated manner. When exercising the right to data portability, the data subject shall have the right to obtain and direct transfer of personal data from one controller to another where technically feasible.
Right to Objection.
Users have the right to object to the administrator against the processing of their personal data. The personal data controller is shall be obliged to terminate the processing unless it proves that there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or to establish, the exercise or defence of legal claims. When objecting to the processing of personal data for the purposes of direct marketing processing should be terminated immediately.
Complaint to the supervisory authority
Any User has the right to lodge a complaint against unlawful processing of his personal data to the Commission for the Protection of personal data or to the competent court.