GDPR
POLICY FOR PROTECTION OF PERSONAL DATA
This document discloses the Privacy and Privacy Policy ("Policy") that is collected by users of websites (URL) https://margobg.com (the "Website") in connection with the use of the Website, its services, content and resources. The collection, processing and storage of personal data by users of the Website is performed by Alfa Management Consult ET as a data administrator (Administrator, We) with identification number 102614133 and entered in the Register of Personal Data Administrators in the Commission for the Protection of Personal Data (CPDDP).
Effective from: 25.05.2018
Please familiarize yourself with this privacy and privacy policy carefully before accessing the Website and its services. If you do not agree to any of the terms and conditions, you should not visit the Website and not use our services and products in any way whatsoever.
ADMINISTRATOR OF PERSONAL DATA
The administrator of the personal data is: "Alfa Management Consult" ET, a company registered under the legislation of the Republic of Bulgaria, with UIC 102614133, with headquarters and address of management at 17, Petko Karavelov Str.
PROCESS AND VALIDITY OF ACTION
This Policy determines how your personal data you provide through the Website is processed in the process of using its services and resources.
"Processing of Personal Data" includes any action to collect, receive, record, organize, collate, update, modify, retrieve and otherwise legally use and share your personal data. The access, consideration and use in any way of the services and resources on the Website requires confirmation that you are familiar with, understand the meaning and meaning and agree to be bound by this Policy. Before accessing the Services on the Website, you should express your explicit consent to process your personal data under this Policy. You can give your consent to the above actions by clicking on the "I agree that my personal data be used under this Privacy Policy." When registering on the Website, sending an order without registration or sending a request via the contact available through the Website.
The collection, processing and storage of the personal data of the users of the Website is done in accordance with the requirements of the GDPR (Personal Data Protection Regulation) 2016/679 and the applicable Bulgarian and European legislation.
We reserve the right to make any changes to this Policy at any time. The new versions will be published on the Website. If you have a registration, you will be notified of such changes at the email address you provided. If you are a user who has granted access to your personal data without registration (when sending an order or inquiry) you will be notified of the changes to the email address specified in the process of using the services of the Website.
If you disagree with changes to this Policy, you should notify us in writing about this, and then your Account will be deleted.
"Personal data" means any data that contains identifying information (such as name, address, telephone, email, etc.). Before we receive and process your personal data, we require your explicit, informed and freely given consent to do so.
The Policy posted here is applicable and applies to registered and non-registered users of the Administrator's services available through the Website. This Policy does not apply to other websites, social networks, platforms, or companies that the Administrator does not control but to which they directly or indirectly refer, directly or indirectly, to the services and resources provided through the Website. You should be informed that all such websites, social networks, platforms or companies have their own personal data protection policies and that we are not responsible for them. You should familiarize yourself with the privacy policies of other websites, social networks, platforms or companies before providing personal data through the same.
DATA WE RECEIVE
You have the right to access the Website without providing your personal details and registration. Access to the Services of the Website requires the provision of personal data, for example, when registering, sending an order without registration, upon payment of one of the methods specified on the Website, by sending a request via the contact form available at the following links: margobg. com /
Personal data you provide:
When you sign up to use the Website or send an order without registration or inquiry through the contact form, you will be asked for information that is required solely to use the services and resources of the Website. The collection of these data shall be carried out in accordance with the applicable legal security requirements.
• When using the Services on the Website, you must be at least 16 years of age. By creating a profile or submitting an order or inquiry, you confirm that you are at least 16 years of age.
Successful registration or sending of a order or inquiry requires the completion of certain mandatory fields marked as mandatory. So we determine your age.
• When creating a user registration on the Website, it is required to create a unique password and provide the following data:
- name and surname;
- email address
- state and settlement.
• When sending an order without registration, the following details are required:
- name and surname;
- email address
- country, city, postal code and address
- a phone.
• When ordering by bank transfer, you grant access to:
- three names;
- Bank account number;
- bank name.
• When sending a request via the contact form available on the Website, the following information is required:
- name and surname;
- email address
- Subject and description of the inquiry.
The completion
of the optional fields when registering or using the services of the Website is
entirely at the discretion and responsibility of the Users. All non-binding
data you provide to us through the use of the Website or through any other
communication with us that we have not explicitly requested from you but
provided to us will be treated as personal data obtained with explicit consent
to processing.
We will process such data lawfully by applying the principles of minimization
and limitation.
The user is responsible for the provided contact information and other data that is untrue, false or refers to third parties (in all cases where third parties have not given their consent) and for any illegal or misuse of personal data and information.
We do not collect data that:
• reveal racial or ethnic origin;
• Disclose political, religious or philosophical beliefs;
• Disclose membership of political parties or organizations, associations with religious, philosophical, political or trade union goals;
• refer to the state of health, sexual life or the human genome, except when an undesirable side effect has been reported after use of the product;
• Provided by users under the age of 16 without the consent of parents or their legal representatives. The Administrator will delete any information sent by or referring to users known to be under the age of 16 and have not obtained the consent of their parents or legal representatives to use the Website, services and content.
Data that is collected automatically:
• your Device Information: Each time you visit the Website, we automatically collect the following data:
• device model data, version of your operating system and browser, and IP address.
• Location information: We may collect and process information about your actual location, including IP address, GPS, Wi-Fi access points and cell towers.
• Collecting information when using the Services of the Website: Information about websites that link to the Website as well as Websites referenced by the Website, the date and time of visit, visit duration, Website loading speed, and other data in a link to your interaction with the Website.
SHARING PERSONAL DATA WITH THIRD COUNTRIES
We may provide personal data to third parties, and our main purpose is to offer you and your represented person a quality and comprehensive service to meet your expectations. We do not provide your personal data to third parties before we are sure that all technical and organizational measures have been taken to protect this data by striving to carry out strict controls to meet this goal. In this case, we remain responsible for the confidentiality and security of your data.
We provide personal data to the following categories of recipients:
• postal operators with a view to sending items containing contracts, supplementary agreements and other documents and the need to certify the identity when they are served;
• Entities that provide equipment, software, and hardware used to process personal data needed to build the company's network and to perform various reporting, payment services and products, technical support, etc .;
• authorities, institutions and individuals to which we are required to provide personal data under current legislation;
• Banks to service payments made to and from you;
• Persons performing consultancy services in different spheres under a Processing Agreement between Administrator and Personal Data Processing;
Persons processing data in their own name:
• Competent authorities which, by virtue of a statutory instrument, have the power to require the provision of information, including personal data, such as courts, prosecution offices, various regulatory bodies such as the Consumer Protection Commission, the Personal Data Protection Commission, the NRA, NSSI, bodies with powers to protect national security and public order, etc.;
As third parties (external providers) process personal data about us, we monitor the full compliance of their activities with the requirements of the Privacy Regulation. External service providers are subject to strict supervision by our Data Protection Officer regarding compliance with applicable regulations.
Our employees and partners are duly informed about the importance of their obligation of confidentiality and are responsible for the fulfillment of this obligation.
We may share data that does not personally identify you with our trading partners (media, marketing agencies, and other business partners who have agreed to comply with this Policy) to provide your consent to product and service information as well as promotions and offers.
For any other purpose not expressly mentioned in this policy, we will request your explicit consent by identifying our partners as well as the purposes for data transfer and sharing.
By virtue of a judgment or governmental act of a public authority, we may be required to disclose the identity of a User, especially in the case of investigating violations of third party rights or unauthorized acquisition of personal data. In the case of disclosure of a user's personal data to a public authority in connection with an investigation or proceedings against him, we are not obliged to notify the user in question.
RIGHTS OF USE
• You have the legally recognized right without you owing anything at any time to object to the processing of your personal data by sending an explicit request or to the following email address: [email protected]
• You also have the right to be informed before your personal data is first provided to third parties for the purposes of direct marketing or when used on behalf of third parties. You have the right to oppose this transfer or use without you owing anything.
• You have the right to access the personal data we hold about you in a structured, widely used and machine readable format by sending an explicit request or to the following email address: [email protected]
• You have the right to request the transfer of your personal data to another administrator by sending an explicit request or to the following email address: [email protected]
In the event that some of the information we hold in your possession is incorrect or inaccurate, you are entitled to correct it by modifying the information contained in your account by sending an explicit request to the following email address: [email protected]
• You have the right to contact us in order to request the complete deletion of your personal data by sending an explicit request or to the following email address: [email protected]
• You have the right to request that you limit the processing of your personal data to individual actions of collection, processing and sharing by sending an explicit request or to the following email address: [email protected]
• You have the right to require third parties who have access to your data to be informed about the limitations, deletion or prohibition of processing your data in order to remove from those third parties all links, copies or replicas of your personal data.
COMPETENT AUTHORITIES FOR THE PROTECTION OF PERSONAL DATA
For personal data protection issues, the local supervisor shall be:
Commission for Personal Data Protection, address: Sofia, 1592, 2 Tsvetan Lazarov Blvd., Tel. +359 2 915 3580 Fax +359 2 915 3525, e-mail: [email protected], Website: http://www.cpdp.bg/.
Applications
for the exercise of rights are filed personally or by an explicitly authorized
person by a notarized power of attorney. An application may also be made
electronically, in accordance with the order for filing and filing an
electronic document provided by the legislation in force. The application shall
contain: (a) the name, address and other identification data of the individual
concerned; (b) a description of the request; c) the preferred form of
communication and actions under Art. 15-22 of Regulation (EC) 2016/679; (d)
signature, date of filing of the application and address for correspondence; e)
upon submission of an application by an authorized person to the application,
the relevant power of attorney shall also be enclosed.
TECHNOLOGY, PERIOD AND RISK OF STORAGE OF DATA
Your personal
data we collect is stored on servers located on the territory of the Republic
of Bulgaria. We store your personal data for the period you are registered as
an active user on the Website and for no longer than what is necessary to
achieve the above purposes or to discontinue the Services and / or the Website.
If you wish to delete your Profile on the Website, the personal data stored for
you will be deleted without undue delay.
By way of exception, it is permissible for the law to preserve personal data only in cases where it is necessary to exercise the right to freedom of expression and the right to information, to comply with a legal obligation, to carry out a task in the public interest or the performance of official functions assigned to us as an Administrator for reasons of public interest in public health, for purposes of public interest archiving for the purpose of scientific or historical research, or for statistical purposes, or for the establishment, exercise or protection of legal claims.
All the information you provide us is stored on secure encrypted link servers. We apply the appropriate technological and organizational measures necessary to protect your personal data and the appropriate level of protection that guarantees the confidentiality and integrity of the data and prevents the destruction, loss, unauthorized modification or unauthorized disclosure of personal data.
We store your personal data only for a limited period of time that we need to meet the processing goals outlined above. After this period, your personal data will be destroyed. If we process your personal data based on your explicit consent to us, we will store your personal data for a limited period of time as may be necessary to meet the specific purposes stated in the Declaration of Conformity.
In cases where we enter into a contract with you or a person you represent, we will store the personal data for the duration of the contractual relationship and, as far as applicable, after the termination of the contractual relationship, for such period as may be necessary in view of of the objectives set forth in this Notice. The criteria for determining the retention period are legal and contractual grounds, the limitation period for the payment of certain rights, the essence of the particular legal relationship, the nature of the particular data and the technical requirements. Legislation, in some cases, may require us to keep certain information for a certain period in the law.
In cases where we enter into a contract with you or a person you represent, we will store the personal data for the duration of the contractual relationship and, as far as applicable, after the termination of the contractual relationship, for such period as may be necessary in view of of the objectives set forth in this Notice. The criteria for determining the retention period are legal and contractual grounds, the limitation period for the payment of certain rights, the essence of the particular legal relationship, the nature of the particular data and the technical requirements. Legislation, in some cases, may require us to keep certain information for a certain period in the law.
In cases where we handle your personal data, based on your explicit consent, we process your personal data until you specify that we should stop the processing for a short period of time (so that we can fulfill your requests ).
In other cases, we may store your personal data for the required period after termination of our contractual relationship with you in order to protect ourselves from litigation or administrative proceedings or to administer our activities.
In the event that we have provided you with a password / password to access the Website, you acknowledge and agree that you are responsible for the protection and confidentiality of this code / password. In no event will we ask you to provide these code / password to others.
Regardless of the measures taken to protect your data, you should be informed that the transfer of data over the Internet or other open network is never completely secure and there is a risk that third parties will make unauthorized access to and use of your data.
CONTACT DATA
For further information, complaints or the exercise of your rights, you may contact us at:
• address: Burgas, 17, Petko Karevelov Str .;
• Phone number: +359887576035
• email: [email protected]
Contact form: For direct contact with the Data Protection Officer:
• Phone number: +359887576035
• Manager: Vasil Georgiev
• Email: [email protected]
This Policy is in force on 25 May 2018 and is in line with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 / EC (General Data Protection Regulation).