Privacy policy

Privacy policy

The current website https://samelyon.com is managed by Samel-90 AD, with UIC: 129007983.

This Privacy Policy is a statement under Articles 13 and 14 of the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of data). personal data and on the free movement of such data and on the repeal of Directive 95/46 / EC) of Samel-90 AD and the companies in its corporate group.

In carrying out our activities, the protection of your data is a top priority for us and therefore we strive to process it while minimizing the data and limiting the time for their storage, applying appropriate technical and organizational measures for its security. We value the privacy of your life and health and the confidentiality of your data.
This Privacy Policy aims to provide you with general information about how and what types of personal data we process (respectively collect from and for you), why we need them, to whom they can be provided or disclosed and for what period of time be stored.
Contents:
1. Personal data administrator
2. What types of personal data does the Company process?
3. Purposes of personal data processing
4. How does the Company collect and process your personal data?
5. Who will have access to your personal data?
6. Where will your personal data be processed?
7. What are your rights in relation to your personal data?
8. How long does the Company store your personal data?
9. How can you contact us?
10. When is this Policy updated?

 

1. Personal data administrator
The quality of "personal data controller" is the person who individually or jointly with another person determines the purposes for which personal data will be processed (collected, used and stored) on paper or in electronic form.
The company will act as an administrator of your personal data when there is a reason for its processing, for example in connection with a request sent to us through the contacts listed on the website or through the contact form; with the performance of or the defense against your claims against the Company; with the realization of other legal / legitimate interests of the Company
In certain cases, the Company may process your personal data as a joint controller with other data controllers, who also legally process information about you, as well as a processor - when the Company is assigned such processing. In such cases, the Company will continue to take care of the security and confidentiality of your data.
2. What types of personal data do we process?
Processed personal data
You can generally visit this website without telling us who you are or disclosing information about yourself. Our web servers collect IP address sources for IT purposes, allowing you to connect to our platform providing our services without collecting email addresses from visitors. In addition, there are parts of this website where we need to collect personal data from you for a specific purpose - to make inquiries.
For any data processing for which you consent, you have the right to refuse or withdraw your consent at any time.
We may process personal data about you, for example:
- when establishing a contractual relationship with you or with a natural or legal person you represent - because it is important for us to identify the person who, by signing the contract or document addressed to us or prepared in connection with certain relationships with us, and assuming him or for a third party certain rights and obligations, is actually the person who has representative power;
- when making business contacts with you - when you yourself have provided us with contact details on the occasion of our current or possible future business ventures, or when your contact details have been provided to us by your employer in connection with your official functions;
- when considering your inquiries / complaints / requests / complaints and resolving disputes with you - because it is important for us to approach your requests and complaints individually and to respond to your expectations and needs in the best possible way;
- when visiting our management address, where video surveillance is performed - because the security of the building in which we store your data is extremely important both for us and for the confidentiality of your life and health.
We apply directly and immediately the principle of minimizing the processed personal data.
We do not collect from you personal data revealing racial or ethnic origin, religious or philosophical beliefs or membership in trade unions, as well as the processing of genetic data and other sensitive personal data, therefore in the course of your communication with us you should not disclose such data.


3. Purposes of personal data processing.

The purposes for which we process your personal data are: - fulfillment of legal obligations and contractual obligations; - the fulfillment of your inquiries, requests, requests, applications and complaints to the Company or related to its activity;

- protection of the rights and interests of the Company in connection with the performance of contracts to which you are a party, you are a representative of a party or from which you exercise rights;
- realization of legal / legitimate interests of the Company, related to its commercial activity, business processes or direct marketing;
- direct marketing.
4. How do we collect and process your personal data?
In order to achieve these goals, we collect data about you in various ways, most often the processed personal data is provided personally by you or by a public register.
We process your personal data in the application of a number of technical and organizational security measures, through various processing operations (including, but not limited to: collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or other means of making the data available, arranging or combining, restricting, deleting or destroying), performed manually and automatically. The type and manner of performing the specific processing operations depend on the set processing goals and the business processes related to these purposes. In the course of our processing activities, we may use processors in respect of whom we exercise control over compliance with the requirements for a high level of security and confidentiality of the processed personal data. It is important to keep in mind that, as mentioned above, your consent to the processing of personal data is not the only legal basis on which we justify our data processing activities. Therefore, we will lawfully process information about you, even if you do not explicitly consent to this processing or if you have given your consent, you have exercised your right to withdraw the consent thus given for processing.
5. Who will have access to your personal data?
We ensure that your personal data is processed only in accordance with the purposes set out above. In connection with these purposes, your data may be provided / disclosed / transferred to third parties acting as controllers of personal data, in their capacity as joint controllers or processors.
As mentioned above, the security of your data is a priority for us.
 
6. Where will your personal data be processed?
Your data is mainly processed on the territory of the Republic of Bulgaria and within the European Union - in the Republic of Bulgaria. In rare cases, your personal data may be processed outside the European Union, and there will always be contractual restrictions regarding the confidentiality and protection of data in accordance with the applicable requirements of the legislation in force in the Republic of Bulgaria.
Such processing of personal data outside the territory of the European Union may occur when using information communication services (including on your own initiative) - for example through emails or communication applications, when the e-mail servers used are based on hardware devices located outside the territory of the European Union.
Regarding the place of processing of your data, it should be stated that the Company may also use "cloud" technologies for the processing of your data. In this regard, we would like you to know that our practice requires the conclusion of a contract with providers of such technologies, which contains explicit instructions on data protection measures and their confidentiality, which providers are obliged to comply with.
 
7. What are your rights in relation to your personal data?
The practices and methodologies adopted by us for data protection and ensuring information security set the parameters of the established measures, which are aimed at:
- ensuring the confidentiality of information by applying a system of approved restrictions on access to and disclosure of information;
- ensuring the integrity of information by protecting against unauthorized alteration or deletion of information;
- ensuring the availability of information through reliable and timely access to information;
- achieving accountability of information - by introducing control over access and rights to information systems.
As a data subject, pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data ( ("General Data Protection Regulation"), you have the following rights:

- the right of access to your data - at your request, we will provide you with information about your data that is being processed; - right to correct your data - in case you believe that certain of your data that we process are no longer up to date or are incorrect for any other reason, you have the right to request correction of this data that is being processed;
- the right to delete your data ("right to be forgotten") - you have the right to request the deletion / deletion of the data we process for you, and we will respect your request only if there is no longer a legal basis for us to process your data. Accordingly, we may partially respect your request for deletion / deletion;
- the right to limit the processing - you have the opportunity to exercise this right only when you have challenged the accuracy of your processed data, and the restriction of processing can only be for the period in which we check the accuracy of your data; when the processing is illegal but you oppose the deletion of the data; when we no longer need your data for the purposes of processing, but you as a subject of personal data require them for the establishment, exercise or protection of your legal claims; when you have objected to the processing and a check is expected on whether the legitimate interests of the controller take precedence over your interests as a data subject;
- the right to data portability - you can ask us to transfer all or part of your data, which is being processed and which you have personally provided to us, to you or another administrator in a machine-readable format, when the processing of this data is on the basis of your consent or on the basis of performance of a contract and when the processing is carried out by automated means;
- the right to object to the automated processing of your data, to the processing through profiling and to the processing for the purposes of direct marketing - we provide you with the opportunity to exercise this right at any time and completely free of charge;
- the right to be informed about security breaches - You have the right to be informed in a timely manner of any breach of the security of your data and we will fulfill our obligation in this regard by publishing information on our website about any such breach, and may we send information by e-mail when you have provided it to us and it is correct;
- the right to object to processing for the purposes of direct marketing - You have the right, at any time, to change your marketing preferences and withdraw your consent to the processing of your personal data for the purposes of direct marketing or to object to such processing;
- the right to withdraw a consent to the processing of personal data - You have the right, at any time, to withdraw your consent to the processing of personal data. We would like to know that your consent is not the only basis for the processing of your personal data, therefore it is possible that we will continue to process your personal data after the withdrawal of your consent.
You can exercise the described rights by contacting us at the contacts described below and by filling in an Exercise Form under the General Data Protection Regulation, which you may request to be sent to you. The completed Form should be submitted to our office with the address below on paper.
Given the fact that we make contact (establishes legal relations) with different categories of persons and on different occasions (including on the occasion of your actual and indirect participation in certain events), the proper consideration of your application for exercise of rights is directly related to the exact establishment on your part of circumstances in which the Company had to process your personal data.
In exercising your rights as a subject of personal data, we need to request and process certain of your personal data for the purposes of establishing and verifying your identity. As a controller of personal data, we are not only obliged to provide a way for the exercise of your rights, but it is also obliged to ensure that these rights will be exercised only by the subjects who are actually holders of the relevant right regulated by the General Protection Regulation of the data.
Your application for the exercise of rights will be considered in a timely manner, in the most general case for no more than 30 (thirty) calendar days, unless your request is specific and does not involve an in-depth study of information. Given the fact that we highly value the need for data protection, we have established and implemented a procedure for examining applications for the exercise of rights under the General Data Protection Regulation, which also sets out the deadlines for processing and responding to an application for exercise of rights by a data subject.
8. How long do we store your personal data?
The processing time of your data is also in accordance with the purposes of processing and the regulatory requirements for storage of accounting and tax information. Determining the specific period for storage of your personal data is directly determined by the type of relationship that we have established with you and on the occasion of which we have processed personal data about you.
We will not store your personal data for longer than necessary and will only store it for the purposes for which it was collected.

9. How can you contact us? Samel-90 AD and the companies in its group have no obligation to appoint a Data Protection Officer, due to which there is currently no such appointed person. You can contact us at the address: 18 Prespa Str., 2000, Samokov, phone: +359 (0) 722 6 82 30, email: office@samelyon.com Regarding the collection and processing of your personal data, you can also contact the Commission for Personal Data Protection at: Sofia 1592, Blvd. "Prof. Tsvetan Lazarov ”2;
www.cpdp.bg

10. When is this Policy updated? We reserve the right to change or supplement this policy, we will notify you on this website of possible significant changes at least 30 days after the change and, where appropriate, by email notice.