Notes on privacy policy
This privacy policy reflects the current status of the personal data you process.
In order to comply with the requirements of the new Regulation, you must at the same time:
This privacy policy is tailored to the relationship between you and your users. The most important condition for compliance with the requirements of the Regulation is to have full clarity about the personal data entering and leaving your company, as well as to adapt the processes on the site.
A good data protection policy is a prerequisite for compliance with the requirements of the Regulation, but the existence of such a policy does not guarantee compliance with all requirements.
Privacy policy
Information about the personal data controller:
“Paper Pages” EOOD is a company registered in the Commercial Register of the Registry Agency with UIC 206475251, with registered office and address of management: Plovdiv, p.k. 4023, zh.k. Trakia, bl. 155A, ent. A, 5th floor, apt. 15; Tel: 884855559; e-mail: info@paperpages.bg .
Personal Data Protection Officer: Georgi Rumenov Michokov, contact e-mail address: georgi@paperpages.bg
Reasons and purposes for which we use your personal data
We process your personal data on the following grounds:
In the following paragraphs you will find detailed information about the processing of your personal data depending on the basis on which we process them.
FOR PERFORMANCE OF A CONTRACT OR IN THE CONTEXT OF PRE-CONTRACTUAL RELATIONS
We process your personal data in order to fulfill the contractual and pre-contractual obligations and to enjoy the rights under the contracts concluded with you.
Purposes of processing:
Data we process on this basis:
Based on the contract concluded between us and you, we process information about the type and content of the contractual relationship, as well as any other information related to the contractual relationship, including:
o other information such as:
The processing of the specified personal data is obligatory for us so that we can conclude the contract with you and fulfill it. Without providing us with the above data, we would not be able to fulfill our obligations under the contract.
We provide personal data to third parties
We provide your personal data to third parties, and our main goal is to offer you quality, fast and comprehensive service. We do not provide your personal data to third parties until we are sure that all technical and organizational measures have been taken to protect this data and we strive to exercise strict control over the implementation of this purpose. In this case, we remain responsible for the confidentiality and security of your data.
We provide personal data to the following categories of recipients (personal data controllers):
When we delete data collected on this basis
We delete the data collected on this basis 3 years after the termination of the contractual relationship, regardless of whether due to the expiration of the contract, cancellation or other grounds.
FOR FULFILLMENT OF REGULATORY OBLIGATIONS
The law may provide for an obligation for us to process your personal data. In these cases, we are obliged to perform the processing, such as:
When we delete personal data collected on this basis
We delete the data collected in accordance with an obligation provided by law in the law, after the obligation for collection and storage is fulfilled or ceases to exist. For example:
Providing data to third parties
When there is an obligation for us by law, it is possible for us to provide your personal data to the competent state body, natural or legal person.
AFTER YOUR CONSENT
We process your personal data on this basis only after your explicit, unambiguous and voluntary consent. We will not foresee any adverse consequences for you if you refuse to process personal data.
Consent is a separate basis for the processing of your personal data and the purpose of the processing is stated in it, and is not covered by the purposes listed in this policy. If you give us the relevant consent and until its withdrawal or termination of any contractual relationship with you, we prepare suitable proposals for products / services, performing detailed analyzes of your basic personal data;
Data we process on this basis:
On this basis, we only process data for which you have given us your explicit consent. The specific data are determined for each individual case. Usually this data is email and name.
Providing data to third parties
On this basis, we may provide your data to marketing agencies, Facebook, Google or the like.
Withdrawal of consent
Concessions granted may be withdrawn at any time. Withdrawal of consent does not affect the performance of contractual obligations. If you withdraw your consent to the processing of personal data in any or all of the ways described above, we will not use your personal data and information for the purposes set out above. Withdrawal of consent shall not affect the lawfulness of the processing based on a consent prior to its withdrawal.
To withdraw your consent you only need to use our site or just our contact details.
When we delete data collected on this basis
We delete the data collected on this basis at your request or 12 months [1] after their initial collection.
PROCESSING OF ANONYMIZED DATA
We process your data for static purposes, ie for analyzes in which the results are only summary and therefore the data is anonymous. It is not possible to identify a specific person from this information.
Your data can also be anonymized. Anonymization is an alternative to deleting data. Upon anonymization, all personally identifiable items / items that allow you to be identified are irrevocably deleted. There is no legal obligation for anonymized data to be deleted, as they do not constitute personal data.
Why and how we use automated algorithms
For the processing of your personal data, we use partially automated algorithms and methods in order to constantly improve our products and services to adapt our products and services to your needs in the best possible way. This process is called profiling.
How we protect your personal data
To ensure adequate data protection of the company and its customers, we apply all necessary organizational and technical measures provided for in the Personal Data Protection Act.
The Company has established rules to prevent abuse and security breaches and has appointed a Data Protection Officer to assist in the processes of protecting and securing your data.
For maximum security in the processing, transmission and storage of your data, we may use additional security mechanisms such as encryption, pseudonymization and more.
Personal data we have received from third parties
We do not receive data from third parties.
Consumer Rights
Each User of the site enjoys all rights to personal data protection under Bulgarian law and European Union law.
The user can exercise their rights through the contact form or by sending a message to our email.
Each User has the right to:
The user may request deletion if one of the following conditions is true:
The user has the right to restrict the processing of his personal data by the administrator when:
Right of portability.
The data subject has the right to receive the personal data concerning him and which he has provided to the controller, in a structured, widely used and machine-readable format and has the right to transfer this data to another controller without hindrance from the controller. data are provided when the processing is based on consent or a contractual obligation and the processing is carried out in an automated manner. When exercising its right to data portability, the data subject shall also be entitled to receive a direct transfer of personal data from one controller to another where this is technically feasible.
Right to object.
Users have the right to object to the controller against the processing of their personal data. The controller of personal data shall be obliged to terminate the processing, unless he proves that there are convincing legal grounds for the processing, which take precedence over the interests, rights and freedoms of the data subject, or for the establishment, exercise or protection of legal claims. In the event of an objection to the processing of personal data for the purposes of direct marketing, the processing should be stopped immediately.
Complaint to the supervisory authority
Each User has the right to file a complaint against illegal processing of his personal data to the Commission for Personal Data Protection or to the competent court.
Maintaining a register
We maintain a register of the processing activities for which we are responsible. This register shall contain all the following information:
The data collected on this basis are stored for a period not longer than 12 months, according to the prescriptions of the CPDP.