PERSONAL DATA PROTECTION POLICY (GDPR) AND COOKIE USE POLICY
The policy of the site Draka.bg is fully compliant with Regulation (EU) 2016/679 of the European Union for personal data protection. When using the Draka.bg website, the processing of personal data is possible and we ask for the user's consent in advance and announce the current policy for their protection. The processing of personal data, such as name, address, e-mail address or telephone number, is always in accordance with the General Data Protection Regulation (GDPR) and complies with country-specific data protection provisions. With this privacy statement we want to inform you about the scope and purpose of the data we collect, use and process. Users are informed through this privacy statement and the rights they have under the Regulation. Our site has implemented a number of technical and organizational measures to ensure the full protection of personal data of individuals received and processed through our site.
The privacy statement is based on the terminology used in the General Data Protection Regulation (GDPR). The data protection statement must be understandable to the general public, as well as to our customers and business partners. To ensure this, we would first like to explain the terminology used.
In this data protection statement we use the following terms:
1.1. Personal data
Personal data - any information that can be used to identify an individual ("user"). An individual who can be identified directly or indirectly, in particular by providing information such as name, location data, online identifier and others.
1.2. Data Subject / User
The data subject ("user") is any identified or identifiable natural person whose personal data is processed by us under the terms of the Regulation.
Processing, storing, adapting or modifying, retrieving, consulting, using, disclosing by transmitting, distributing or otherwise providing or combining, restricting, deleting or destroying personal data.
1.4. Limit processing
Restriction of processing is the marking of stored personal data in order to limit their processing in the future.
Profiling - any form of automated processing of personal data.
1.6. Control body / administrator
The controller or controller responsible for processing is a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing personal data, where the purposes and means of such processing are determined by the legal entity. EU framework.
The recipient is a natural or legal person, public authority, agency or any other body to whom personal data are disclosed, whether a third party or not. Public authorities that may receive personal data as part of a specific investigation in accordance with EU law are not considered a third party; the processing of this data complies with the applicable data protection rules in accordance with the purposes of the processing.
1.8. Third person
The third party is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct right of the controller or processor, have the right to process personal data.
The consent of the user is any free, specific, informed and unambiguous indication through a statement or through clear positive actions and gives consent for the processing of his personal data.
2. Name and address
Draka Tim EOOD
Varna, 3 Nikola Simov Str
Phone: + 359 888 704 499
Commission for Personal Data Protection with address: Sofia, ul. "Ivan Evstatiev Geshov" 15, tel .: 02 940 20 46 fax: 02 940 36 40; e-mail: email@example.com, firstname.lastname@example.org: Website: www.cpdp.bg.
- the right to lodge a complaint with a supervisory authority;
- the existence of automated decision-making, including profiling, specified in Art. 22 (1) and (4) of the Regulation, as well as the intended consequences of such processing.
The user has the right to receive information on whether his personal data is transferred to a third country or to an international organization. Where this is the case, the consumer has the right to be informed of the safeguards taken in connection with the transfer. If a user wishes to exercise this right of access, he can contact us at any time.
8.3. Right of correction
Every user has the right to request, without undue delay, the correction of inaccuracies in his personal data. Taking into account the purposes of processing, the user has the right to have completed incomplete personal data by providing an additional statement to that effect.
If the user wishes to exercise this right of correction, he can contact us at any time.
8.4. Right to delete ("right to be forgotten")
Every user has the right to request the deletion of his personal data without delay and we are obliged to delete them without undue delay when there is one of the following reasons:
- personal data are no longer needed for the purposes for which they were collected or processed;
- the user withdraws the consent on which the processing of his personal data is based, according to art. 6, paragraph 1a or art. 9 (2a) of the Regulation, and where there is no other legal reason to continue processing them;
- the consumer objects to the processing, according to art. 21, paragraph 1 of the Regulation and there are no lawful grounds for their processing or the consumer objects to their processing, according to Art. 21 (2) of the Regulation;
- personal data have been illegally processed;
- personal data are collected in connection with the provision of services referred to in Art. 8 (1) of the Regulation;
If one of the above reasons is available and the user wishes to request the deletion of personal data, he may contact us at any time. An employee of Draka.bg will immediately delete the data.
8.5. Right to limit the processing of personal data
Each user has the right to request a restriction on the processing of his personal data under the following conditions:
- the accuracy of personal data is challenged by the user, allowing the controller to verify their accuracy;
- the processing is illegal and the user's data is against the rules for deleting it and instead seeks to restrict their use;
- it is no longer necessary to process personal data, but they are required for the establishment, exercise or defense of legal claims;
- the user objects to the processing of his personal data, according to art. 21 (1) of the Regulation.
If one of the above conditions is met and the user requests a restriction on the processing of his personal data, he may contact us at any time. An employee of Draka.bg will limit their processing.
8.6. Right to data portability
Each user has the right to receive their personal data, which have been provided to us, in a structured electronic format. The user has the right to provide this data to another administrator, provided that the processing is based on Art. 6, paragraph 1a, art. 9, paragraph 2a of the Regulation or of a contract, according to art. 6 (1b) of the Regulation. In addition, when exercising the right to data portability according to Art. 20 (1) of the Regulation, the user has the right to provide personal data directly from one controller to another, where this is technically feasible in accordance with the Regulation. In order to establish the right to data portability, the User may contact us at any time.
8.7. Right to object
Every user has the right to object at any time to the processing of personal data relating to him on the basis of Article 6 (1) of the Regulation. The Site will not process personal data in the event of an objection, unless we have good reasons for processing them that exceed the interests, rights and freedoms of the user or for the establishment, exercise or protection of lawful actions. If Draka.bg processes personal data for the purposes of direct marketing, the user has the right to object at any time to their processing for this purpose. This refers to profiling related to direct marketing. If the user does not wish to have his data processed for direct marketing purposes, we are obliged to comply with this application.
8.8. Automated decision making, profiling
Each user has the right to refuse automated processing, including profiling, which produces legal consequences for him or similar significant impact on him, insofar as the decision is not necessary for the conclusion or performance of a contract between us and the user.
8.9. Right of withdrawal
Every user has the right to withdrawyou consent to the processing of his personal data at any time.
If the user wishes to withdraw his consent, he can contact us at any time.
9. Method of payment: Cash on delivery and delivery
In order to fulfill the consumer order and the so-called distance contract, which arises when ordering online and / or paying, we use the services of courier companies Econt Express.
We transfer the personal data of the courier company: Name, Surname, Phone and Address so that we can fulfill the user order and / or collect payments with it, if the payment method "cash on delivery" is chosen, which is also collected by the courier upon delivery of the ordered product / products. The company strictly observes the provisions for personal data protection. More information can be found on the website of the courier company: econt.com
Last update of the policy for personal data and cookies: May 25, 2018