PRIVACY AND DATA PROTECTION POLICY
PLEASE READ THIS PRIVACY AND DATA PROTECTION POLICY CAREFULLY BEFORE ACCESSING THE WEBSITE. IF YOU DO NOT AGREE TO ANY OF THE TERMS, DO NOT VISIT THE WEBSITE OR USE OUR SERVICES AND PRODUCTS IN ANY WAY, NO MATTER WHAT FORM THEY ARE ACCESSED.
Effective from: 01.06.2020
1. Who are we?
This document discloses the privacy and data protection policy (“Policy”) that is collected from users of the website at smartvarna.com (the “Website”) in connection with the use of the Website, its services, content and resources. The collection, processing and storage of personal data from users of the Website is carried out by Smart Varna Foundation as the data controller (“Controller”, “We
Smart Varna Foundation, registered under the legislation of the Republic of Bulgaria, UIC 205836460, with its registered office and registered address in the town of Varna. Varna 9000, Primorski district, ul. “Seliolu” 48.
This Policy forms an integral part of our Terms and Conditions of Use of the Website (“Terms and Conditions”), available here. All definitions given in the Terms and Conditions are also applicable to this Policy.
By accessing, browsing, registering, using in any manner the services and resources on the Website, you acknowledge that you have read, understand the meaning and significance of, and agree to be bound by, this Policy. By accessing the Website and Services, you expressly consent to our collecting, receiving, recording, organizing, collating, updating, modifying, retrieving and otherwise lawfully processing, using and sharing your personal data in accordance with this Policy.
Your use of the Website, its services and resources requires your consent to accept this Policy.
The collection, processing and storage of personal data of Website users is carried out in accordance with the requirements of the Personal Data Protection Act and applicable Bulgarian and European legislation in force.
We reserve the right to make amendments to this Policy at any time. New versions will be posted on the Website. If you have registered, you will be notified of such changes at the email address you have provided.
If you disagree with any changes to this Policy, you should notify us in writing, after which your Account will be deleted. In all other cases, you will be deemed to have agreed to the changes.
“Personal Data” means any data that contains identifying information (e.g. name, address, telephone, email, etc.). Before we receive and process your personal data, we require your explicit, informed and freely given consent to do so.
3. What data do we collect about you?
You have the right to access the Website without providing your personal data and registration. Access to the Website services requires the provision of personal data.
Personal data provided by you:
When you register to use the Website, you will be asked for information that is solely necessary for your use of the Website’s services and resources. The collection of this data is carried out in accordance with the strictest legal security requirements.
By creating a user profile, you confirm that you are at least 16 years of age. Users under the age of 16 must have the express consent of their parents or legal guardians in order to be granted access to the Website services.
Successful registration requires the completion of certain mandatory fields marked as required, as well as the creation of a unique password.
When creating an Account, you should provide your:
– first and last name;
– email address;
– date and year of birth;
Completion of optional fields upon registration or in the process of using the Website services is entirely at the discretion of Users.
The User is responsible for the contact information and other data provided that is false, fraudulent or refers to third parties (in all cases where the third parties have not consented to this), as well as for any illegal or malicious use of personal data and information.
Personal data containing information about the user’s health (e.g. sensitivity to given allergens, etc.) is processed solely for the provision and performance of the Website’s services.
We do not collect personal data that:
– reveal racial or ethnic origin;
– reveal political, religious or philosophical beliefs;
– disclose membership of political parties or organizations, associations with religious, philosophical, political or trade union aims;
– relate to health, sex life or the human genome;
– are provided by users under the age of 16 without the consent of their parents or legal representatives. The Administrator will delete any information submitted by or relating to users who are known to be under the age of 16 and have not obtained the consent of their parents or legal guardians to use the Website, Services and Content.
Data we collect automatically:
Whenever you visit the Website, we automatically collect the following data:
Information about your Device:
– We collect data related to your device (such as device model, version of operating system and browser you are using, and IP address).
– When you use the Website Services, we may collect and process information regarding your actual location (geo-location). We use a variety of means to determine location, including IP address, GPS, Wi-Fi access points and cell towers.
Information we collect when you use the Website Services:
– Information about web pages that link to the Website and those that the Website links to, date and time of visit, length of visit, Website loading speed, and other data in connection with your interaction with the Website.
– By using cookies, the Web server can save, for example, the preferences and settings on the User’s computer, mobile phone or other device, which data is automatically restored the next time the User visits. Cookies are used, among other means, to improve the user experience, such as not repeating the login process on a subsequent visit.
– We use the following types of cookies:
– Session cookies – allow the Website to associate User actions during the browser session. They can be used for a variety of purposes, such as to remember user preferences while browsing the Website. They could also be used for security purposes when the User accesses internet banking or to facilitate the use of web-based mail. Session cookies expire after the browser session and are not stored longer term.
– Persistent cookies – are stored on the User’s device between browser sessions that allow the User’s preferences or actions across the Website (and in some cases across different sites) to be saved. Persistent cookies can be used for a variety of purposes, including User preferences and choices when using a Website or to target advertising.
– We may allow third parties, such as advertising or analytics providers, to collect information using these technologies directly from our Website. The data they collect is subject to the applicable privacy policies of those third parties.
– Cookie settings in Google Chrome
– Cookie settings in Firefox
– Cookie settings in Internet Explorer
– Cookie settings in Safari
– Refusal of cookies by the User may result in limited functionality or in the inability to use the Website services.
4. What are the purposes of processing your personal data?
The personal data we collect is necessary for the provision of quality services and to provide you with timely technical and other assistance as needed.
We use the personal data you provide for the following purposes:
– To ensure secure and reliable use of the services and content by verifying your rights to access the services and resources you have requested;
– To continually improve the quality of our services and content by receiving your suggestions, advice and ideas for expanding existing services and introducing new services through our Website;
– To provide you with specialized information on how to make full use of and access promotions, campaigns, games and other resources on our Website, as well as instructions, guidance and other useful content through the data we receive about your preferences;
– Invite you to participate in surveys and user opinion polls about the quality and satisfaction of content and other resources on our Website;
– For other purposes permitted by law in connection with the quality performance of all current and future services and resources on the Website .
If the purposes change, we will inform you and ask for your explicit consent to process your personal data in accordance with the new purposes.
5. Who has access to your personal data?
Your personal data will not be transferred to third parties unless:
– you provide us with your explicit, informed and freely given consent;
– the third parties in question provide us with support under contract for the purpose of providing our products or services;
– this is required by law or by an act of a public authority;
– there is a reasonable need to protect the rights, property or safety of users of the Website or other protectable public interest;
– it is required in connection with the sale of a business, our company or its assets that are subject to confidentiality.
Our employees and partners have access to your personal data for the purposes of maintaining the Website and Services, but they are bound by a duty of confidentiality with respect to the data they access in connection with carrying out that activity.
Our employees and partners are duly informed of the importance of their duty of confidentiality and are responsible for fulfilling that duty.
We may share non-personally identifiable data with our commercial partners (media, marketing agencies and other business partners who have agreed to comply with this Policy) for the purpose of providing you with information about products and services, as well as promotions and offers, with your consent.
For any other purposes not specifically mentioned in this Policy, we will ask for your explicit consent, identifying our partners and the purposes for the transfer and sharing of data.
We may be required to disclose a User’s identity by a court order or an act of a public authority, particularly in the event of an investigation into violations of third party rights or the unlawful acquisition of personal data.
6. Your rights
Under applicable law, you have the legally recognized right to object to the processing of your personal data at any time without owing anything by sending an explicit request to the following address : firstname.lastname@example.org
You also have the right to be informed before your personal data is provided for the first time to third parties for direct marketing purposes, or where it is used on behalf of third parties. You have the right to object to this transfer or use without owing anything.
You have the right to access the personal data we hold about you in a structured, commonly used and machine-readable format by sending an explicit request to email@example.com.
You have the right to request the transfer of your personal data to another controller by sending an explicit request to the following address: firstname.lastname@example.org
If any of the information we hold about you is incorrect or inaccurate, you have the right to correct it by amending the information contained in your profile.
You have the right to contact us in order to request the complete deletion of your personal data by sending a request to the following address :email@example.com
You also have the right to request a restriction on the processing of your personal data in relation to individual collection, processing and sharing activities by sending an explicit request to firstname.lastname@example.org. You have the right to request that third parties who have access to your data be notified of the restriction, erasure or prohibition of the processing of your data, in order for those third parties to delete any links, copies or replicas of your personal data.
For data protection issues, the local supervisory authority is:
Commission for Personal Data Protection, address. “2 Tsvetan Lazarov, Tel. +359 2 915 3580 Fax +359 2 915 3525, e-mail: email@example.com, Website: http://www.cpdp.bg/
7. Where do we store your personal data and for how long?
Your personal data that we collect is stored on servers located in the territory of the Republic of Bulgaria.
We store your personal data for the period that you are a registered active user of the Website, or until the Services and/or the Website are discontinued.
In the event that you wish to delete your Account on the Website, the personal data held about you will be deleted without undue delay.
By way of exception, the further retention of personal data is permitted by law only in cases where it is necessary for the exercise of the right to freedom of expression and the right to information, for compliance with a legal obligation, for the performance of a task carried out in the public interest or in the performance of official functions assigned to us as Controller, for reasons of public interest in the field of public health, for archiving purposes in the public interest, for the purposes of scientific or historical research, or for statistical purposes.
8. Technological and organizational security measures for processing. Risks
Our aim is to ensure the quality and integrity of the data provided to us by users of the Website. To this end, adequate technological and organizational measures have been taken to contribute to the protection, accuracy, timeliness and completeness of the data.
All information you provide to us is stored on secure servers. We implement the appropriate technological and organizational measures necessary to protect your personal data and the appropriate level of protection to ensure the confidentiality and integrity of the data and prevent the destruction, loss, unauthorized alteration or unauthorized disclosure of personal data.
In the event that we have provided you with a code/password to access the Website, you acknowledge and agree that you are responsible for the protection and confidentiality of such code/password. Under no circumstances will we ask you to provide these code/passwords to any other person.
Regardless of the measures taken to protect your data, you should be informed that the transmission of data over the Internet or other open network is never completely secure and there is a risk that unauthorized third parties may access and use your data.
9. Contact details
For further information, complaints or to exercise your rights, you can contact us at:
– Address. 15 “Ruse St” Varna 9000
– telephone number: +359 885 569 693;
– e-mail: firstname.lastname@example.org
This Policy is effective from 01.06.2020 and is in accordance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).