Art. 1 General Provisions
IN xmcustomleather.com we undertake to ensure the confidentiality and protection of your personal data as a Data Privacy Administrator you provide to us.
This Policy explains when and why we collect personal information (“personal information” and “personal data” are used as identical terms in this Policy) for people who visit our site and use our services, how we use it, to reveal it to others and how we keep it.
Any questions related to this Policy may be sent to e-mail: email@example.com
Art. 2 About us
WE ARE xmcustomleather.com and provide services, products or general information about our business.
When we use “we” and “us” and verbs in this form in the text below, we mean xmcustomleather.com
Art. 3 How we collect personal information from you
We receive information about you when you use our site xmcustomleather.com, for example when you send a request for a quotation / information, or when you request, order and use the services provided on the site.
Art. 4 What kind of personal information we collect
We only collect basic personal data for you that do not include special categories of personal data (“sensitive data”). The personal information we collect may include the name, address, e-mail address, telephone number, other data required by the Accountancy Act and other laws as well as information about which pages are visited and when.
Art. 5 Why we need your data
We need to know your personal data in order to provide you with the services offered through this site within the framework of a contract between us in connection with the provision of such information as well as information you have requested or explicitly agreed to. We will not collect personal data that we do not need for the above purposes.
Art. 6 How to Use Your Information
We may use your information to:
- We provide the services you have requested, including processing your orders and fulfilling our obligations arising from the contractual relationship between us;
- We provide new information directly related to the services you have requested;
- Responding to inquiries and providing you with information you have requested, including help with resolving questions that have arisen in connection with your inquiries;
- We use re-marketing through trusted sites, including Google AdWords and Facebook;
- We look for your opinions or comments about our services and products / trainings;
- We make statistical analyzes and other analyzes to improve our services;
- We ensure that you retain your interests in the use of our site or services;
Art. 7 How long do we keep your information
We keep your personal data only as long as and for as long as it is necessary for the relevant activity for which it is provided or as provided in a contract between us, subject to the requirements and deadlines provided for in the Accountancy Act, Tax Laws and other applicable acts normative acts in the Republic of Bulgaria.
The data you provided for marketing purposes is retained until you notify us that you no longer wish to receive the relevant information from us.
Once the goals of processing your personal data have been met, we destroy them.
Art. 8 Who has access to your information
We will not sell, rent or share your information with third parties for marketing purposes.
We may transfer your information to third parties – service providers, subcontractors, and other affiliated organizations for the sole purpose of performing tasks and providing services to you on our behalf.
However, when we use third-party service providers, we only disclose the personal information that is required to provide the service and we have a contract with the third party that requires it to keep your information and not to use it for your own direct marketing purposes.
We will not provide your information to third parties for their marketing purposes unless you have requested this, or are required by law, legal action or to prevent fraud or other crime.
Providing your data to public authorities can only be done in the cases provided for by law and in a volume that does not exceed the purposes for which they are requested.
The Personal Data Protection Commission exercises legal control over the process of processing personal data and we provide full access to the personal data registers kept by us under the legal conditions for doing so.
Art. 9 Where we process your data
All personal data we process are processed in Bulgaria but for hosting and maintenance purposes this information is in Bulgaria. Third parties do not have access to your personal data, unless required by law.
Art. 10 In which cases will we contact you
You have a choice whether to get information from us or not.
We may contact you freely when and in so far as is necessary for the performance of the services you have requested, the contractual obligations between us to provide new information directly related to the services you have requested in response to Your inquiries, for the purposes of preserving your interests in connection with the use of our site or services or on the basis of a legal requirement. We have the right to send an email newsletter from the site for which you have subscribed to the newsletter with your email address.
We will not contact you for marketing purposes by e-mail, telephone, text, or mail unless you have given us your prior explicit consent or the communication is directly related to you and meets the requirements of the General Regulation protection of personal data (Regulation (EC) 2016/679),
Art. 11 How you can access, correct or delete your personal data
You have the right at any time to ask us:
- access to your personal data collected in the process of providing and using the services, including: confirmation that we process your personal data, what categories are, the purposes of that processing, and the recipients to whom the data is disclosed, and a copy of your personal data being processed and their source;
- Correcting information you have requested with us when it has become inaccurate or outdated, e.g. your email address, and any other information;
- deletion or blocking of your personal data when processing does not meet the requirements of the Personal Data Protection Act or the General Regulation on Personal Data Protection (Regulation (EC) 2016/679);
- Notification of such correction, deletion, or blocking of the third parties to whom your personal data has been disclosed, unless this is impossible or involves excessive effort.
The action you want to access, correct, delete, or block personal information is solely with respect to your personal data. It’s free.
To request access, rectification, deletion, or blocking of your personal data we process, you must send us a written application containing:
- name, address and other identification data of the individual concerned;
- a description of the request;
- preferred form for provision of the information under Art. 28, para. 1;
- Signature, date of filing of the application and address for correspondence.
- a power of attorney certified by a notary when submitted by an authorized person. The application can also be signed with an electronic signature.
The application is sent to an email: firstname.lastname@example.org
We will execute your request for access, correction, deletion or blocking within 14 days, subject to legal requirements and exceptions in this regard.
You will be notified of the decision to perform the requested action or the refusal to do so in accordance with the law. The notification will be sent to you by post with a receipt or you can receive it personally against a signature.
Article 12 How can you file an objection or complaint against the processing of personal data
In the cases provided by law, you are entitled to:
- You object to us against the processing of your personal data if there is a legitimate reason for doing so; where the opposition is justified, the personal data of the individual concerned can no longer be processed;
- oppose the processing of your personal data for the purposes of direct marketing;
- be notified before your personal information is disclosed for the first time to third parties or used on your behalf for the purposes of the preceding paragraph of this article, giving you the opportunity to object to such disclosure or use.
If you would like to make any complaint about the way your data is processed, you can contact us at email@example.com. If you are not satisfied with our response or do not believe that we are processing your data in a lawful way, you can contact the personal data protection authority – the Personal Data Protection Commission.
Address: Sofia 1592, “Prof. 2 Tsvetan Lazarov
tel .: 02/915 35 18, 02/915 35 15, 02/915 35 19, fax: 02/915 35 25
Web site: www.cpdp.bg
Article 13 Security measures available to protect your information from loss, misuse or alteration
When you give us personal information, we take action to ensure that it is handled in a secure manner. The Website xmcustomleather.com uses a secure communication protocol SSL certificate. HTTPS authenticates the site and the corresponding webserver on which it is uploaded. It also encrypts the client-to-server connection in two ways, providing protection against wiretapping, tampering or falsifying the content of the messages. In practice, this gives reasonable assurance that the user connects to the correct site (not a false copy), and ensures that the content of the messages between the user and the site can not be read or altered by third parties. Additional information about HTTPS (https://bg.wikipedia.org/wiki/HTTPS).
Non-sensitive information (your email address, etc.) is usually transmitted over the Internet, and can never be guaranteed 100% security. In this regard, while we strive to protect your information, we can not guarantee the security of the information you send us, and you do so at your own risk. Once we receive your information, we make every effort to ensure its security in our systems.
Art. 14 Profiling
We will not use automatic decision-making or profiling.
Art. 15 Using cookies
Art. 16 Links to other sites
Art. 17 Transferring personal information outside Europe
If you use our services while outside the EU, your information may be transferred outside the EU to provide you with these services.
Art. 18 Revision of this Policy
We review this Policy regularly to ensure quality and legitimate protection of your personal data. This Policy was last updated in March 2018 and is in line with the General Data Protection Regulation (Regulation (EC) 2016/679).