The protection of personal data and the protection of personal and financial information of our customers is a priority for TESTEL ENGINEERING LTD. Tips we are processing. Your information is exclusively based on the applicable legislation, namely: REGULATION (EU) 2016/679 on low data of the Parliament and of the Council of 27 April 2016 (according to the GDPR), the Personal Data Protection Act (PDPA), the Act on the electronic document and electronic authentication services (E-DEC) and the Electronic Commerce Act (E-Commerce) Act.
"Personal Data" is any information relating to an identified natural person or an identifiable natural person; an identifiable person is a person who can be identified, directly or indirectly, in particular by an identifier such as a name, an identification number, location data, an online identifier or by one or more characteristics specific to the physical, physiological , the genetic, psychic, mental, economic, cultural or social identity of that natural person.
"Processing of personal data" is any action or set of actions that the Company performs with respect to personal data by automatic or non-automatic means (such as: collecting, recording, organizing, grouping, storing, adapting, updating or correcting, amending, restoring , consequence, use, disclosure by transmission or provision, distribution, combination, blocking, deletion, destruction, etc.).
2. WHO PROCESSES AND IS RESPONSIBLE FOR YOUR PERSONAL DATA
TESTEL ENGINEERING OOD, EIK 103258900 (Administrator) is a commercial company registered in the Commercial Register at the Registration Agency, with headquarters and management address: 9154, Aksakovo, commune. Aksakovo, region Varna, South Industrial Zone
tel. 052/698862; E-mail: firstname.lastname@example.org Website: http://testel-eng.bg
TESTEL ENGINEERING OOD is a personal data controller within the meaning of Article 4, Paragraph 7 of Regulation 2016/679. You can contact us at the above addresses, telephones and e-mail.
3. BASIS FOR COLLECTION AND PROCESSING
TESTEL ENGINEERING LTD collects and processes your personal data on the basis of Art. 28, paragraph 3 of Regulation 2016/679 in connection with Art. 6, para. 1, b. from the GDPR.
4. TYPES OF PERSONAL DATA WE PROCESS
TESTEL ENGINEERING LTD processes the following types of personal data:
- two names;
- phone number;
- delivery address of a shipment, in cases where you send one;
- residence /city/village/;
- year of birth;
- EGN when we issue you an invoice;
- a bank account, in cases where you carry out bank transactions.
5. PURPOSES OF PROCESSING
- Identification of the author of the message;
- Carrying out full-fledged correspondence and addressing a reply to the author of the message;
- Receiving and processing orders for the purchase or delivery of goods and services, concluding contracts for the sale and delivery of goods and/or services;
- Invoicing and payment management, accounting purposes;
- Marketing objectives, analysis of user listings, search and behavior. Informing users and customers about upcoming promotions, advertising and marketing campaigns, etc. n.;
- Service and response to customer complaints/inquiries/applications under Art. 15-22 of Regulation 2016/679/appeals;
The Company collects, processes and stores personal data of individuals who wish to contact the Company through the contact form on the Administrator's website on the basis of Art. 6, para. 1, letter "a" of the Regulation, namely: "the data subject has given consent to the processing of his personal data for one or more specific purposes";
The personal data collected in the register are collected from the person upon receipt of an electronic message from him and only then are voluntary and informed consent provided by the person.
6. PRINCIPLES OF COLLECTION AND PROCESSING
When processing your personal data, the Company observes the following principles:
- Legality, good faith and transparency;
- Limitation of purposes of processing;
- Relevance to the purposes of the processing and minimization of the data collected;
- Accuracy and timeliness of the data;
- Limitation of storage in order to achieve the objectives;
- Integrity and confidentiality of processing and ensuring an appropriate level of security of personal data;
7. PROVIDING DATA TO THIRD PARTIES
The collected personal data may be transferred to third parties only with the express consent of the subjects of the personal data and in compliance with the other conditions stipulated in the Bulgarian legislation.
8. STORAGE PERIOD
The personal data of natural persons collected and processed in electronic messages received by them through the Company's website until the connection is maintained, the objectives for which they were collected are achieved or until the consent to provide the personal data is withdrawn - whichever of the two circumstances occurs later early.
After the execution of a specific delivery or after giving your consent, your personal data is stored for the following periods:
- 10 years for accounting documents, starting from the beginning of the year following the year in which the accounting document was issued.
- 5 years from the execution of a specific delivery, with a view to tracking the execution of each delivery and securing all issues related to complaints and legal claims.
- 1 year from receipt of consent – for e-mail for sending commercial and advertising messages, information materials, surveys, etc.
The destruction of personal data is carried out in compliance with a prescribed procedure for this, according to the internal documents of TESTEL ENGINEERING OOD.
9. SECURITY MEASURES
TESTEL ENGINEERING Ltd. has taken a wide range of technical and organizational measures to protect your personal data against loss or other forms of illegal processing in accordance with Art. 32 of Regulation 2016/679.
Personal data is accessible only to those persons who need access to perform their work in connection with the provision of our services. These persons are trained and empowered accordingly.
10. WHO HAS ACCESS TO YOUR DATA
TESTEL ENGINEERING OOD does not provide your personal data to third parties without a legal or contractual basis, and does not distribute data to third countries and international organizations outside the EU and EEA borders.
The transmission of your data to other processors of personal data is carried out only for the purpose of providing the service/delivery you have chosen, for marketing campaigns aimed at increasing the quality of the goods provided to you, in order to fulfill legal obligations of FAST MENU, namely:
- Transport/courier companies with a view to fulfilling orders;
- Companies for technical analysis of the service;
- The banks serving the payments made by you;
- Persons performing consulting services in various fields - legal, accounting, auditing, incl. forced debt collection, etc.;
- State administrative bodies - National Revenue Agency, etc., when applicable in cases provided for by law.
11. MINORS AND UNDERAGED
The company does not provide services to persons under 18 years of age. In the event that information is received about this, the data is deleted immediately, unless the law obliges their storage.
12. YOUR RIGHTS IN DATA COLLECTION, PROCESSING AND STORAGE
At any time while we are processing your personal data, you have the following rights:
1. Right of access – you have the right to know what your personal data is being processed by the Company. The administrator provides you, upon request, a free copy of the processed personal data relating to you. When you submit a request by electronic means, the Administrator provides the information in a widely used electronic form.
2. Right to rectification – you have the right to request rectification of your data stored by the Administrator if it is inaccurate or incomplete.
3. Right to object - in relation to data that is processed on the basis of "legitimate interest", you have the right at any time and on grounds related to your specific situation to object to the processing. In the event of such an objection, the Administrator is obliged to terminate the processing of your personal data, unless it proves that there are compelling legitimate grounds for the processing that take precedence over your interests, rights and freedoms, or in the event that the data are processed for the establishment, exercise or defense of legal claims.
4. Right to erasure ("right to be forgotten") - you have the opportunity to request the erasure of your personal data in the following cases:
- if the personal data are no longer necessary for the purposes for which they were collected;
- if the data subject exercises the right to object and there are no overriding legitimate grounds for the processing;
- if the processing was unlawful;
- if there is a statutory obligation of the administrator to delete the data;
5. However, the right to erasure does not apply in cases where the data is processed:
- to exercise the right to freedom of expression and the right to information;
- to comply with a legal obligation that requires processing provided for in Union or Member State law applicable to the controller or for the performance of a task in the public interest or in the exercise of official powers conferred on the controller;
- for reasons of public interest in the field of public health;
- for the purposes of archiving in the public interest, for scientific or historical research or for statistical purposes pursuant to Article 89(1) of Regulation (EU) 2016/679, insofar as the right to erasure is likely to make it impossible or seriously hinder the achievement of the objectives of this processing;
- for the establishment, exercise or defense of legal claims.
6. Right to limit processing - under certain circumstances, you can request the Administrator to limit (stop) the processing of your data. Such cases are the need to check the accuracy of the data, the basis for the processing or the legality of their processing.
You can exercise your rights under the above points by sending a request/objection to the Company at the following e-mail: email@example.com. The request/objection should contain a statement regarding the circumstance which you wish to exercise and should identify you as the data subject.
13. REPORTS OF IRREGULARITIES AND COMPLAINTS
If you believe that we have violated your rights in relation to your personal data, as well as that there is a risk of breaching the security of your personal data, you can report it to the following contacts:
tel. 052 698 862;
Exercising the above rights does not deprive you of the right to appeal. You can submit one to the supervisory authority of Bulgaria - the Commission for the Protection of Personal Data.
Name: Commission for the Protection of Personal Data;
Headquarters and management address: Sofia 1592, "Prof. Tsvetan Lazarov" #2;
Address for correspondence: Sofia 1592, "Prof. Tsvetan Lazarov" #2;
Phone: 02 915 3 518;
14. NOTICE OF CHANGES