Home | Privacy Policy
Privacy Policy
Thank you for your interest in us!
Data protection is a particularly high priority for "MINERALCOMMERCE" AD, as the Administrator of personal data.
The processing of personal data of natural persons corresponds to the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016) and the specific data protection norms of the Bulgarian legislation, applicable to MINERALCOMMERCE AD.
This Privacy Policy applies to the website of the company "MINERALCOMMERCE" AD MINERALCOMMERCE.BG. It is based on the terms used in the General Data Protection Regulation, referred to in this declaration as GDPR for short. You can familiarize yourself with the terminology used here.
With this privacy statement, our organization would like to inform the visitors of our site about the nature and scope of the personal data that we process when they use our website and the purpose of their processing. In addition, data subjects are informed through this declaration of the rights they have regarding the protection of their personal data. As an administrator, MINERALCOMMERCE AD has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based applications may generally have security gaps, so absolute protection may not be guaranteed. For this reason, each data subject has the freedom to transfer personal data to us by alternative means, for example by telephone.
Using the website MINERALCOMMERCE.BG is possible without providing personal data, although if a data subject wants to uses special corporate services through our website, it may be necessary to process personal data such as name, address, e-mail address and telephone number of the subject. Personal data is processed in a minimal volume in order to provide a quality service. "MINERALCOMMERCE" AD is committed to maintaining the confidentiality of information about your personal data. If the processing of personal data is necessary, but we do not have a legal basis for such processing, we obtain the data subject's prior consent to the processing. In some cases, the subject's express consent to processing his personal data may not be necessary if there is another legal basis for this (contract, legal obligation, legitimate interests of the controller).
Name and contact details of the personal data controller:
"MINERALCOMMERCE" AD
Stara Zagora 6000, "Novozagorsko shose" str. No. 1, "Agrobiochem" site, the land of the village of Hristcheni
Bulgaria
Phone: +359 884 340048
Email: mail@mineralcommerce.bg
DEFINITIONS FROM THE REGULATIONS
In this statement we use the following terms:
Personal data / personal data.
Personal data means any information relating to an identified or identifiable natural person ("data subject"). A distinctive natural person can be identified directly or indirectly, in particular by an identifier such as name, identification number, location data, online identifier or one or more factors specific to physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
Data Subject
Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.
Processing
Processing is any operation or set of operations performed on personal data or sets of personal data, whether by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, disclosure by transmit, distribute or otherwise make available, arrange or combine, restrict, delete or destroy.
Restriction of Processing
Restriction of processing is the marking of stored personal data in order to limit their processing in the future.
Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to assess certain personal aspects related to an individual, in particular to analyze or predict aspects related to the individual's work on workplace, economic situation, health, interests, reliability, conduct, location or movements.
Pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific natural person without the use of additional information, provided that this additional information is kept separately and is subject to technical and organizational measures, to to ensure that personal data are not attributed to an identified or identifiable natural person.
The administrator or person responsible for the processing of personal data
The controlling authority or controller responsible for the processing is a natural or legal person, public body, agency or other body that alone or jointly with others determines the purposes and means of personal data processing; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its determination may be provided for by Union or Member State law.
Processor of personal data
The processor of personal data is a natural or legal person, public body, agency or other body that processes personal data on behalf of the controller.
Recipient
The recipient is a natural or legal person, public body, agency or other body to which the personal data is disclosed, regardless of whether it is a third party or not. However, public authorities that may receive personal data in the context of a specific investigation in accordance with Union or Member State law are not considered recipients; the processing of this data by these public authorities is in accordance with the applicable data protection rules in accordance with the purposes of the processing.
Third Party
Third party is a natural or legal person, public body, agency or authority other than the data subject, the controller, the personal data processor and the persons who, under the direct right of the controller or the personal data processor, have the right to process personal data.
Consent
The consent of the data subject is any freely expressed, specific, informed and unambiguous indication of the will of the data subject, by statement or by clear affirmative actions, which expresses his consent to the processing of personal data relating to him.
RIGHTS OF DATA SUBJECTS
Right of Confirmation and Right of Access
Each data subject has the right granted by the European legislator to obtain from the controller confirmation as to whether personal data relating to him or her are being processed and, if so, to obtain access to the data, including a free copy of the personal data being processed, as well as access to the following information:
- the purposes of the processing and the relevant categories of personal data;
- the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organizations;
- where possible, the intended period for which the personal data will be stored or, if this is not possible, the criteria used to determine that period;
- the availability of the right to request from the administrator the correction or deletion of personal data or to limit the processing of personal data concerning the data subject, or to oppose such processing;
- the availability of the right to submit a complaint to a supervisory authority;
- when the personal data is not collected from the data subject, the available information about its source;
- the existence of automated decision-making, including profiling referred to in Article 22 paragraphs 1 and 4 of the GDPR and, at least in these cases, substantial information about the logic used, as well as the meaning and intended consequences of such processing for the data subject.
- when personal data is transferred to a third country or an international organization, the data subject has the right to be informed of the appropriate safeguards related to the transfer.
Right to rectification
Each data subject has the right granted by the European legislator to request the controller to correct, without unreasonable delay, the correction of inaccurate personal data relating to him or the completion of incomplete personal data.
Right to erasure (right to be forgotten)
Each data subject has the right granted by the European legislator to request the controller to delete personal data relating to him without undue delay and the controller is obliged to delete the personal data without undue delay when any of the the following grounds:
- The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
- The data subject withdraws the consent on which the data processing is based and there is no other legal basis than the processing.
- The data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing or the data subject objects to the processing pursuant to Article 21(2) of the GDPR.
- Personal data has been unlawfully processed.
- Personal data must be deleted in order to comply with a legal obligation in Union or Member State law that applies to the controller.
- Personal data is collected in connection with the provision of information society services referred to in Article 8, paragraph 1 of the GDPR.
We may refuse to delete your personal data to the extent that processing is necessary:
- for exercising the right to freedom of expression and the right to information;
- for complying with a legal obligation on our part or for the performance of a task of public interest,
- for reasons of public interest in the field of public health;
- for the purposes of archiving in the public interest, for scientific or historical research or for statistical purposes, to the extent that deletion is likely to make impossible or seriously hinder the achievement of the purposes of this processing; or for the establishment, exercise or defense of legal claims.
Right to restriction of processing
Each data subject has the right granted by the European legislator to request from the controller the restriction of processing where one of the following applies:
- The accuracy of the personal data is contested by the data subject, for a period that allows the controller to verify the accuracy of the personal data.
- The processing is unlawful, but the data subject opposes the erasure of the personal data and instead requests the restriction of its use.
- The administrator no longer needs the personal data for the purposes of the processing, but it is required by the data subject to establish, exercise or defend legal claims.
- The data subject has objected to the processing pursuant to Article 21(1) of the GDPR until it is verified whether the legitimate grounds of the controller outweigh those of the data subject.
In the cases listed, the data will only be stored, but not processed.
Right to data portability
Each data subject has the right granted by the European legislator to receive his personal data, which have been provided to the controller, in a structured, commonly used and machine-readable format. He has the right to transmit these data to another controller without hindrance from the controller to whom these data have been provided, provided that the processing is based on consent pursuant to Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR a) of the GDPR, or of a contractual obligation according to Article 6, paragraph 1, letter b) of the GDPR, and the processing is carried out in an automated manner.
Furthermore, when exercising his right to data portability pursuant to Article 20(1) of the GDPR, the data subject has the right to obtain a direct transfer of personal data from one controller to another, where this is technically feasible and where this is not adversely affects the rights and freedoms of others.
Right to object
Each data subject has the right granted by the European legislator to object at any time on grounds related to his or her particular situation to the processing of personal data concerning him or her, such as direct marketing (unsolicited advertising messages ), as well as against automated processing, including profiling. In the event of an objection, MINERALCOMMERCE AD shall no longer process the personal data, unless it proves the existence of compelling legitimate grounds for the processing which take precedence over the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
If the data subject objects to processing for direct marketing purposes, MINERALCOMMERCE AD will not process the personal data for these purposes.
Furthermore, the data subject has the right, on grounds relating to his or her particular situation, to object to the processing by MINERALCOMMERCE AD of personal data concerning him or her for scientific or historical purposes or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
Automated individual decision-making, including profiling
Each data subject has the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects in respect of him or similarly significantly affects him, except if the decision 1) is necessary for the conclusion or performance of a contract between the data subject and the controller or 2) is permitted by Union or Member State law to which the controller is subject and which also provides for appropriate measures to protect rights and the freedoms and legitimate interests of the data subject or (3) is based on the express consent of the data subject.
If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the data controller or (2) is based on the express consent of the data subject, MINERALCOMMERCE AD implements appropriate measures to protect the rights, freedoms and the legitimate interests of the data subject, at least the right to human intervention by the controller, the right to express his point of view and challenge the decision.
Right to withdraw data protection consent
Each data subject has the right granted by the European legislator to withdraw his consent to the processing of his personal data at any time.
If the data subject wishes to exercise any of the rights described above for the protection of his or her personal data, he or she may at any time contact any employee of MINERALCOMMERCE AD through the contacts indicated. His request will be considered within the terms provided for in the GDPR.
Right to appeal to a supervisory authority and effective legal protection against an administrator or processor of personal data: In case you believe that we are violating Bulgarian or European legislation, please contact us to clarify the situation and so that we can take immediate action. In all cases, and without being obliged to notify us under the previous sentence, you have the right to file a complaint with the supervisory authority responsible for the protection of personal data in the Member State of the European Union of your habitual residence, place of work or place of the alleged violation . In Bulgaria, this supervisory authority is the Commission for the Protection of Personal Data, address: Sofia 1592, "Prof. Tsvetan Lazarov" No. 2 (www.cpdp.bg).
You have the right to an effective legal remedy when you believe that your rights to the protection of your personal data have been violated as a result of our processing of your personal data.
These rights are without prejudice to any other administrative or judicial remedies available to you under applicable law.