Privacy Policy

Contact us

for a

Free Quote

Privacy Policy

„INFINITY BG-MEDIA GROUP“ Ltd.

Mandatory information according to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data

Information on the competent data protection supervisory authority:

Company Name:  „INFINITY BG-MEDIA GROUP“ Ltd.

VAT №:  BG204616803

Company address information:  kv. Nadezhda 4/ Bl. 410/ G/ 73,   1231 Sofia, Bulgaria

Contact address information:  kv. Nadezhda 4/ Bl. 410/ G/ 73,   1231 Sofia, Bulgaria

Phone:                         (+359) 883 33 05 09

E-mail:                         [email protected]

Website:                      https://webcommunication.bg

Registration of a personal data administrator in CPDP:   № 429996

Information on the competent data protection supervisory authority:

Name:      Commission for Personal Data Protection

Contact address information:    Boulevard “Professor Tsvetan Lazarov” № 2, 1592 Sofia, Bulgaria

Phone:         (+359)2 915 3 518

Website:      www.cpdp.bg

I. General Considerations

1. „INFINITY BG-MEDIA GROUP“ Ltd., VAT  BG204616803 (hereinafter referred to as “Administrator”, “Company”, “We”, “Us”), owner of the web site at https://www.webcommunication.bghas a serious regard for the security and the personal data of the users of the site (hereinafter referred to as “users”, “customers”, “you”, “you”) in accordance with the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the “GDPR” (General Data Protection Regulation) and “the Regulation”).

2. When you access our site or communicate with us through the site, we process your personal data. This Privacy Policy describes what data we process, for what purpose and for how long that information is stored, and what your rights are in relation to the collection, processing and storage of personal data.

3. „Personal data“ within the meaning of the Regulation is any information relating to an identified or identifiable live individual, as well as separate data collected together that result in the identification of a particular individual. If personal data has been identified, coded or aliased, but can be used to re-identify a person, they remain personal data and are treated as such by the GDPR. If personal data has been identified, coded or aliased, but can be used to re-identify a person, they remain personal data and are treated as such by the GDPR.

Examples of personal data  – your first and last name; home address; an email address, such as [email protected]; identity card number; location data (e.g., mobile phone location data feature) internet protocol address (IP); Cookie ID the ad ID of your phone and more.

Nonpersonal data  – data that are anonymous or irreversibly anonymized; company registration number; email to a company like [email protected] and more.

4. “Processing of personal data” is any action or set of actions that are performed on personal data by automatic or non-automatic means (collecting, recording, organizing, storing, distributing, providing, updating, blocking, deleting or destroying, etc.)

5. „Personal Data Administrator“ – in this case „INFINITY BG-MEDIA GROUP“ Ltd. as a company defining the data processing objectives and the means by which they are processed.

II. Changes to the Privacy Policy

6. We reserve the right to supplement and/or modify this Privacy Policy at any time for the purpose of timeliness, adequacy and legality, and the changes made will be displayed on the main page or other appropriate location visible to all users and will inform all registered users of the e-mail mentioned by them during the registration in order to get acquainted with them.

III. Reason for collecting, processing and storing your personal data

7. Personal data provided to the Company remain confidential and are processed only for the purpose for which they are requested. In the activities we perform we endeavor to require a minimum amount of personal data necessary for the normal and safe operation of the site and for the use of its functionalities.

8. Data processing is only performed in accordance with the laws and regulations of the Republic of Bulgaria and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.

9. We protect your data by technical and organizational means of manipulation, loss or harm from third parties. These measures are reviewed and adjusted periodically in accordance with current legal requirements.

10. We process personal data only when it is specifically required to provide a functional service or offer.

11. The administrator does not collect or process personal data that pertain to the following:

(1) reveal racial or ethnic origin;

(2) reveal political, religious or philosophical beliefs, or membership of trade unions;

(3) genetic and biometric data, health data, or data on sexual life or sexual orientation.

12. Personal data are collected by the Administrator from the persons to whom they refer.

13. The company does not make automated decision making with data.

IV. Goals and principles of collecting, processing and storing your personal data

14. We collect and process the personal data you provide to us regarding the use of the site and the use of our services, including for the following purposes:

(1) creating a profile;

(2) statistical purposes;

(3) protection of information security;

(4) sending a newsletter at your request.

15. We comply with the following principles when processing your personal information:

(1) lawfulness, good faith and transparency;

(2) limitation of processing objectives;

(3) relevance to processing objectives and minimization of collected data;

(4) accuracy and timeliness of the data;

(5) restriction of storage in order to achieve the objectives;

(6) integrity and confidentiality of processing and ensuring an adequate level of security of personal data.

16. When processing and storing personal data, the Administrator may process and store personal data to protect its legitimate interests:

(1) fulfillment of its obligations to the National Revenue Agency, the Ministry of Interior and other state and municipal authorities.

V. What kinds of data we collect, for what purpose and by what legal basis and for what period we store them

17. Below you will find a list of the data we process in relation to the individual sections of the site as well as the activities of the users. We reserve the right to update and supplement this Privacy Policy each time we enter a new service or functionality.

18. Logfiles.

Each time you access one of our site pages, your browser automatically transmits the following data to our server:

18.1. Data: The operating system you are using.

(1) data processing objective: evaluation of devices to ensure optimal site performance;

(2) legal basis: for the legitimate interests of the Administrator or of a third party;

(3) storage time: 30 days.

18.2. Data: information about the browser type and the version used.

(1) data processing objective: evaluation of devices to ensure optimum site presentation;

(2) legal basis: for the legitimate interests of the Administrator or of a third party;

(3) storage time: 30 days.

18.3. Data: User’s Internet Provider.

(1) data processing objective: ensuring the proper functioning of the website, productivity and security, for example (Fraud);

(2) legal basis: for the legitimate interests of the Administrator or of a third party;

(3) storage time: 30 days.

18.4. Data: IP address.

(1) data processing objective: ensuring the proper functioning of the website, productivity and security, for example Fraud Protection;

(2) legal basis: for the legitimate interests of the Administrator or of a third party;

(3) storage time: 30 days.

18.5. Data: date and time of accessing one of the pages on the website.

(1) data processing objective: ensuring the proper functioning of the website, productivity and security, for example Fraud Protection;

(2) legal basis: for the legitimate interests of the Administrator or of a third party;

(3) storage time: 30 days.

18.6. Data: in some cases, manufacturer and model of smartphone, tablet, or other terminal devices.

(1) data processing objective: manufacturer’s assessment and types of mobile terminal equipment for statistical purposes;

(2) legal basis: for the legitimate interests of the Administrator or of a third party;

(3) storage time: 30 days.

18.7. Data: logfiles.

(1) data processing objective: ensuring the proper functioning of the website, productivity and security;

(2) legal basis: for the purposes of the legitimate interests of the Administrator or a third party within the meaning of Article 6 of the Regulation;

(3) storage time: 30 days.

19. These data are technically necessary for the proper functioning of the website, for ensuring stability and security and for protection against misuse, and are not stored together with other personal data. Data for log files and for IP address is deleted at the latest after 30 days. Collecting this data and storing log files is essential for the proper functioning of the site, and users have no right to object to them. The data is also available from our hosting provider.

20. Cookies.

In some sections of the site at https://www.webcommunication.bg we use the cookies, which are small files that uniquely identify your browser. We use cookies to improve the quality of our services, including storing user preferences. Cookies are not viruses and therefore do not pose any threat to your computer. The Help menu on most browsers toolbar shows how your browser accepts or rejects new cookies, or how it tells you when you receive a new cookie, no matter what you think is more appropriate.

A full list of cookies and their usage goals as well as ways to exclude them from our site can be found on our Cookies Policy

21. Google Analytics.

This site uses Google Analytics, a Google Inc web analytics service.

Google Analytics uses the so-called cookies, i.e. text files that are stored on your computer and allow for site usage analysis. The information gathered through the cookies for your use of this website is usually transmitted to a Google server in the United States and stored there. To increase the security of your data, we use the “anonymizeIp” extension on our site. With such anonymization in EU Member States and EEA countries, your IP address gathered from Google Analytics will be cut off by Google before it is submitted to the US. Only in exceptional cases will the full IP address be transferred to a Google server in the United States and will be cut off there.

A technical explanation of how Google Analytics gives an anonymity to IP addresses can be read in Bulgarian here: https://support.google.com/analytics/answer/2763052?hl=bg

Upon order by the Administrator, Google uses this information to evaluate your use of the Website, prepare reports on website activities, and provide the Site Administrator with additional services related to the use of the Site. The IP address sent by your browser in the context of Google Analytics will not be merged with other Google data.

Supplier Details: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Data transfer to third countries: Yes, САЩ.

Guarantees under Art. 44ff of the Regulation: EU-US Privacy Shield.

More detailed information on Google Analytics Terms of Service and Data Protection can be found at https://www.google.com/analytics/terms/bg.html and at https://support.google.com/analytics/answer/6004245?hl=bg

21.1. Data: IP address (stored anonymously).

(1) data processing goal: On the Internet, any data transmission device needs a unique address, so called IP address. Because of the nature of the Internet, at least the temporary storage of the IP address is a technical necessity. IP addresses are abbreviated before each processing and processed only anonymously. There is no storage or further processing of unchanged IP addresses. With the help of shortened IPs, they collect geographic data.

(2) legal basis: legitimate interest within the meaning of Article 6, 1 of the Regulation.

(3) storage time: 14 months.

21.2. Data: unique customer identifier.

(1) data processing goal: Google Analytics usage analysis uses cookies with the identifiers _ga, _gid and _gat to identify computer systems. The data stored in these cookies is unique as long as the cookie is not deleted or expired. Narrow IP addresses collect geographic data.

(2) legal basis: legitimate interest within the meaning of Article 6, 1 of the Regulation.

(3) storage time: _ga: 2 years, _gid: 24 hours, _gat: 60 seconds.

21.3. Data:  device-related data such as device type, operating system model, browser type, and version.

(1) data processing goal: Website optimization and content customization, as well as a summary of use analysis.

(2) legal basis: legitimate interest within the meaning of Article 6, 1 of the Regulation.

(3) storage time: 14 months.

21.4. Data: usage-related information such as time of use, duration, place of use.

(1) data processing goal: Website optimization and customization of content, as well as a summary of use analysis.

(2) legal basis: legitimate interest within the meaning of Article 6, 1 of the Regulation.

(3) storage time: 14 months.

22. Opportunity to object:

If you do not agree with processing for the above purposes, you can prevent data collection from Google Analytics by disabling cookies for that. To do this, you must delete your cookies from the browser and make your selections in the Privacy Policy section at the bottom of the site.

Your choice is reserved for this browser only and only for this domain. If you delete your cookies in this browser or access the site through another browser or other device, you must re-select it.

Additionally, you can prevent cookies from being saved through the appropriate settings in your browser software, but keep in mind that the use of some features on the site may not be possible in this case. You may prevent the collection and processing of cookie data related to your use of the website (including your IP address) by downloading and installing a browser plugin from the following link: https://tools.google.com/dlpage/gaoptout?hl=en

23. Registration in the site

No registration is required to use the site for reading and viewing publications or products. Registration is voluntary and is only needed if you want to post a comment, buy a product or service that we offer, and get the necessary support (warranty or post warranty) of a purchased product or service. For registration, we require a minimum amount of data: To write a comment – a username, which may be a nickname and email address, to purchase a product (service) and / or follow up support – create a user profile with name and surname, e-mail and password. In addition, you must confirm that you have read and agree to the Privacy Policy and that you accept the Terms of Use of the Site.

These data are required for registration for the purposes of the legitimate interests of the Administrator or of a third party within the meaning of Article 6, 1 of the Regulation. When you log in, we use cookies to identify your browser.

List of data to be collected and processed:

23.1. Data: E-mail address (email address).

(1) data processing objective: site registration;

(2) legal basis: for the legitimate interests of the Administrator or of a third party;

(3) storage time: until the user’s registration is canceled.

23.2. Data: username.

(1) data processing objective: site registration;

(2) legal basis: for the legitimate interests of the Administrator or of a third party;

(3) storage time: until the user’s registration is canceled.

23.3. Data: password.

(1) data processing objective: processing of the registration;

(2) legal basis: for the legitimate interests of the Administrator or of a third party;

(3) storage time: until the user’s registration is canceled.

23.4. Data: IP address when registering on site.

(1) data processing objective: ensuring the proper functioning of the site, productivity and security;

(2) legal basis: for the legitimate interests of the Administrator or of a third party;

(3) storage time: until the user’s registration is canceled.

24. Data for newsletter.

You receive newsletter and news from us only if you have explicitly requested it.

We adhere to the legal norms and apply the so-called registration method DOI (double opt-in.) This means that only after you have confirmed your email address, we can subscribe to our newsletter. This way, we will make sure that your email address is not entered by another person. If you do not verify your email address, you will not be able to receive any messages from us. If you do not verify your email address within 7 days after you initially subscribe to a newsletter subscription, your name and email address will be removed from our system. You can unsubscribe at any time and withdraw your consent to submit news by clicking on the unsubscribe link in each newsletter or by emailing us at [email protected]. In this case, your name and email address will be deleted from our system.

When subscribing to a newsletter, we collect and process the following data:

24.1. Data: IP address at registration.

(1) data processing objective: proving the DOI (double opt in) method;

(2) legal basis: consent within the meaning of Article 6 (1) of the Regulation;

(3) storage time: 3 years after deletion of newsletter data.

24.2. Data: registration time.

(1) data processing objective: to prove the DOI (double opt in) method;

(2) legal basis: consent within the meaning of Article 6 (1) of the Regulation;

(3) storage time: 3 years after deletion of newsletter data.

24.3. Data: IP address at DOI.

(1) data processing objective: to prove the DOI (double opt in) method;

(2) legal basis: consent within the meaning of Article 6 (1) of the Regulation;

(3) storage time: 3 years after deletion of newsletter data.

24.4. Data: verification time at DOI.

(1) data processing objective: sending an information bulletin;

(2) legal basis: consent within the meaning of Article 6 (1) of the Regulation;

(3) storage time: 3 years after deletion of newsletter data.

24.5. Data: E-mail address.

(1) data processing objective: proving the DOI (double opt in) method;

(2) legal basis: consent within the meaning of Article 6 (1) of the Regulation;

(3) storage time: until withdrawal of consent; until objection.

24.6. Data: name.

(1) data processing objective: direct user address;

(2) legal basis: consent within the meaning of Article 6 (1) of the Regulation;

(3) storage time: until withdrawal of consent; until objection.

25. Contact form for contacting us.

When you contact us via the contact form on the site, you fill in only the name and email address. You can only use first name, only last name or nickname (optional), as you decide you want to address to you. Your personal data will only be used for the contact or for the purpose for which you have provided us with this data, to process your inquiries.

This information is expressly provided on a voluntary basis and with your consent. As far as this communication channel information is concerned (for example, email address, telephone number, if you have provided us with your request), you also agree that we can contact you via this communications channel to respond to your request.

25.1. Data: name / surname / alias (optional).

(1) data processing objective: direct user address;

(2) legal basis: on the basis of consent;

(3) storage time: until withdrawal of consent; until objection.

25.2. Data: E-mail address.

(1) data processing objective: query processing;

(2) legal basis: on the basis of consent;

(3) storage time: until withdrawal of consent; until objection.

25.3. Data: IP address.

(1) data processing objective: ensuring the proper functioning of the site;

(2) legal basis: for the purposes of the legitimate interests of the Administrator or of a third party – processing an inquiry;

(3) storage time: until withdrawal of consent; until objection.

VI. Conclusion of impact assessment

26. Given the small volume of data processed and the limited amount of personal data collected, an impact assessment is not necessary for all the operations described above in  Chapter V of this Privacy Policy.

VII. Term for storing your personal data

27. The administrator keeps your personal data for a period no longer than required unless it has a legal obligation to keep them for a longer period or for the purposes of their legitimate interest. After deleting your account, the Administrator takes the necessary care to erase and destroy all your data without undue delay or to anonymize them (ie to bring them in a form that does not reveal your personality).

28. In case the data retention period is to be extended in order to comply with a statutory obligation or with respect to the legitimate interests of the Administrator or otherwise, you will be notified by the Administrator.

VIII. Liability for links

29. The site at https://www.webcommunication.bg may contain links to external websites for which we are not responsible for the content.

30.  The content of these pages is the responsibility of the respective service provider, respectively the owner of the site. The web sites we link to are verified at the time of linking and no illegal content has been found. Permanent control of external pages without concrete evidence of an offense is unthinkable and does not enter into our duties.

31. If we detect a potential violation, we will remove the link immediately.

IX. SSL encryption

32. For security and security reasons when transmitting personal data, such as the personal data you enter when sending a request to us, this website uses SSL encryption. You will recognize the encrypted connection by going up in the http:// browser address bar with https:// and a padlock symbol appears. When using SSL encryption, the data you send to us can not be read by a third party.

X. Transmitting your personal data for processing

33. The administrator may, at its own discretion, transmit all or part of your personal data to processors for the fulfillment of the processing objectives you have agreed to, subject to the requirements of  European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016.

34. The Administrator notifies you in the event of intention to transfer part or all of your personal data to third countries or international organizations.

35. „INFINITI BG-MEDIA GROUP“ Ltd. keeps the personal data of the legal representatives of the legal entities – parties to the contract with the company for an indefinite period, in order to protect the legitimate interest of „INFINITI BG-MEDIA GROUP“ Ltd. and fulfill its legal obligations to state bodies and institutions.

XI. Your rights in the collection, processing and storage of your personal data

36. Withdrawal of consent for the processing of personal data.

36.1. If you do not want all or any of your personal data to continue to be processed by the Company for any particular or for any processing purpose, you may at any time withdraw your consent to processing by completing the FORM FOR THE WITHDRAWAL OF CONSENT FOR THE PURPOSES OF PROCESSING (Application 3) or make a free text written request and send it to the email address specified in the document.

36.2. When sending a request to withdraw consent to process your personal information, you should enter your email address that you used when registering on your site.

36.3. Your data will not be processed in the future, but it will not affect your comments already made by your username, which will remain public.

36.4. By withdrawing your consent to the processing of personal data that is mandatory for posting a comment on the site, your account will become inactive and you will only be able to use the site for reading but not for posting comments.

36.5. If you wish to use the site again with the ability to post a comment, you should create a new profile with an email other than the email that was associated with the account for which you have withdrawn your consent.

37. Right of access.

37.1. You have the right at any time to make a written inquiry as to which of your data have been recorded by requesting your application in writing or filling in the form by submitting your request in writing in free text or by filling in the form REQUEST FOR PROVISION OF PERSONAL DATA OBTAINED UP TO THE PRESENT DAY (Application 2) and send it to the email address specified in the document.

37.2. Upon request, we will provide you with additional information regarding the collection, processing and storage of your personal data.

37.3. Providing access to the data is free of charge, but the Administrator reserves the right to impose an administrative fee in the event of recurrence or disproportionate claims.

38. Right to rectification or replenishment.

38.1. If you want all or part of your personal data to be corrected or add data, you can do so at any time by requesting it in writing in free text or by filling in the PERSONAL DATA CORRECTION REQUEST (Application 1) and send the email address specified in the document.

39. Right to delete (“to be forgotten”).

39.1. You have the right to ask the Administrator to delete any or all personal data related to you and the Administrator has the obligation to delete them without undue delay when any of the following reasons exists:

(1) personal data are no longer necessary for the purposes for which they were collected or otherwise processed;

(2) You withdraw your consent on which the processing of the data is based and there is no other legal basis for the processing;

(3) You object to the processing of the personal data related to You, including for the purposes of direct marketing, and there are no legitimate grounds for the processing that will take precedence;

(4) personal data has been tampered with;

(5) personal data must be deleted in order to comply with a legal obligation under EU law or the law of a Member State that applies to the Administrator;

(6) personal data have been collected in connection with the provision of information society services.

39.2. The administrator is not obliged to delete personal data if he / she keeps and processes them:

(1) to exert the right to freedom of expression and the right to information;

(2) to comply with a legal obligation which requires treatment provided for under EU law or the law of the Member State applicable to the Administrator or for the performance of a task of public interest or in the exert of the official authority conferred on it;

(3) for reasons of public interest in the field of public health;

(4) for purposes of archiving in the public interest, for scientific or historical research or for statistical purposes;

(5) for the establishment, execution or protection of legal claims.

39.3. In case you exert your right to be forgotten, the Company will delete all your data except for the following information:

(1) information that is necessary to verify that your right to be forgotten is fulfilled – email, IP address;

(2) the comments you have made so far on the site.

39.4. In order to exert your right to be forgotten, you must request a written request in free text or fill in a PERSONAL DATA DELETE FORM (Application 4) and send it to the email address specified on the form.

39.5. In order for your request to be processed, it is necessary that the request be sent from the email address you entered when registering in our system.

40. Right of limitation.

40.1. You have the right to require the Administrator to restrict the processing of related data when:

(1) contest the accuracy of personal data for a period that allows the Administrator to verify the accuracy of the personal data;

(2) processing is illegal, but you do not want personal data to be erased but only to be limited;

(3) The administrator no longer requires personal data for the purpose of processing, but you require them to establish, exercise or protect your legal claims;

(4) You have objected to processing pending verification that the legal grounds of the Administrator have an advantage over your interests.

40.2. In case you exert your right of limitation, the Company will cease processing your data but will not remove the comments you have made on the site.

41. Right of portability.

41.1. You can, after legitimisation, ask the Administrator who processes your personal data to transfer it directly to an administrator you provide when it is technically feasible. This is only applicable when:

(1) data processing is based on your consent;

(2) processing is done in an automated manner.

41.2. To exert your right of portability, you must request a written request in free text or fill in a PERSONAL DATA TRANSFER REQUEST (Application 5) and send it to the email address specified in the form.

42. Right of objection.

42.1. You may object at any time to the processing of personal data by the Administrator that apply to you, including if it is being processed for profiling or direct marketing purposes.

43. Your rights in violation of the security of your personal data.

43.1. If the Administrator detects a privacy breach that may pose a high risk to your rights and freedoms, we will notify you without undue delay of the violation as well as of the measures that have been or are being taken.

43.2. The administrator is not required to notify you if:

(1) has taken appropriate technical and organizational measures to protect data subject to the security breach;

(2) has subsequently taken measures to ensure that the violation will not lead to a high risk for your rights;

(3) notification would require disproportionate efforts.

44. Other provisions.

44.1. The administrator shall only transfer data to third countries after having taken the necessary measures to maximize their protection in accordance with objective capabilities and has informed the data subjects to whom they are concerned by offering them a choice and having received their consent.

44.2. In case of violation of your rights under the above or applicable data protection laws, you have the right to file a complaint with the Personal Data Protection Commission as follows:

Name:  Commission for Personal Data Protection

Headquarters and address of management:   Sofia 1592, 2 “Prof. Tsvetan Lazarov” blvd.

Address for correspondence:  Sofia 1592, 2 “Prof. Tsvetan Lazarov” blvd.

Phone:  02 915 3 518

Website:   www.cpdp.bg

44.3. You may exercise all of your rights to protect your personal data by printing, filling in and submitting the forms enclosed with this information. These forms are designed for ease of use and are not necessarily used. You can make your claim in any form that contains a statement about it and identifies you as the data holder.

XII. APPLICATIONS

45. PERSONAL DATA CORRECTION REQUEST (Application 1)

46. REQUEST FOR PROVISION OF PERSONAL DATA OBTAINED UP TO THE PRESENT DAY (Application 2)

47.  FORM FOR THE WITHDRAWAL OF CONSENT FOR THE PURPOSES OF PROCESSING (Application 3)

48. PERSONAL DATA DELETE FORM (Application 4)

49. PERSONAL DATA TRANSFER REQUEST (Application 5)

 

This Privacy Policy applies from 24.05.2018.

Search For

Popular Tags

Search For

Popular Tags