PRIVACY POLICY

A. INTRODUCTION

The privacy of our website is very important to us and we are committed to protecting it. This policy explains what we will do with your personal data.

This Policy for security and protection of personal data (for short “Policy”) covers the issues related to the personal data of natural persons, collected and processed by the municipality of Pernik, through the website https://iyc.pernik.bg (called for short ” Site”, “Website”, “Web page”), by electronic means (e-mail), telephone or by other means in which a natural person (for short “Subject”) voluntarily provides his data. The site is administered by employees of the municipality of Pernik. When processing personal data, the personal data administrator complies with all applicable personal data protection regulations, including but not limited to Regulation (EU) 2016/679 (“Regulation”) and the Personal Data Protection Act, because for for us, the security of the personal data of natural persons (inquirers, customers, suppliers, employees, others) is of primary importance. You can contact us either through the Site or by other means.

The policy contains information about individuals who provide their personal data or data to third parties. The document describes in detail who processes the data (personal data administrator), whose data the administrator processes (categories of personal data subjects), what data of natural persons is processed, how the administrator collects, processes, uses and protects this data and what rights they have regarding the processing of personal data subjects according to Regulation (EU) 2016/679 – General Data Protection Regulation (known as General Regulation or GDPR). Any person who has provided data on any occasion should familiarize himself with this Policy for the security and protection of personal data.

No third party may have access to personal data without first having entered into a data confidentiality agreement, which imposes on the third party obligations no less burdensome than those assumed by the municipality, and which entitles the same to carry out checks on compliance with the obligations imposed by the agreement.

This policy also applies to all employees of the company, as well as to external suppliers of products and services with which it has concluded contracts. Any violation of the General Regulation will be considered as a violation of labor discipline, resp. such as non-fulfillment of contracts with partners, and in case there is an assumption of a crime committed, the matter will be submitted for examination in the shortest possible time to the relevant state authorities.

For visitors to the Site who do not send inquiries through the contact form, but only browse our website, the Cookie Policy adopted and published on the Site applies. You should also note that this Security Policy does not apply to legal entities (companies and non-profit legal entities).

B. COLLECTION OF PERSONAL DATA

The following types of personal information may be collected, stored and used:

information about your computer, including your IP address, geographic location, browser type and version, and operating system;
information about your visits and use of this website, including the referral source, duration of visit, page views and website navigation;
information such as your email address that you enter when you register on our website;
information you enter when you create a profile on our website – for example, your name, profile picture, gender, date of birth, marital status, interests and hobbies, education and employment;
information such as your name and email address that you have entered to set up subscriptions to our emails and/or newsletters;
information you enter while using our website services;
information generated while you use our website, including when, how often and under what circumstances you use it;
information related to anything you purchase, services you use or transactions you make through our website that includes your name, address, telephone number, email address and credit card details;
information that you post on our website with the intention of being published on the Internet, which includes your username, profile picture and the content of your posts;
information contained in any communication with us sent to us by email or through our website, including the content of the communication and metadata;
any other personal information you send to us.

Before you share your personal data with us, we must obtain your consent to that disclosure and to the processing of that personal information in accordance with this policy

C. USE OF PERSONAL DATA

Personal information submitted to us through our website will be used for the purposes specified in this policy or on the relevant pages of the website. We may use your personal information to:

administer our website and business;
customize our website for you;
enable your use of services available on our website;
to send you items purchased through our website;
supply services purchased through our website;
send you applications, invoices and payment reminders and collect payments from you;
to send you non-marketing advertising communications;
to send you email notifications that you have specifically requested;
to send you our email newsletter if you have requested it (you can inform us at any time if you no longer wish to receive a newsletter);
to send you marketing communications relating to our business or the businesses of carefully selected third parties which we think may be of interest to you, by post or, if you have specifically agreed to this, by email or similar channel (you may inform us at any time if you no longer wish to receive marketing communications);
providing statistical information about our users to third parties (but those third parties will not be able to identify individual users from this information);
dealing with inquiries and complaints made by or about you relating to our website;
protecting our website and preventing fraud;
confirmation of agreement to our terms and conditions governing the use of our website (including the display of private messages sent through our site’s private messaging service)
other purposes.

If you provide personal information for publication on our website, we will publish and otherwise use that information in accordance with the permission you give us.

Your personal settings can be used to limit the publication of your information on our website and can be adjusted using our site administration.

We will not provide your personal information to third parties for their or anyone else’s direct marketing without your express consent.

Depending on the reason for the processing of personal data, the type of this data may be different. The functionalities provided on the Site are not intended for storage and processing of special categories of data within the meaning of Art. 9 and Art. 10 of the Regulation (see Art. 9 and Art. 10 – of the Regulation here). We only require such personal data that we need to provide the activity/service requested by the company. In the course of using the website https://iyc.pernik.bg by natural persons, employees may also process other data that do not contain personal data, but relate to the subject, such as his IP address, data on his activity in the site, etc. similar.

Depending on the specific action, we collect the following data:

your names;
address;
email address;
contact phone number.

In case you provide your personal data through Viber, Skype, Facebook or any other platform/social network, we inform you that these platforms/websites/social networks have their own privacy policies and that we do not accept any responsibility for these policies insofar as the processing on their part cannot be controlled by us. Therefore, we recommend that you check these policies before submitting your personal data to us through these websites/apps/platforms.

If you leave a post or comment on the site, your IP address will be saved. This is for the safety of the website operator. Apart from that, due to the fact that sending comments, inquiries and other messages to the site, Facebook page/group or their administrators, constitutes sending an electronic statement, according to the Law on electronic document and electronic authentication services (“ZEDEUU”) OSA has an obligation to maintain logs of the fact of sending the statement for a period of 1 year. The log contains the date of the statement, name and email address of the sender, if entered.

If you provide us with personal information about someone else, you must do so only with that person’s authorization. You must inform him of how we collect, use, disclose and store personal information in accordance with this Privacy Policy for Individuals.

When connecting your profile on the site with your Facebook or Google profile or with other third-party services (currently this functionality is not available), we also receive the information from these profiles (for example, friends or contacts). The information we receive from these services depends on the settings and privacy statements, so each person should check what they are.

In the course of performing our activity:

In the course of performing our activities, we may receive a number of personal data concerning both you and third parties. Therefore, when performing our services, we may need to process personal data, including:

sensitive personal data – these are such data that reveal racial or ethnic origin; political, religious or philosophical beliefs; membership in trade union organizations; genetic and biometric data; data on the state of health, as well as data on sex life or sexual orientation; bank accounts and bank transactions, private life data, etc.;
other data, including personal – data on property status, marital status, work experience, financial situation, judicial and extrajudicial claims by and against you, data on cases initiated by and against you, data on and about counterparties, etc.;
personal data of persons under and over 16 years of age;

D. DISCLOSURE OF PERSONAL INFORMATION

We may disclose your personal data to any of our employees, insurers, professional advisers, agents, suppliers or subcontractors as necessary for the purposes set out in this policy.

We may disclose your personal information:

to the extent we are required to do so by law;
to establish, exercise or protect our rights (including providing information to others for the purposes of fraud prevention and credit risk reduction);
to the buyer (or prospective buyer) of any business or asset that we sell (or intend to sell);

Except as stated in this policy, we will not provide your personal information to third parties.

E. INTERNATIONAL DATA TRANSFERS

The information we have collected may be stored, processed and transferred between any of the countries with which we operate so that we can use the relevant information in accordance with this policy.

The information we have collected may be transferred to the following countries that do not have data protection rights similar to those in force in the European Economic Area: United States of America, Russia, Japan, China and India.

Personal information that you post or provide in postings on our website may be accessible via the Internet worldwide. We cannot prevent the use or misuse of such information by others.

You expressly consent to the transfers of personal data described in this Section E.

F. STORAGE OF PERSONAL INFORMATION

This section E sets out our data retention policies and procedures, which are designed to help ensure that we comply with our legal obligations to retain and delete personal information.

Personal information that we process for any purpose or purposes will not be kept for longer than is necessary for that purpose or purposes.

Without prejudice to Part E-2, we generally delete personal data falling into the categories set forth below at the time or date set forth below:

Personal data will be deleted within 12 months of providing it

Notwithstanding the other provisions in Section E, we will store documents (including electronic documents) containing personal data:

to the extent required by law;
if we believe the documents may relate to potential legal proceedings;
to establish, exercise or protect our rights (including providing information to others to prevent fraud or reduce credit risk).

G. PROTECTION OF YOUR PERSONAL INFORMATION

We will take reasonable technical and organizational measures to prevent the loss, misuse or alteration of your personal information.

We will store all personal information you provide on our secure (password and firewall protected) servers.

You acknowledge that the transmission of information over the Internet is inherently insecure, and we cannot guarantee the security of data sent over the Internet.

You are responsible for keeping confidential the password you use to access our site – we will not ask you for your password (except when you log in to our website).

H. AMENDMENTS

We may update this policy from time to time by posting a new version on our website. You should check this page to make sure you understand any policy changes. We may notify you of changes to this policy by sending you an email or through our website’s private messaging system.

I. YOUR RIGHTS

You can instruct us to provide you with any personal information that we hold about you – the provision of such information will be subject to the following:

We may withhold personal information you have requested to the extent permitted by law.

At any time, you can instruct us not to process your personal information for marketing purposes.

In effect, you will either expressly consent in advance to us using your personal information for marketing purposes, or we will provide you with an opportunity to opt out of us using your personal information for marketing purposes.

J. THIRD PARTY SITES

Our website includes hyperlinks to and details of third party websites. We have no control over and are not responsible for the privacy policies and practices of third parties.

K. UPDATE OF INFORMATION

Please let us know if your personal information we hold needs to be corrected or updated.

L. PERSON RESPONSIBLE FOR THE PROTECTION OF PERSONAL DATA

Data Protection Officer is ____

Mailing address: ____