As a data controller, "KMP BUILD" Ltd. applies the principles of personal data processing and hereby provides information and conditions for exercising the rights of data subjects in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data ("General Data Protection Regulation" or "Regulation") and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) and in accordance with the Personal Data Protection Act.
"KMP BUILD" Ltd. is a legal entity, with registered office and management address: Sofia, Tsvetan Lazarov Blvd. № 84, Unified Identification Code: 205470283, telephone: +359 889 97 97 46, email address: officefix2024@gmail.com, and official website [INSERT WEBSITE HERE].
This "Privacy Policy" ("Privacy Policy" or "Policy") aims to inform each Customer (as defined below) of the Company about the processing of data through which the specific Customer is identified or can be identified.
For the purposes of the Policy, "Customer" means any natural person party to a contract with the Company for the purchase and sale of goods, as well as a natural person expressing willingness to enter into pre-contractual relations with the Administrator and/or user of This Application.
What personal data do we process:The Company processes, as a data controller, the following groups of personal data of Customers:
Physical identity - names, Personal Identification Number (PIN), address, phone number, email address;
Economic identity - information about bank account number. Personal data is collected by the Administrator from the individuals to whom it relates.
How do we collect personal data: We collect personal data:
during the registration process of the FIX internet application and when using the application without registration;
during correspondence with the Customer, which may include communication in written form, including electronic form, and oral form;
through "cookies" when using or browsing our website. In some cases, it is possible to collect information from third parties or from public sources. Our website collects data in log files. This information contains data about your IP address, internet provider, browser you use, your operating system, when you visited our website, the pages visited. Our application uses "cookies". "Cookies" are small files of information that the website sends to the visitor's browser. The browser stores this information in a text file on the end user's device. They help us make our application work better for you.
Do we process special categories of personal data: The Company does not process special categories of personal data of Customers.
For what purposes do we process personal data: The Company processes personal data of Customers for the following purposes:
providing information and assistance requested by us;
individualizing and contacting clients and actual owners;
for all activities related to the existence, modification, and termination of relations between the Company and the Customer;
offering and promoting additional services;
compliance with regulatory requirements;
resolving disputes and cooperating with regulatory authorities to the extent required by law. If we do not process this personal data, we may not be able to provide you with our services or the assistance you requested.
On what legal basis do we process personal data: The personal data of Customers is collected, processed, and used on several legal bases for processing:
For the performance of a contract or for entering into pre-contractual relations;
For compliance with a legal obligation applicable to the Company;
For the legitimate interests pursued by the Company or by a third party, when the rights and interests of data subjects do not outweigh them - for dispute resolution; for the prevention, detection, investigation of fraud, violations, or other illegal conduct; for the establishment, exercise, or defense of legal claims;
Under the conditions of voluntary consent given when required by applicable law.
For how long do we retain personal data: The Company retains personal data for the duration of the contractual relationship and until the settlement of the debt under the contract and during a transitional period (e.g., If legal or other action is initiated, personal data may be retained until the end of such action, including any possible appeal periods, and then will be deleted or archived as permitted by applicable law. Specifically, the various carriers of accounting and tax information containing personal data are kept for a period of 10 years, counted from January 1 of the reporting period following the reporting period to which they relate. "In cases where your personal data is obtained and processed based on your consent, we will process your personal data only to the extent that we have your consent to process your personal data."
With whom do we share personal data, do we provide them to third countries: The Company may, at its discretion, disclose all or part of the personal data to data processors for the purpose of processing, in compliance with the requirements of the Regulation. The Company shares personal data with:
Third parties - service providers engaged by us to perform functions or activities on our behalf;
Third parties: regulatory authorities, tax, financial, judicial, administrative, and law enforcement authorities, all in accordance with applicable law. This list is not exhaustive and there may be other lawful purposes for storing, disclosing, or otherwise processing your personal data. The Company informs the data subject in case of intention to transfer all or part of his personal data to third countries or international organizations.
Are personal data protected: The Company provides and maintains appropriate technical and organizational measures to protect personal data against unauthorized access or unlawful use of personal data and/or against their accidental loss, alteration, disclosure, access, and/or damage or copying. These measures are designed to ensure the ongoing confidentiality, integrity, and availability of personal data. The Company regularly reassesses the measures to achieve ongoing security of personal data.
Do we perform automated decision-making: The Company does not engage in automated decision-making with data
What are the rights of Clients regarding the protection of personal data: Every Client has the right to exercise the rights listed below by written notice to the Company. - Withdrawal of consent for processing personal data: When the processing of a Client's personal data is based on the Client's consent, the Client has the right to withdraw their consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. - Right of access: Every Client has the right to obtain confirmation from the Company whether their personal data is being processed by the Company. This includes the right to access personal data, the right to receive a free copy of the data (except in cases of excessive or repetitive requests), unless otherwise provided for in applicable data protection rules, as well as the right of the Client to be provided with a description of the basic information related to the processing of their personal data. The Company provides the Client with a free copy of their personal data being processed, but reserves the right to impose an administrative fee in case of repetitiveness or excessiveness of requests. - Right to rectification: Every Client has the right to correct or request the Company to correct, without undue delay, inaccurate, incomplete, or outdated personal data concerning them. - Right to erasure ("right to be forgotten"): Every Client has the right to request from the Company the erasure of their personal data without undue delay when one of the following grounds applies:
the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
the Client withdraws their consent on which the processing is based, and there is no other legal ground for the processing;
the Client objects to the processing as set forth below;
the personal data have been unlawfully processed; or
the personal data must be erased for compliance with a legal obligation under EU law, the law of a Member State, or the law of another country;
the personal data have been collected in relation to the offer of information society services. The Company may refuse to erase the personal data of the Client to the extent that processing is necessary:
for the exercise of the right to freedom of expression and information;
for compliance with a legal obligation that requires processing provided for in EU or Member State law applicable to the Administrator, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Administrator;
for reasons of public interest in the area of public health;
for archival purposes in the public interest, for scientific or historical research, or for statistical purposes;
for the establishment, exercise, or defense of legal claims. - Right to restriction of processing:
when the accuracy of the personal data is contested by the Client, for a period enabling the Company to verify the accuracy of the personal data;
when the processing is unlawful, and the Client opposes the erasure of the personal data and requests the restriction of their use instead;
when the Company no longer needs the personal data for the purposes of the processing, but the Client requires them for the establishment, exercise, or defense of legal claims; or
when the Client has objected to processing pending the verification whether the legitimate grounds of the Company override those of the Client. - Right to object: Every Client has the right, at any time, on grounds relating to their particular situation, to object to the processing of personal data concerning them. The Client may exercise the right only with regard to processing of their personal data carried out by the Company for the purposes of the legitimate interests pursued by the Company. If the objection is justified, the Company will cease processing the personal data concerning the objecting Client unless the Company demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the Client. - Right to data portability: This right includes the following options:
to receive the personal data concerning them, which they have provided to the Company, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller; or
to have the personal data directly transmitted from one controller to another, where technically feasible. - Right to lodge a complaint: Every Client has the right to lodge a complaint regarding the processing of their personal data by the Company to the following email address: officefix2024@gmail.com, as well as to the Commission for Personal Data Protection, which is the competent supervisory authority. Commission for Personal Data Protection Address: Sofia, P.O. Box 1592, 2 Prof. Tsvetan Lazarov Str., Tel. (02) 91 53 519, Fax: (02) 91 53 525 Email: kzld@cpdp.bg Website: www.cpdp.bg
What happens in case of changes: In the event of a substantial change in the way the Company processes personal data of Clients and/or in the types of personal data processed, and/or in any other aspect of the subject matter of this notice, the Company will inform Clients of the respective change immediately by issuing and providing Clients with an updated version of the notice.
