Ficosota

Personal Data Protection Policy - Ficosota

 

FICOSOTA ("the Company" or "We") treats its obligations under the General Data Protection Regulation (Regulation (EU) 2016/679) and, respectively, the Bulgarian legislation, quite seriously and puts in a great deal of effort to meet the applicable standards and establish good practices for personal data processing. The competent leading regulatory body regarding personal data protection, processed by FICOSOTA is the Commission for Personal Data Protection of the Republic of Bulgaria.

Definitions

 

Personal data protection

The General Data Protection Regulation ("GDPR")will be applied in the EU Member States from 25 May 2018. FICOSOTA is making its business activity compliant with GDPR and the data protection principles outlined in the European and national legislation.

FICOSOTA ensures that the personal data processed by it will be:

The natural persons – data subjects have the following rights regarding their personal data:

Six lawful bases for personal data processing are set out in the GDPR:

 

Personal data processed by FICOSOTA

Personal data include not only facts but also opinions/ assessments expressed in relation to a specific natural person. Personal data processed by FICOSOTA may be conditionally divided into four categories:

Employees, associates, job applicants: FICOSOTA processes personal data, including special categories of personal data related to an employment contract or a contract for services, data of job applicants. Generally, FICOSOTA processes such data for the purpose of preparing and carrying out of employment or other type of contracts, as well as to fulfil its legal obligations as an employer.

Representatives, contact persons and employees of customers, partners and suppliers of FICOSOTA– usually we receive your personal data from your employer or from you personally, whenever we need to prepare, conclude or execute a contract with it or establish a commercial relationship. For instance, you might be appointed as a legal representative or a contact person in a contract or business correspondence in relation to the conclusion, execution or termination of a contract, making an offer, settlement of commercial disputes which have arisen and other.

Visitors to websites – we collect data about you from the contact form on our websites, which you have completed, based on your consent, which you have granted by completing the form. Usually we use this information in order to respond to your request regarding our products or meet other demands you may have. Depending on the information you have provided, it is possible that it is processed for the purpose of identification and exercise of rights in relation to a potential dispute with you or one which has arisen as a result of any claims or complaints made. We also collect data concerning your IP address and your consent to the use of cookies. Further information is provided in our Cookie policy.

Participants in games - when registering for participation in our games you provide us with personal data. We process them based on your unambiguous consent expressed through voluntary completion of the registration form for participation in the game/ raffle/ product campaign (including by commenting under a post on our official websites on Facebook and Instagram). Further information is provided in our Privacy policy regarding games/ raffles/product campaigns, which is accessible before registering on our website or website in the social networks.

Visitors in the buildings of FICOSOTA– in case of visits to the office spaces, production facilities and common areas of the company, for the purpose of ensuring the security of our property and the bodily integrity of our employees, as well as access control, there are technical devices in place, which will register your visit.

 

Sharing of personal data

Usually FICOSOTA maintains complete confidentiality regarding your personal data and does not disclose them to any third parties.

Occasionally „FICOSOTA “ may share the personal data of its employees or the representatives of its customers, partners, couriers, carriers, contractors or suppliers with state authorities, as well as with other natural or legal persons – such as providers of software and/ or hardware solutions or infrastructure, with outside consultants in relation to the establishing and exercising of rights, based on a legal obligation or with regard to its legitimate interest, depending on the particular situation. Such disclosure of data is possible only if there is a justifiable reason therefor and if an adequate level of protection is ensured, including through written arrangements with third parties, to which the personal data are disclosed, whenever possible.

Special categories of personal data

FICOSOTA does not process any sensitive personal data of its customers – natural persons or of employees/ representatives of customers, partners and suppliers, visitors to the websites and the social network websites.

Personal data storage

FICOSOTA stores different types of personal data both electronically and on hard copies, which data are contained in different documents, for a firmly fixed period of time. The set periods for data storage always comply with the purposes for which the personal data are processed. These periods are set out in the Policy for document storage and destruction of FICOSOTA.

Exercising of the rights of the data subjects

If requests for the exercising of the rights of the data subjects have been submitted, FICOSOTA establishes communication with the natural person in a short, transparent, comprehensible and easily accessible form, using intelligible and plain language, especially where underage persons are concerned.

Where the rights of the data subjects are being exercised FICOSOTA is obligated to duly identify the natural person in order to avoid the risk of unauthorized access to personal data.

Information concerning the actions taken by FICOSOTA in response to the request submitted for the exercise of rights, shall be provided to the natural persons, without any undue delay and usually within one month from receipt of the request.

All the information related to the exercise of the rights of the data subjects is provided by FICOSOTA free of charge, except in the cases where the requests are apparently unfounded or excessive.

Further information concerning your rights related to the processing of personal data by FICOSOTA is provided in our Data Subjects Rights Policy.

Personal data security

Personal data breach

FICOSOTA has adopted procedures for effective establishing, reporting and investigating personal data breaches. In case of personal data breach FICOSOTA will take immediate measures to limit the effect of the breach and to inform the affected data subjects and the regulatory body in charge of personal data protection.

Additional information

FICOSOTA will update, in a timely manner, by changing and complementing this policy, at all times in the future, whenever necessitated by the statutory provisions or other circumstances.

If you wish to receive further information concerning the processing of personal data carried out by FICOSOTA or if you have any questions or complaints regarding this privacy notice, or regarding the ways in which and purposes for which we use your personal data, please contact us or our data protection officer at:

For FICOSOTA: Bulgaria, the town of Shumen 48, Madara Blvd., email: privacy@ficosota.com

You may contact our data protection officer at: dpo@ficosota.com