Privacy terms

Purpose of privacy data collection

Borsa-Elena.com collect and use private information for the purposes of:
   - execution of orders to Users (Wholesaler)
   - creating documents related to orders;
   - Issuing of club card Kinderland;
   - notifying about new products and services connected with Borsa-Elena.com

Borsa-Elena.com processes the users' personal data because of orders, queries, club card and this agreement between the User and Borsa-Elena.com.

The user agrees to process his or her personal data for the purposes of the generated documents and processing inquiries of Borsa-Elena.com or for issuing club card Kinderland.

The user can give up agreement at any time the given consent by sending a request to kinderland_varna@abv.bg or contact us at the announced contacts, offices: contact with Borsa-Elena.com.

Users' personal data is kept at maximum security and confidence.

Users rights

Each User of the site enjoys all rights to protection of personal data in accordance with Bulgarian and European Union law. Each user have right to:
    - Awareness (in connection with the processing of his or her personal data by the administrator);
    - Access to your own personal information
    - Correction (if data is inaccurate)
    - Delete personal information (right to be forgotten);
    - Restriction of processing by the administrator or the processor of personal data;
    - Portability of personal data between individual administrators;
    - Opposition to the processing of his or her personal data;
    - The data subject may also not be the subject of a decision based solely on automated processing involving profiling that produces legal consequences for the data subject or similarly affects it significantly;
    - Right to judicial or administrative redress if the rights of the data subject have been violated.

The user may request deletion if one of the following conditions is true:
    - Personal data is no longer required for the purposes for which it was collected or otherwise processed;
    - The user withdraws his / her consent on which the processing of the data is based and no other legal basis for the processing;
    - User data opposes processing, and there are no legitimate reasons for processing that have an advantage;
    - Personal information has been tampered with;
    - Personal data must be deleted to comply with a legal obligation under Union or Member State law applicable to the administrator;
    - Personal information has been gathered in connection with the provision of information society services to children, and consent is given by parental responsibility for the child.

The user have right to restrict the processing of his personal data by the controller when:
    - Opposes the accuracy of personal data. In this case, the limitation of the processing is for a period that allows the controller to verify the accuracy of the personal data;
    - Processing is improper, but the user does not want to delete the personal data, but instead requires a limitation of their use;
    - The administrator no longer requires personal data for the purpose of processing, but the user requires them to establish, exercise or protect legal claims;
    - Opposes the processing pending verification that the legal grounds of the Administrator have an advantage over the User's interests.

Right of portability

The data subject has the right to receive the personal data that concerns him and which he has provided to an administrator in a structured, widely used and machine readable format and has the right to transfer this data to another administrator without hindrance by the administrator to whom the personal data is provided when the processing is based on consent or a contractual obligation and the processing is done in an automated manner. When exercising its right to data portability, the data subject is also entitled to receive a direct transfer of personal data from one administrator to another when technically feasible.

Right of objection

Users have the right to object to the controller against the processing of their personal data. The Personal Data Administrator is required to discontinue the processing unless he can prove that there are convincing legal grounds for the processing that take precedence over the interests, rights and freedoms of the data subject or for the establishment, exercise or protection of legal claims. In case of objection to the processing of personal data for the purposes of direct marketing, the processing should be terminated immediately.

Appeal to the supervisory authority

Each User has the right to file a complaint against the unlawful processing of his personal data with the Personal Data Protection Commission or the competent court.

Duties of the Personal Data Administrator

The Personal Data Administrator has the following obligations:
    - Processes the data in accordance with the privacy principles set forth in the regulation, being able to prove this (accountability);
    - Provides data protection at the design stage and by default;
    - Notify the supervisor and data subject in case of personal data bre the facts relating to the infringement, the consequences thereof, the actions taken to deal with the infringement;
    - Perform an impact assessment on data protection;

The Data Controller applies appropriate technical and organizational measures to ensure data security by:
    - A privately-crafted and specially modified web system;
    - Encryption
    - Ensure ongoing privacy, integrity, availability, and resilience of systems and processing services;
   - Timely restoration of availability and access to personal data in the event of a physical or technical incident;
    - Regularly review, assess and evaluate the effectiveness of technical and organizational measures;
    - Working with the data protection supervisor in fulfilling the obligations stemming from this regulation;
    - Prepares and applies internal procedures for accepting, reviewing, and responding within one month to requests from Users for the exercise of their rights as data subjects.

Support and host a register

Borsa-Elena.com maintains a registry of the processing activities for which he is responsible. This registry contains all of the following information:
    - the name and contact details of the administrator
    - the goals of processing
   - a description of the categories of data subjects and categories of personal data;
    - the categories of recipients to whom personal information is or will be disclosed, including recipients in third countries or international organizations;
    - where applicable, the deadlines for deleting the different categories of data;
    - where possible, a general description of technical and organizational security measures,

The processor does not include any other processing data without the prior specific or general written permission of the administrator.

REGULATORY ACTIVITIES and management of personal data

The authorities governing management of privacy data of Borsa-Elena.com are the Commission for Consumer Protection - KZP and the Commission for Protection of Personal Data - CPDP with the following coordinates:

For KZP:
   -Website: https://kzp.bg/kontakti
   -phone: 0700 111 22
   -email: info@kzp.bg
   -address: Sofia, sq. "Slaveikov", №4A, fl. 3, 4 and 6

For CPDP:
   - Website: https://www.cpdp.bg/
   - phone: 02/91-53-518
   - email: kzld@cpdp.bg
   - address: Sofia 1592, bul. "Prof. Cvetan Lazarov" № 2

DISPUTES

Users can use the European Dispute Resolution Online Platform (ODS) available at https://ec.europa.eu/odr - a single access portal that allows EU consumers and traders to settle disputes between themselves.

Alternative dispute resolution - ADR between users and traders is an out-of-court conciliation procedure on a voluntary basis.

The general conciliation commissions help to reach agreement between consumers and traders in disputes over service contracts.

The Common Conciliation Commissions are defined on a regional basis and competent to resolve disputes between Borsa-Elena.com and User is a General Conciliation Commission with a seat in Varna and the region of operation of the territory of Varna District, Dobrich District and Silistra District.

The consolidated list of the recognized ADR authorities of the Member States of the European Union can be found at https://webgate.ec.europa.eu/odr/main/index.cfm?event=main.adr.show