PRIVACY POLICY

LAST REVISED ON 25th of May 2018

 

The Scope of this Policy

This privacy policy (the “Policy” or the “Privacy Policy”) describes how sofiastyleapartments.com collects, uses, consults or otherwise processes an individual’s Personal Data. For the purposes of this policy, “sofiastyleapartments.com”, “we” or “us” refers to Flora Apart EOOD, a company incorporated under Bulgarian law, registered at zhk. Lozenets, ul. Akatsia 17, ap. 1 1421 Sofia, Bulgaria having its registered seat and its offices at zhk. Lozenets, ul. Akatsia 17, ap. 1 1421 Sofia, Bulgaria, telephone number +359 876 115 574, email address: sofiastyleappartments@gmail.com. In all cases described in this Policy, sofiastyleapartments.com will process your personal data as a Data Controller.

We are committed to protecting the privacy of our users and customers. This Privacy Policy is especially directed at:

  • visitors to the websites and mobile applications of sofiastyleapartments.com;
  • natural persons contacting us through the contact or other forms available on the websites and/or mobile applications;
  • employees
  • external service providers
  • clients

This Privacy Policy is intended to inform you how we gather, define, and use information that could identify you, such as your name, email address, address, other contact details, online identifiers or other information that you provide to us when using our websites and mobile applications or when you send it directly to us using the contact information provided by us on the website. Please take a moment to read this Privacy Policy carefully.

This policy is to be read as consistent with the Cookie Policy.

This policy includes a description of your data protection rights, including a right to object to some of the processing activities we carry out.

 

Applicable legislation

For the purpose of this policy, the term “Data Protection Legislation” shall mean the Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (the “GDPR“), as well as any legislation and/or regulation implementing or created pursuant to the GDPR and the e-Privacy legislation, or which amends, replaces, re-enacts or consolidates any of them, and all other national applicable laws relating to the processing of Personal Data and privacy that may exist under applicable law.

 

Definitions

Controller

The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Processor

A natural or legal person, public authority, agency or other bodies which processes Personal Data on behalf of the controller.

Recipient

A natural or legal person, public authority, agency or another body, to which the Personal Data is disclosed, whether a Third Party or not.

Third Party

A natural or legal person, public authority, agency or body other than the data subject, controller, Processor and persons who, under the direct authority of the controller or processor, are authorized to process Personal Data.

Supervisory Authority

An independent public authority which is established by a Member State pursuant to Article 51” of the GDPR.

Personal Data

Any information relating to an identified or identifiable natural person (“Data Subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing

Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Standard Contractual Clauses

Sets of standard contractual clauses for transfers as adopted by the European Commission for the international transfer of Personal Data.

Personal Data Breach

A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

 

What personal data we collect and why we collect it?

Through certain actions such as when you browse our website or ask us to provide you more information, you provide your consent to us to process information that may be personal information. Wherever possible, we aim to obtain your explicit consent to process this information, for example, by asking you to agree to our use of cookies. Except where you have consented to our use of your information for a specific purpose, we do not use your information in any way that would identify you personally. We may aggregate it in a pseudonymized way and use it to provide class information, for example, to monitor the performance of a particular page on our website. We continue to process your information on this basis until you withdraw your consent or it can be reasonably assumed that your consent no longer exists. You may withdraw your consent at any time by instructing us sofiastyleappartments@gmail.com. However, if you do so, you may not be able to use our website or our services further.

 

  • Name and Email Address

Source of data:

– Directly from you through our Contact Forms.

– Directly from you through email service provider.

Legal basis:

– Your consent / opt-in obtained during filling our contact form;

– The service contract we have with you.

Recipients of data:

–    IT service providers;

–    Other affiliates of sofiastyleappartments@gmail.com;

–    Marketing communications service providers;

–    Employees.

 

  • Embedded content from other websites

Source of data:

– Third-party websites/applications

Legal basis:

–  Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website;

–  These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Recipients of data:

–    Third-party websites

 

Is your personal data used for direct marketing communications?

If you have explicitly consented, we may, from time to time, contact you with information about our Services.

If you no longer want to receive such communications, please let us know by sending an email to us at sofiastyleappartments@gmail.com.

 

What are your rights?

Once you have provided your Personal Data, the Data Protection Legislation grants you several rights, which you can in principle exercise free of charge, subject to statutory exceptions. These rights may be limited, for example, if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. To exercise any of your rights, you can file a request here sofiastyleappartments@gmail.com.

Should you have unresolved concerns, you have the right to lodge a complaint with a Supervisory Authority where you live or where you believe a breach may have occurred. We encourage you to come to us in the first instance but, to the extent that this right applies to you, you are entitled to complain directly to the relevant Supervisory Authority.

Right to withdraw consent

Wherever we rely on your consent, you will be able to withdraw that consent at any time you choose and at your own initiative by logging into your account on our website (if you have one) or by contacting us here sofiastyleappartments@gmail.com. The withdrawal of your consent will not affect the lawfulness of the collection and processing of your data based on your consent up until the moment where you withdraw your consent.

Right to access and rectify your data

You have the right to access, review, and rectify your Personal Data. You may be entitled to ask us for a copy of your information, to review or correct it if you wish to rectify any information like your name, email address, passwords and/or any other preferences, you can easily do so by logging into your account on our website (if you have one) or by contacting us here sofiastyleappartments@gmail.com. You may also request a copy of the Personal Data processed as described in this Privacy Policy.

Right to erasure

 In accordance with the Data Protection Legislation, you have the right to erasure of your Personal Data processed by us as described in this Privacy Policy in case it is no longer needed for the purposes for which the Personal Data was initially collected or processed or in the event you have withdrawn your consent or objected to processing as described in this Privacy Policy and no other legal ground for processing applies. Should you wish to have your Personal Data erased, please file a request here sofiastyleappartments@gmail.com.

Right to the restriction of processing

Under certain circumstances described in the Data Protection Legislation, you may ask us to restrict the processing of your Personal Data. This is, for example, the case when you contest the accuracy of your Personal Data. In such event, we will restrict the processing until we can verify the accuracy of your data.

Right to object to the processing

Under certain circumstances described in the Data Protection Legislation, you may object to the processing of your Personal Data, including where your Personal Data is processed for direct marketing purposes.

Right to data portability

Where you have provided your data directly to us and where the processing is carried out by automated means and based on your consent or the performance of a contract between you and us, you have the right to receive the Personal Data processed about you in a structured, commonly used and machine-readable format, and to transmit this data to another service provider.

 

Security measures

Appropriate technical and organizational measures are implemented in order to ensure an appropriate level of security of your Personal Data, including but not limited to encryption techniques, physical and IT system access controls, obligations of confidentiality, etc.

In the event personal information is compromised as a result of a Personal Data Breach and where such breach is likely to result in a high risk to the rights and freedoms, we will make the necessary notifications, as required under the Data Protection Legislation.

 

What rules apply to children?

We do not knowingly collect or solicit Personal Data from anyone under the age of 18.

In the event we learn that we have collected Personal Data from a child under the age of 18 without verification of parental consent, steps will be taken promptly to remove that information. If you believe that we have or may have information from or about a child under 18 years of age, please contact us at sofiastyleappartments@gmail.com.

 

How is your Personal Data shared with Third Parties?

We only share or disclose information as described herein, including with Third Parties.

Your Personal Data will also be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of the Controller(s) legitimate interests in compliance with applicable laws (example for data concerning our subcontractors or employees).

 

Is your Personal Data transferred outside the EEA?

For the purposes described in this policy, your personal data will be kept within the EEA and transferred outside the EEA only to a country or countries which have been recognized by the European Commission to provide an adequate level of data protection.

 

How long will we keep your Personal Data?

We retain your Personal Data for as long as is required to fulfill the activities set out in this Privacy Policy, for as long as otherwise communicated to you or for as long as is permitted by applicable law. For example, we may retain your Personal Data if it is reasonably necessary to comply with any legal obligations, meet any regulatory requirements, resolve any disputes or litigation, or as otherwise needed to enforce this Policy and prevent fraud and abuse.

To determine the appropriate retention period for the information we collect from you, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of the data, the purposes for which we process the Personal Data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

 

Does this Privacy Policy apply to Third Party websites?

If you click on a link to a Third Party website, you will be taken to a website we do not control and our Privacy Policy will no longer be in effect. Your browsing and interaction on any other website are subject to the terms of use and privacy and other policies of such Third Party website. Read the privacy policies of other websites carefully. We are not responsible or liable for the information or content on such Third Party Websites.

 

What happens if we make changes to this Policy?

We reserve the right to modify and update this Privacy Policy from time to time. We will bring these changes to your attention should they be indicative of a fundamental change to the processing or be relevant to the nature of the processing or be relevant to you and impact your data protection rights.

 

How to contact us?

Questions, comments, remarks, requests or complaints regarding this Privacy Policy are welcome and should be addressed to:

sofiastyleappartments@gmail.com