Data protection policy in RIN SK Ltd.

Data protection policy in RIN SK Ltd.

We are “RIN SK” Ltd., with UIC: 204013627 and address: Sofia 1756, Vitosha district, villa zone “Malinova dolina”, 2A part, 201 No 1. RIN SK “Ltd. is the Administrator of Your personal data obtained through this site! You can contact us and the manager Mrs. R. Chalova by phone at: 0887 32 11 29 or by email at [email protected], where you can ask your questions related to personal data protection!

RIN SK Ltd. respects your personal data. As a data controller, we collect and process certain information about individuals. With this policy we want to inform you how we use your personal data and why we need this information. This data protection policy is available at the bottom of each page of this site.

We collect and use personal information to understand your needs and interests and to serve you better. In addition to the information you provide to us, we may also collect information during your visit to our site through automated information collection tools, which include cookies, links, pages and other commonly used information collection tools.
The information we collect to understand your needs and interests helps us make your visit consistent and personalized.

This RIN SK Data Protection Policy aims to inform you about how RIN SK Ltd. treats your personal data as an administrator, as well as how you can control and manage your preferences. and settings related to this treatment. The main mission of our team is to provide you with comprehensive and objective information about news, current events and other topics in and of public interest.

What do these Privacy Policy govern and on what legal basis? As of May 25, 2018, the General Regulation on Personal Data Protection (GDPR) will be applied in Bulgaria. It has been adopted by the European Union and aims to harmonize the policies of the EU Member States regarding the collection and use of personal data. Another of its goals is to guarantee our right to privacy, to protect our personal data, to give more security against the misuse of personal information of each of us. The new regulation comes with a number of requirements that RIN SK Ltd. applies and which you can read here. Among them are:
To inform you what data we use.
Let you know why we use them.
We ask for your consent to use them when we provide additional services based on them, such as targeted advertising.
To give you the opportunity to change your consent for various purposes through this site to have more freedom.
To guarantee you the right to request correction of your data, their deletion, as well as to be “forgotten”. In addition, we may provide you with downloadable data or transfer it if you notify us and identify yourself accordingly.
Indicate all third parties / other companies with whom we share your data. Keep in mind that the Internet is a global network, we often use standardized services to register logins and track behavior in an anonymous version, such as Google Analytics.
All data that can be used to identify a user are considered personal data. These can be email, names, mobile phone, residential address, IP address.

Our role in your privacy

If you are our client or subscriber of “RIN SK” Ltd. or just visit our website, these rules apply to you. If you wish to use any of the services of “RIN SK” Ltd., you must read our privacy statement. RIN SK Ltd. does not collect information that is not strictly necessary for the purpose for which it was obtained. However, we want to tell you a little bit about how we process your data and what happens when you visit our site.

All processing of personal data shall be carried out in accordance with the principles of data protection set out in Article 5 of Regulation (EU) 2016/679. The policies and procedures of RIN SK Ltd. aim to ensure compliance with these principles.

  1. Personal data must be processed lawfully, in good faith and transparently

Legitimate – in order for the processing to be lawful, the data controller must be able to identify a legal basis before it can process personal data. They are often referred to as “grounds for processing”, such as “consent”.

In good faith – in order for the processing to be in good faith, the data controller must provide certain information to the data subjects as far as practicable. This applies whether the personal data are obtained directly from the data subjects or from other sources.

Transparent – The General Regulation includes rules on the provision of confidential information to data subjects in Articles 12, 13 and 14 of the DPA. They are detailed and specific, emphasizing that privacy notices are understandable and accessible. The information must be communicated to the data subject in an understandable form, using clear and understandable language.

       2. Personal data may only be collected for specific, explicit and legitimate purposes

The data obtained for specific purposes must not be used for a purpose that differs from those officially announced to the supervisory authority as part of the Register of Data Processing Activities (Art. 30 ORZD) of RIN SK OOD . A procedure for transparency in the processing of personal data sets out the relevant rules

  1. Personal data must be adequate, relevant, limited to what is necessary for their processing for that purpose. (principle of minimum necessary)
  • RIN SK Ltd. does not collect information that is not strictly necessary for the purpose for which it was obtained.
  • All data collection forms (electronic or paper), including the data collection requirements in the new information systems, include a declaration of good faith processing or a notification of confidential treatment of personal data and are approved by the Data Controller.
  • The controller shall ensure that, on an annual basis, all data collection methods are reviewed by internal audit or external experts to ensure that the data collected remain adequate, relevant and not excessive. – Impact assessment procedure data protection and the impact assessment methodology we use.
  1. Personal data must be accurate and up-to-date at all times, and the necessary efforts must be made to enable immediate (within possible technical solutions) deletion or correction.
  • The data stored by the data controller should be reviewed and updated as necessary. Data should not be stored in cases where it is likely to be inaccurate.
    The personal data controller is responsible for ensuring that all staff are trained in the importance of collecting and maintaining accurate data.
  • Also, it is the obligation of the data subject to declare that the data they transmit for storage to RIN SK OOD are accurate and up-to-date. Completion of a form by the data subject intended for the controller will include a statement that the data contained therein are accurate as of the date of submission.
  • Employees, customers / others must be required to notify RIN SK OOD of any changes in circumstances so that personal data records can be updated. Instructions and rules for updating the records are contained in the Instruction on measures and means of personal data protection. It is the responsibility of RIN SK OOD to ensure that any notification of a change in circumstances is recorded and action is taken.
  • It is the responsibility of the data controller to ensure that appropriate procedures and policies are in place to maintain the accuracy and timeliness of personal data, taking into account the volume of data collected, the speed with which it may change, and other relevant factors.
  • At least on an annual basis, the Personal Data Administrator will review the retention periods of all personal data processed by RIN SK OOD, referring to the data inventory and will identify all data that are no longer required in the context of the registered purpose. This data will be reliably destroyed in accordance with the procedures and rules of the administrator.
  • The data controller is responsible for compliance with requests for correction of data within one month (Procedure for managing requests from subjects). This period can be extended by another two months for complex applications. If RIN SK Ltd. decides not to comply with the request, the Data Controller must respond to the data subject to explain his / her reasons and inform him / her of his / her right to lodge a complaint with the supervisory authority and seek legal redress.
  • The personal data controller is responsible for taking appropriate measures, in cases where third party organizations have inaccurate or outdated personal data, to inform them that the information is inaccurate or outdated and not to be used for decision-making about individuals, to inform the parties concerned; and forward any correction of personal data to third parties where necessary.
  1. Personal data must be stored in such a form that the data subject can only be identified for as long as is necessary for the processing.
  • When personal data is retained after the date of processing, it will be stored in an appropriate way – minimized, encrypted and pseudonymous to protect the identity of the data subject in case of data breach.
  • Personal data will be stored in accordance with the Procedure for storage and destruction of data and after their storage period has expired, they must be securely destroyed in accordance with the procedure specified in this procedure.
  • The data controller must specifically approve any retention of data that exceeds the retention period defined in the Data Retention and Destruction Procedure and must ensure that the justification is clearly defined and complies with the requirements of data protection law. . This approval must be in writing.

The rules for notifying the data subject of RIN SK OOD are defined in our Procedure for transparency in the processing of personal data and the notification is recorded in the Privacy Policy – notification for confidential treatment of personal data.

According to Art. 2, para. 2 of the LPPD personal data must:

  • to be collected for specific, well-defined and legitimate purposes and not to be further processed in a way incompatible with those purposes; further processing of personal data for historical, statistical or scientific purposes is permissible, provided that the controller provides adequate protection, ensuring that the data are not processed for other purposes;
  • be relevant, relevant and not exceeding the purposes for which they are processed;
  • be accurate and, if necessary, updated;
  • to be deleted or corrected when they are found to be inaccurate or disproportionate to the purposes for which they are processed;
  • to be kept in a form which permits identification of the natural persons concerned for no longer than is necessary for the purposes for which the data are processed; personal data that will be stored for a longer period for historical, statistical or scientific purposes are kept in a form that does not allow the identification of individuals.

The specific information to be provided to the client must include at least:

  • data identifying the administrator and the contact details of the administrator and, if any, of the administrator’s representative;
  • the contacts of the Personal Data Administrator;
  • the purposes of the processing for which the personal data are intended as well as the legal basis for the processing;
  • the period for which personal data will be stored;
  • the existence of the following rights – to request access to data, correction, erasure (right to be “forgotten”), restriction of processing, as well as the right to object to the conditions (or lack thereof) in connection with the exercise of these rights;
  • the categories of personal data;
  • the recipients or categories of recipients of personal data, where applicable;
  • where applicable, whether the controller intends to transfer personal data to a recipient in a third country and the level of data protection;
    any additional information necessary to ensure good faith handling.

  • All processing of personal data shall be carried out in accordance with the principles of data protection set out in Article 5 of Regulation (EU) 2016/679.
  • The policies and procedures of RIN SK Ltd. aim to ensure compliance with these principles.\
  • Personal data must be processed
    • legally
    • in good faith
    • transparent

  • Read this privacy policy
  • If you are already our client, we may have already notified you of the change in our privacy policy, but we have now made changes that we believe you should be informed about, especially in the area of ​​how we collect and process your data.
  • If you provide us with personal information about other people or if others provide us with information about you, we will only use that information for the specific reason why it was provided to us. By submitting this information, you acknowledge that you have the right to authorize us to process it on your behalf in accordance with this Privacy Policy.

What data do we collect?

What data do we collect from our registered users? RIN SK Ltd. collects from the users of its websites personal data from the registrations made by them in order to fulfill the conditions for concluding a service contract, to analyze the behavior of its users, as well as to provide them with more relevant content. and to improve the quality of our services. When you register for an event or service offered by us, participate in surveys, etc., we may collect various types of information, namely the following categories of personal data:

  • Contacts of the client, the legal basis for the processing of which is the conclusion of a contract with the client:
    • Client names
    • PIN
    • Postal address,
    • Names of a child;
  • Details for communication, which we process on the basis of the consent received from the client, which consent he can always withdraw at will by filling out a form for withdrawal of consent
    • phone number,
    • email,
  • Additional data about the client or his child, which we process on the basis of the consent received from the client, which consent he can always withdraw at will by filling out a form for withdrawal of consent
    • Growth
    • Year of birth
    • Skill level / class:
    • Shoe number
  • Special categories of data that we process due to the nature of our work with children – The legal basis is the Child Protection Act, the Child Protection Act, the Child Protection Act and the applicable legislation related to the services provided by RIN SK OOD.• Health condition;
    • Chronic illnesses;
    • Allergies.

    Financial details

  • Bank details when payment is by bank transfer.

Additional data

  • In cases where it is necessary to issue certain documents, such as an invoice, you may be asked for additional information in accordance with the requirements of the regulations.

Data that identifies you online and which you can disable yourself by disabling cookies on your browser.

  • Your IP address
  • login details
  • browser type and version
  • setting time zones,
  • types of browser plug-ins,
  • geolocation,
  • operating system and version

RIN SK Ltd. has the legal right to promote its activities among the public!

In order to promote its activities “RIN SK” Ltd., it is possible to take photos and / or videos that we publish on our website, to groups of people and / or individuals, among which it is possible that you or your kid. We want to protect your privacy and we kindly ask you, if you DO NOT WANT to get into these materials, to let us know so that we can take measures to delete photos / videos and download the publications from the public space. When concluding a contract with us, you may expressly state your consent or disagreement with respect to such publication. Even if you agree, at any time after the publication, you can exercise your right and withdraw the consent given for these publications!

How do we use your data?

According to the Personal Data Protection Act, we may use your data only for certain reasons and where we have a legal basis for it. Here are the reasons why we process your data:

  • Implementation of a contract for boiling product (according to CPA and ZET)
  • We make the site more convenient – Manage your orders and requests, login and password authentication, save settings, complete your orders quickly, easily and conveniently, choose the most appropriate method of payment, you can choose the methods of delivery and return.
  • For personalized support – Function testing, interaction with feedback platforms and questionnaires, landing page management, traffic optimization and data analysis and research.
  • We take into account interests and inquiries to improve communication – We try to be as close as possible to our customers, through communication by phone or e-mail, including to eliminate problems.
  • We try to offer the best for you and constantly improve the service – Notifying you of any changes in the prices of our services, solving problems that may arise of a purely technical nature.
  • Marketing goals (with your explicit consent only) – If you agree, we will send you emails and / or messages about new services and events or upcoming and current promotions.

AGREEMENT

All this will be done only with CONSENT, which you can choose to give or not, and for precisely and clearly defined purposes, for which we are obliged to ask you in simple and understandable language!

You can change your mind!

If you have given your prior consent for us to process your data, you are free to withdraw this consent at any time. You can do this by sending us an email at [email protected]

If you withdraw your consent and if we have no other legal basis for the processing of your information, we will stop processing your personal data. If we have another legal basis for processing your information, then we may continue to do so, subject to your legal rights.

When and how we collect data?

The data of our clients are collected during the visit to our sites. When you buy a product, you need to leave certain data in order to be able to make a purchase. This includes contact details and delivery details. While browsing the web pages, we report traffic and various metrics that allow us to collect data about the behavior of our visitors. This helps us to improve communication and customer service!

We use cookies!

A cookie is a small amount of data that a website stores on a visitor’s computer or mobile device.
On our website, we use cookies in connection with its operation, as well as to collect statistics for analysis, for which we use Google Analytics. The cookies used are used to differentiate users and sessions, to define new sessions, to submit requests, to store the source of traffic and the way the site is reached.
The site of “RIN SK” Ltd. uses the following cookies:
• PHPSESSID – contains only a reference to a session stored on the web server. No information is stored in the user’s browser and this cookie can only be used in the current session.
• Cookies used to collect statistics for analysis, for which we use Google Analytics. You can learn about the cookies generated by Google Analytics at: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en.
By setting up your browser accordingly, you can always turn off both our cookies and third-party cookies. In this case, you may lose some of the functionality of some of the services on our site.
If you use a link that links you to another site, it will have its own cookies and security policy over which we have no control.

  • We use only the necessary cookies to implement and improve our work
  • Our third-party service providers also use cookies, which they control
  • You can turn off cookies of your choice from your browser, but you may lose some of the functionality of our site …

what to choose >>

How we store data?

We have physical, electronic and management procedures in place to protect and secure the information we collect. For more information about our efforts to ensure that your data is stored securely, we have developed and adhered to the Instruction on measures and means of personal data protection, which are part of our Data Protection Policy.

Please, bear in mind:

  • You provide personal data at your own risk: unfortunately no one can guarantee 100% security of data transmission, but we have minimized all risks.
  • You are responsible for your username and password: keep them secret and secure!
  • If you believe that your privacy has been violated, please contact us immediately at: [email protected]

Where do we store the data?

The personal data we collect is processed in our office in the city of Sofia and is stored in encrypted form on Microsoft Server and in all data processing facilities managed by third parties listed below.

By submitting your personal data, you accept this transfer, storage or processing by us. If we transfer or store your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected, as set out in this Privacy Policy.

Please, bear in mind:

  • You provide personal data at your own risk: unfortunately no one can guarantee 100% security of data transmission, but we have minimized all risks.
  • You are responsible for your username and password: keep them secret and secure!
  • If you believe that your privacy has been violated, please contact us immediately at: [email protected]

How long do we keep them?

We at RIN SK Ltd. have well-established physical, electronic and management procedures in place to protect and secure the information we collect. For more information about our efforts to ensure that your data is stored securely, we have developed and adhered to the Instruction on measures and means of personal data protection, which are part of our Data Protection Policy.

Please, bear in mind:

  • You provide personal data at your own risk: unfortunately no one can guarantee 100% security of data transmission, but we have minimized all risks.
  • You are responsible for your username and password: keep them secret and secure!
  • If you believe that your privacy has been violated, please contact us immediately at: [email protected]

Know your rights!

We respect our customers! That is why we believe that in addition to the right to buy from us, they have other specific rights in their relationship with us! Our clients have defined rights regarding the processing of data, as well as the data that are recorded for them according to the ORD. They consist of:

  • Access to the information we have about you or Right to information and access
  • The right to request correction / correction of your information
  • Cancel marketing messages
  • Do you just want a certain service? – You have the right to restrict the processing of your data
  • Do you want to be forgotten by us? You have the right to be “forgotten”
  • Want to complain about us? You have the right to object and you can contact the CPDP

Each of these rights is supported by appropriate procedures developed and established in the framework of personal data protection by RIN SK OOD, which allow the necessary actions to be taken within the deadlines specified in the ORD.

Всеки наш клиент, чиито данни ние обработваме, може :

  • Make requests to confirm whether personal data relating to him are being processed and, if so, to have access to the data as well as information on the recipients of this data.
  • Request a copy of your personal data from the administrator;
  • To ask the administrator to correct personal data when they are inaccurate and when they are no longer up to date;
  • Require the administrator to delete personal data (right to be “forgotten”);
  • To ask the administrator to limit the processing of personal data, in which case the data will only be stored, but not processed;
  • To object to the processing of his personal data;
  • To object to the processing of personal data concerning him for the purposes of direct marketing.
  • Complain to a supervisory authority if it considers that any of the provisions of the ORD have been violated;
  • To request and be provided with personal data in a structured, widely used and machine-readable format;
  • Withdraw your consent to the processing of personal data at any time with a separate request addressed to the controller;
  • Not be subject to automated decisions that affect it significantly, without the possibility of human intervention;
  • To oppose automated profiling, which happens without his consent;

RIN SK Ltd. provides conditions to guarantee the exercise of these rights by the data subject:

  • You and all our clients can send your requests to us and we at RIN SK Ltd. guarantee that the answer to your request will be considered and you will receive an answer within the statutory period, which is consistent with the requirements of the General Regulation.
  • Clients have the right to submit complaints to RIN SK OOD related to the processing of their personal data, the processing of a request by the data subject and an appeal by the data subject regarding the manner of processing the complaints.

Data for third parties!

“РИН СК” ООД не дава право на използване, не продава, не разкрива и не споделя никакви Ваши лични данни по смисъла на GDPR с други лица или фирми и организации, или с несвързани компании, освен когато това се налага, за да ви предоставим заявени от вас събития и/или услуги и когато вие сте предоставили вашето изрично желание, или в някой от следните случаи:

Информацията се предоставя на доверени партньори, които работят по възлагане от страна на “РИН СК” ООД въз основа на договорни отношения и по силата на конфиденциални споразумения. Тези компании могат да използват такава информация, само във Ваш интерес или за да има възможност “РИН СК” ООД да подобри обслужването на клиентите си. Въпреки това тези компании нямат правото самостоятелно да споделят тази информация. Тези компании са, без изброяването да е изчерпателно:

  • Facebook;
  • Google;
  • Twitter;
  • Cloudflare;
  • Instagram;
  • Pinterest.
  • ECONT EXPRESS