Chasapis Accounting

 

 

Privacy Policy

Chasapis Accounting EOOD takes its obligations under the General Data Protection Regulation (Regulation (EU) 2016/679) and the relevant Bulgarian legislation seriously and strives to comply with the highest applicable standards and established good practices in the processing of personal data. The competent leading supervisory authority regarding the protection of personal data processed by Chasapis Accounting EOOD is the Personal Data Protection Commission of the Republic of Bulgaria.

This notice provides information on how we collect, use, share and protect the personal data of visitors to the sites owned by Chasapis Accounting EOOD. If you are or become a user of our websites, Chasapis Accounting EOOD guarantees that the personal data it processes will be:

  • processed lawfully, in good faith and in a transparent manner with respect to natural persons;

  • collected for specific, explicitly indicated and legitimate purposes and not to be further processed in a manner incompatible with these purposes;

  • appropriate, related to and limited to what is necessary in relation to the purposes for which they are processed;

  • accurate and, if necessary, kept up-to-date;

  • stored in a form that allows the identification of the data subject for a period not longer than necessary for the purposes for which the personal data are processed;

  • processed in a way that guarantees an appropriate level of personal data security.

Definitions

  • Controller of personal dataThe organization or individual that determines the purposes and means of processing personal data.

  • Personal Data Processor: The organization or individual that processes Personal Data on behalf of the Personal Data Controller.

  • Data subject: Identified or identifiable living natural person.

  • Personal DataAny information relating to an identified or identifiable natural person (“data subject”); identifiable natural person means a person who can be identified, directly or indirectly, through information such as, for example, name, identification number, location data, one or more factors characteristic of physical, physiological, genetic, economic, cultural or social identity of that individual.

  • Special categories of personal datapersonal data revealing racial or ethnic origin, political views, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data for the sole purpose of identifying a natural person, health status data or data about the sex life or sexual orientation of the natural person

  • Processing: Any operation or set of operations performed on personal data, whether by automatic or other means such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise , by which the data becomes accessible, arranged or combined, restricted, deleted or destroyed.

  • Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the personal data processor and the persons who, under the direct supervision of the controller or the personal data processor, have the right to process the personal data.

  • Breach of personal data means an act / circumstance that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access of personal data that is transmitted, stored or otherwise processed.

The GDPR provides for six legal grounds on which personal data may be processed:

  • the data subject has given his informed consent to the processing of personal data for a specific purpose;

  • the processing is necessary for entering into or performing a contract with the data subject;

  • data processing is necessary to comply with a legal obligation;

  • processing is necessary to protect vital interests of the data subject or another natural person;

  • the processing is necessary for the performance of a task of public interest;

  • the processing is necessary in view of the legitimate interest of the data controller or a third party, except when this interest is overridden by the fundamental rights and freedoms of the data subject.

Company data

Our website address is: https://chasapis.bg

Company name: Chasapis Accounting EOOD

Headquarters and management address: Sofia, str. Dragovitsa No. 3, floor 2

EIK: 202656311

MRP: Dorothea Prodanova
Contact phone: 0889 586854

E-mail: office@chasapis.bg

What personal data we collect, from whom and why

Personal data refers to both facts and opinions / assessments expressed in relation to an individual. Chasapis Accounting EOOD will not collect your personal data in any form, except those necessary to carry out actions on the respective website you visit.

  • Individuals (for example, lawyers, auditors, other independent consultants) and representatives, contact persons, employees of clients and partners with whom Chasapis Accounting EOOD has or is considering entering into contractual or factual relations.

  • Website visitors.

    • When a user uses the contact forms on our websites, we collect information about you based on your consent expressed by filling out this form. Typically, this information serves us to satisfy your inquiry about our services or other requests. Depending on the information you fill in, it is possible that the same will be processed to establish and exercise rights in connection with a potential or arising dispute with you, arising from claims or complaints made.

    • When a visitor leaves a comment on our website we collect data displayed in the comment form and also the visitor’s IP address to help detect spam. An anonymized string created from your email address (also called a hash) can be provided to the Gravatar service to see if you’re using it. The privacy statement for the Gravatar service is available here: https://automattic.com/privacy/. After your comment is approved, your profile picture is visible to the public in the context of your comment.

  • Participants in games / raffles / campaigns organized by Chasapis Accounting EOOD on our websites.

    • When registering to participate in our games, you provide us with personal data. We process them on the basis of your unequivocal consent expressed by voluntarily completing the registration form for participation in the game.

  • Visitors to the sites owned or leased by Chasapis Accounting EOOD.

Use and storage of personal data

Chasapis Accounting EOOD will use your personal data only for the purposes of technical management of the sites owned by Chasapis Accounting EOOD that you visit, to provide you with access to special information or for general communication with you. Chasapis Accounting EOOD has no right to sell or trade your personal data. The employees of Chasapis Accounting EOOD are obliged to protect the confidentiality of your data and to comply with a non-disclosure agreement. Chasapis Accounting EOOD stores the various types of personal data in electronic and paper format, which are contained in various documents, for a strictly defined period of time. The specified storage periods are always in accordance with the purposes for which the personal data is processed.

Sharing of Personal Data

Chasapis Accounting EOOD does not provide your personal data to third parties in any other way, except as described in this policy, under the concluded license agreements and contracts and in the cases provided for by law. Chasapis Accounting EOOD provides the data received in connection with the relationship with the Client and the execution of a contract or commercial agreement, only in accordance with the law and only to the authorized public authorities (NAS, NII, MIA, judicial authorities, etc.) or to processors of personal data on his behalf, as a contractor under a contract and only at his order or assignment (accounting firm, supporting information systems and databases, subcontractors under contracts in connection with the implementation of the subject of the contract or commercial agreement).

Security

Chasapis Accounting EOOD protects the collected personal data from unreasonable use and monitors their processing. Maintains secure computer systems through which personal data is processed. Adequate controls for the separation and management of data are applied to our systems. Chasapis Accounting EOOD has strict policies and procedures applicable to its staff to minimize the risks of processing personal data. The employees of Chasapis Accounting EOOD are familiar with the applicable rules and trained to process personal data with utmost care and compliance with imposed good practices. When carrying out its activity, Chasapis Accounting EOOD works only with established organizations and avoids working with companies that it believes may threaten the security of individuals’ personal data. Chasapis Accounting EOOD adopts good practices in the introduction and administration of security systems and monitors technological developments regarding possible risks to the security of information in the company. Chasapis Accounting EOOD provides access only to those personal data that are necessary for the performance of the work of the relevant employee.

Breach of personal data security

In the event of a breach of personal data security, Chasapis Accounting EOOD will take immediate action to limit the effect of the breach, as well as to inform the affected data subjects and the supervisory authority for the protection of personal data.

Your rights in relation to personal data

In accordance with Bulgarian legislation, you can exercise the following rights related to the personal data processed by Chasapis Accounting EOOD:

  • to access your personal data, which Chasapis Accounting EOOD processes, and to receive a copy of them;

  • to have your personal data corrected if it is inaccurate or when the data is incomplete;

  • request that your data be deleted when the conditions for this are met;

  • in the cases defined by law, to request that the processing of your personal data be limited;
  • in the cases defined by law, to object to the processing of your personal data;
  • exercise your right to data portability and request that your data be provided in a structured, widely used and machine-readable format;

  • where the processing is carried out on the basis of your consent, to withdraw the given consent at any time and without the payment of any fees

  • file a complaint with a supervisory authority (the supervisory authority in the Republic of Belarus is the CPLD, with an address in the city of Sofia, 1592, “Prof. Tsv. Lazarov” Blvd. No. 2).

Cookies policy

Use of cookies
Cookies are small text files that are sent from our web server to the browser you use and stored on your device so that our site can recognize it. Most cookies do not contain sensitive or extensive information about you or personal data that we can use to recognize or identify you directly.

What cookies are used on this website?
  • Persistent cookies: Persistent cookies are stored as a file on your computer or mobile device for a longer period of time – they contain information about browsing, such as analyzing site visits, how you reached the website, what pages you viewed, what options you chose, and where you have been directed through this website. Tracking this information enables us to make improvements to the website as needed or to expand the content. The storage period of persistent cookies varies according to their specific purpose.

  • Session cookies: Session cookies are temporarily stored on your computer when you visit a site from our portfolio, but are deleted the moment you close the page or terminate your browser session. Typically, the information that is stored through them is which pages of the site you visited, how you got to a given piece of information, or what products you added to the online store cart.

  • Third party cookies: Our website contains links to other websites or embedded content from other websites. It is possible that when visiting these sites or opening their content, cookies from these websites may be stored on your end device. These cookies are called third-party cookies. Chasapis Accounting Ltd. has no control over the generation and management of these cookies. For this reason, we advise you to look for information about them and how they are managed on the respective third-party websites.

Remove/disable cookies

You can control the cookie settings you receive from our site in the browser you use or in your consent preference settings. Please note that if you restrict cookies, you may not be able to use the full functionality of the website.

The technical information we collect based on cookies does not constitute personal data within the meaning of the General Data Protection Regulation (Regulation (EU) 2016/679 on the protection of personal data), as it is not sufficiently individualized. Its use is necessary for the purpose of the functioning of the website, collecting necessary information, including that required by law, ensuring the security of website users, as well as to improve the services we provide to you.

Information about cookies is also available on the Cookie Policy page of our website.

If this notice is changed at a future time, the changes will be posted on the current page. The management of Chasapis Accounting EOOD reserves the right to change this personal data protection policy at any time, without contradicting the personal data protection law of the Republic of Bulgaria.