TRANSPARENCY POLICY FOR PROCESSING INFORMATION FOR CLIENTS OF MEGA ELECTRONICS - AP OOD
Mega Electronics - AP is a limited liability company registered in the Commercial Register at the Registry Agency with UIC 201472746, with registered office and address of management: Sofia, Slatina district, residential complex Reduta, 14-16 Atanas Uzunov Street, mag.1. The company is registered under the Value Added Tax Act with identification number BULSTAT BG201472746.
This policy is adopted in fulfillment of the obligations for transparency and information related to the processing of personal data and the exercise of data subjects' rights (Articles 12-14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (the General Data Protection Regulation) / the Regulation /) and the Personal Data Protection Act / ZZLD /.
Personal data collected in connection with the activities of Mega Electronics - AP through the e-commerce website www.megaelectronics.bg are processed in the "Clients" register.
In the register "Clients" are processed personal data of clients of "Mega Electronics - AP" for the provision of its products and services. Compliance with the Basic Principles for the Processing and Protection of Personal Data under the Regulation, which the PCA should follow, takes into account the following main points:
Personal data are processed strictly in accordance with the requirements of the Regulation, in compliance with morals and good manners, as well as applicable national legislation (compliance with the regulatory requirements of the Consumer Protection Act, Obligations and Contracts Act, Accounting Act, etc.), observing the principle of " legality, good faith and transparency ". The legal basis on which Mega Electronics - AP processes personal data is the performance of the distance selling contract concluded between Mega Electronics - AP and you, as a customer, as well as for the pre-contractual relations undertaken at your request in this regard.
Personal data are collected only for specific, explicit and legitimate purposes, respecting the principle of "purpose limitation", as follows:
for keeping accounting records of payments with persons who have made a request and / or concluded a service contract (preparation and sending of invoices for products and / or services; collection of amounts due for the products and / or services used);
The personal data we collect is relevant, relevant and limited to what is necessary in relation to the purposes for which it is processed.
The following categories of personal data are processed in the "Clients" register, observing the principle of "data minimization ":
Financial institutions send by e-mail to Mega Electronics - AP the approval or refusal with the following data:
The provision of the above personal data by you is a requirement that is necessary for the conclusion of the distance contract between Mega Electronics - AP and you, as a customer. Failure to provide the data on your part is an objective obstacle to the conclusion of the contract between Mega Electronics - AP and you, as well as to the inability of the administrator to fulfill the obligations arising from your request for products and / or services and others specified in item 2 of this policy aims.
Personal data is collected by the individuals to whom it relates (customers of "Mega Electronics - AP"), kept up to date and accurate, the controller takes all reasonable measures to ensure the timely deletion or correction of inaccurate personal data, having regard to the purposes for which they are processed, respecting the principle of "accuracy ".
Personal data shall be stored in a form that allows the identification of the data subject for a period not longer than necessary for the purposes for which the personal data are processed.
All data in the "Clients" register are stored for a period of 4 years after the termination of the service contract and / or warranty period with the respective individual, observing the principle of "storage restriction". However, every two years the controller shall review the need to store the personal data collected in order to delete in a timely manner data that are no longer needed and / or whose legal basis for processing has lapsed.
The data from the “Clients” register are processed only by employees, whose job description defines an obligation to process these data in connection with the objectives specified in item 2 of this policy.
Only authorized persons have the right to access the register (those who have been determined by an order of the manager of Mega Electronics - AP).
Mechanisms have been defined and implemented that allow unambiguous, personalized identification of each employee who tries to start and gain access to the information system serving the "Clients" register and to establish whether each employee is authorized.
The following have the right to access the data of the clients of "Mega Electronics - AP":
No personal data is provided in other countries.
The data subjects (Customers) of Mega Electronics - AP have the right to:
The supervisory body in the Republic of Bulgaria is:
Commission for Personal Data Protection, Address: Sofia 1592, Blvd. "Prof. Tsvetan Lazarov” № 2, Website: https://www.cpdp.bg/
Persons wishing to exercise the above rights submit a written request to Mega Electronics - AP or through an authorized person to the following person for correspondence and contact: Vasil Iliev, Sofia, 52 Han Omurtag Str., Tel .: 0893013240 or electronically to the following email firstname.lastname@example.org under the terms of the Electronic Document and Electronic Certification Services Act.
Mega Electronics - AP offers the following forms for exercising the rights of data subjects:
The controller shall provide the data subject with information on the action taken on the request, without undue delay and in any case within one month of receipt of the request. If necessary, this period may be extended by a further two months, taking into account the complexity and number of requests. The controller shall inform the data subject of any such extension within one month of receipt of the request, indicating the reasons for the delay. Where the data subject submits a request by electronic means, the information shall, where possible, be provided by electronic means, unless the data subject has requested otherwise.
If the controller does not take action on the data subject's request, the controller shall notify the data subject without delay and at the latest within one month of receiving the request of the reasons for not taking action and of the possibility to lodge a complaint with the supervisory authority and search. of judicial protection.
Information on requests is provided free of charge. Where the data subject's requests are manifestly unfounded or excessive, in particular because of their repeatability, the controller may either:
(a) charge a reasonable fee, taking into account the administrative costs of providing the information or communication or taking the requested action, or
(b) refuse to act on the request.
Where the controller has legitimate concerns about the identity of the natural person making the request, the controller may request the provision of additional information necessary to verify the identity of the data subject.
No personal data is provided in other countries.
Objectives of data processing / legal basis:
Pursuant to Article 6 (1) (f) of the Regulation, we use Google Analytics (Google Analytics), a web analytics service provided by Google, for the organization tailored to our needs and the continuous optimization of our websites. Inc. ("Google"). Our legitimate interest in this service stems from the described goals. In this regard, pseudonymous user profiles are created and cookies are used. Cookie generates the following information about the use of this website:
This information is used to report on the use of our websites, to compile a report on the activity of the sites and to provide other services related to the use of websites and the Internet. IP addresses are anonymized so that it is impossible to connect them to a specific destination (the so-called IP Masking option).
You can prevent the installation of cookies through the appropriate settings of your browser software; however, we would like to draw your attention to the fact that in this case not all functions of this web page will probably be able to be used in full. In addition, you can prevent the collection of data (including your IP address) created by cookies and related to the website you use, as well as the processing of this data by Google, if you download and install these add-ons.for Browser-Add-on. As an alternative to Browser-Add-on, especially for browsers on mobile terminals, you can prevent data collection from Google Analytics by clicking on this link. This creates an Opt-Out cookie, which stops the future collection of your data when you visit this website. The Opt-Out cookie is effective only in this browser and only for our website and is stored on your device. If you delete cookies in this browser, you will need to re-create the Opt-Out cookie. Additional information on data protection in connection with Google Analytics can be found on the Google Analytics website.
Recipients / Recipient Categories:
The information generated in the cookies is sent to a Google server in the USA and stored there. Under no circumstances will your IP address be combined with other Google data. If necessary, this information is sent to third parties, insofar as this is prescribed by law or if third parties process this data on the basis of the contract assigned to them.
Data retention period / Criteria for determining the data retention period:
After anonymizing the IP address, no contact can be made with your identity. Statistically processed data is deleted in Google Analytics after 26 months. In reports based on Google Analytics, there is no longer any link to a specific person to whom the data relates.
Overview of the cookies used with additional information (e.g. on the retention period)
|Name||Purpose||Description and use||Validity||Type||External supplier|
|_ga||Web tracking||Used to distinguish unique users by assigning a randomly generated number as a customer ID. Note: This process cannot be recovered and therefore your personal information is safe.||2 years||HTTP||Google Analytics|
|_gid||Web tracking||Used to store and update a unique value for each page visited||24 hours||HTTP||Google Analytics|
|_gat||Web tracking||Used to manage the request process||1 minute||HTTP||Google Analytics|
|_cfduid||System / mandatory cookie||DNS records stored in Cloudflare allow us to provide a secure connection. They set this cookie to identify your device as trusted. Follow the link for more information https://support.cloudflare.com/hc/en-us/articles/20017056-What-does-the-Cloudflare-cfduid-cookie-do-||1 year||HTTP||Cloudflare|
|_zlcmid||Chat app||The cookie is used to control the cache in the chat service provided to customers||1 year||HTTP||Zopim.com|
|wpfront-notification-bar- landingpage||System cookie||Opens / closes the bar at the bottom of the page to display a notification||Until the end of the session||HTTP|