Personal data is any information that identifies you or can be used to identify you. This includes information you share with us via the Website, for example when you request a service through the contact forms on the Website or apply for an open position.
We are Donkin and Partners EOOD, with UIC 205548209
Our seat and management address is in Sofia, 9 Gen. Stoletov blvd, ent. A, floor 1, apt. 3.
You can also find us in this address: Sofia, 15-17 Tintyava Str., Work & Share Coworking Space, W&S 2.
We collect your personal data directly from you so you have full control over the type of information you provide us with. In general, it is possible to browse our Website without providing us with personal data, but there may be specific situations requiring to provide us with personal data, for example, when:
- you send us inquiries and messages via the contact forms on our Website. In this case, you need to provide us with your name and email address so that we can contact you and respond to your inquiry;
- make comments or provide us with additional information in the sections of the Website that allow it;
- knowingly and voluntarily provide personal data through any other section of the Website that allows this, including when you send us emails;
- you contact us through social media platforms, such as LinkedIn and Facebook;
- you apply for an open position. In this case, you need to provide us with a resume and motivation letter containing a minimum of information that will allow us to consider how your profile meets the requirements of the position and to contact you in this regard. This information includes: name, email, telephone, education, the languages you speak, and the level of fluency, information about your skills and qualifications, professional experience. At your own discretion, you could also provide us with additional data (e.g. age, photo, diplomas, certificates, recommendations, etc.).
We do not collect sensitive personal data, data related to children and do not perform automated decision-making and profiling.
The data we receive via the Website, we collect and process on the basis of Art. 6, paragraph 1, point (b) of the Regulation, namely with the purpose for taking steps at your request prior to entering into a contract.
Except as outlined below, we will not disclose or allow any person outside the company to access or use your personal data.
Depending on the specificity of each particular case, we may provide access to some of your personal data to IT service providers. We have personal data protection agreements with these companies and they process your data only at our direction and only to the extent necessary to fulfill their obligations.
We guarantee that the access to your personal data by our employees is made in compliance with the personal data protection legislation and confidentiality of information. They are not authorized to use, disclose or modify your personal data in any way except for the purpose of performing the services assigned by the company.
If we are legally bound or if this is necessary to protect our legitimate interests, we may disclose certain categories of personal data to competent state and judicial authorities.
In cases where you need to provide us a minimum category of personal data (for ex. name and email when making inquiries or a set of personal data when applying for an open position) and do not do so, we may not be able to take the appropriate steps for responding to your request.
We will store your personal data on requests for services and inquiries for a period of 5 years from the date of the last interaction between us.
We will store your application for an open position until the relevant procedure is completed, but no later than 6 (six) months after the end of the procedure.
The Regulation guarantees you a certain set of rights that you can exercise in relation to your personal data. Specifically, you have:
- Right of access – right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, if so, to obtain a copy of the information;
- Right to rectification – right to require the correction or completion of your personal data if it is inaccurate or incomplete;
- Right to erasure (‘right to be forgotten’) – right to request the erasure of your personal data;
- Right to restriction of processing – right to require a restriction on the processing of your personal data;
- Right to object – right to object to the processing of your personal data, which is based on legitimate interest.
*You may exercise the right to erasure, restriction of processing and objection under the provisions and requirements of the Regulation and if there are grounds for you to do so. This means that there may be grounds for us to keep or continue to process your data despite exercising the relevant right. If this is the case, we will let you know.
- Notification of third parties to whom your personal data has been disclosed of any rectification or erasure of personal data or restriction of processing, unless this proves impossible or involves disproportionate effort;
- Right to data portability (if applicable) – right to receive the personal data concerning you in a structured, commonly used and machine-readable format and the right to request to transmit those data to another controller without hindrance;
- Right to withdraw consent to processing at any time and without negative consequences when processing is based on consent;
You can exercise all the above rights by sending us an email to email@example.com. Keep in mind that we may ask for additional information if we need to verify your identity. We will try to respond to all legitimate requests within one month. Sometimes it can take us more than a month, in which case we will let you know.
- Right to complain to a supervisory authority if you consider that the processing of your personal data is in violation of the provisions of the Regulation or any other applicable data protection requirements.
The supervisory authority in the Republic of Bulgaria is the Commission for Personal Data Protection, address: Sofia 1592, “Prof. 2 Tzvetan Lazarov Str., website: www.cpdp.bg.
We have implemented appropriate security measures to prevent accidental loss, use or access to your personal data in an unauthorized manner, change or disclosure. We have put in place procedures to deal with any alleged violation of personal data and will notify you and the competent authorities for an infringement when we are legally obliged to do so.
If you have any questions regarding this Policy, you can contact us at: firstname.lastname@example.org.