Privacy Policy

15.05.2019

Data protection is of a particularly high priority to us and by means of this Privacy Policy, we would like to inform you of the nature, scope and purpose of the personal data we collect, use and process via our websitе www.donkin.eu (“Website”), as well as inform you of the rights to which you are entitled.

By means of this Privacy Policy we ensure that the processing of personal data by us will always be in line with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“Regulation”), the Bulgarian Personal Data Protection Act and all the other applicable legislation.

I. What is “personal data”?

Personal data is any information that identifies you or can be used to identify you. This includes information you share with us via the Website, for example when you request a service through the contact forms on the Website or apply for an open position.

II. Who are we and how can you contact us?

We are Donkin and Partners EOOD, with UIC 205548209

Our seat and management address is in Sofia, 9 Gen. Stoletov blvd, ent. A, floor 1, apt. 3.

You can also find us in this address: Sofia, 15-17 Tintyava Str., Work & Share Coworking Space, W&S 2.

You can contact us at info@donkin.eu or by phone: +359 896 832 984

III. How, what and for what purposes do we collect your personal data?

We collect your personal data directly from you so you have full control over the type of information you provide us with. In general, it is possible to browse our Website without providing us with personal data, but there may be specific situations requiring to provide us with personal data, for example, when:

  1. you send us inquiries and messages via the contact forms on our Website. In this case, you need to provide us with your name and email address so that we can contact you and respond to your inquiry;
  2. make comments or provide us with additional information in the sections of the Website that allow it;
  3. knowingly and voluntarily provide personal data through any other section of the Website that allows this, including when you send us emails;
  4. you contact us through social media platforms, such as LinkedIn and Facebook;
  5. you apply for an open position. In this case, you need to provide us with a resume and motivation letter containing a minimum of information that will allow us to consider how your profile meets the requirements of the position and to contact you in this regard. This information includes: name, email, telephone, education, the languages you speak, and the level of fluency, information about your skills and qualifications, professional experience. At your own discretion, you could also provide us with additional data (e.g. age, photo, diplomas, certificates, recommendations, etc.).

We do not collect sensitive personal data, data related to children and do not perform automated decision-making and profiling.

IV. On what basis do we process your personal data?

The data we receive via the Website, we collect and process on the basis of Art. 6, paragraph 1, point (b) of the Regulation, namely with the purpose for taking steps at your request prior to entering into a contract.

V. To whom do we disclose your personal data?

Except as outlined below, we will not disclose or allow any person outside the company to access or use your personal data.

Depending on the specificity of each particular case, we may provide access to some of your personal data to IT service providers. We have personal data protection agreements with these companies and they process your data only at our direction and only to the extent necessary to fulfill their obligations.

We guarantee that the access to your personal data by our employees is made in compliance with the personal data protection legislation and confidentiality of information. They are not authorized to use, disclose or modify your personal data in any way except for the purpose of performing the services assigned by the company.

If we are legally bound or if this is necessary to protect our legitimate interests, we may disclose certain categories of personal data to competent state and judicial authorities.

VI. Non-provision of personal data

In cases where you need to provide us a minimum category of personal data (for ex. name and email when making inquiries or a set of personal data when applying for an open position) and do not do so, we may not be able to take the appropriate steps for responding to your request.

VII. How long will we store your personal data?

We will store your personal data on requests for services and inquiries for a period of 5 years from the date of the last interaction between us.

We will store your application for an open position until the relevant procedure is completed, but no later than 6 (six) months after the end of the procedure.

VIII. Your rights

The Regulation guarantees you a certain set of rights that you can exercise in relation to your personal data. Specifically, you have:

  1. Right to information –right to receive information about the processing of your personal data. This Privacy Policy is drafted in this regard;
  2. Right of access – right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, if so, to obtain a copy of the information;
  3. Right to rectification – right to require the correction or completion of your personal data if it is inaccurate or incomplete;
  4. Right to erasure (‘right to be forgotten’) – right to request the erasure of your personal data;
  5. Right to restriction of processing – right to require a restriction on the processing of your personal data;
  6. Right to object – right to object to the processing of your personal data, which is based on legitimate interest.

*You may exercise the right to erasure, restriction of processing and objection under the provisions and requirements of the Regulation and if there are grounds for you to do so. This means that there may be grounds for us to keep or continue to process your data despite exercising the relevant right. If this is the case, we will let you know.

  1. Notification of third parties to whom your personal data has been disclosed of any rectification or erasure of personal data or restriction of processing, unless this proves impossible or involves disproportionate effort;
  2. Right to data portability (if applicable) – right to receive the personal data concerning you in a structured, commonly used and machine-readable format and the right to request to transmit those data to another controller without hindrance;
  3. Right to withdraw consent to processing at any time and without negative consequences when processing is based on consent;

You can exercise all the above rights by sending us an email to info@donkin.eu. Keep in mind that we may ask for additional information if we need to verify your identity. We will try to respond to all legitimate requests within one month. Sometimes it can take us more than a month, in which case we will let you know.

  1. Right to complain to a supervisory authority if you consider that the processing of your personal data is in violation of the provisions of the Regulation or any other applicable data protection requirements.

The supervisory authority in the Republic of Bulgaria is the Commission for Personal Data Protection, address: Sofia 1592, “Prof. 2 Tzvetan Lazarov Str., website: www.cpdp.bg.

IX. Data protection

We have implemented appropriate security measures to prevent accidental loss, use or access to your personal data in an unauthorized manner, change or disclosure. We have put in place procedures to deal with any alleged violation of personal data and will notify you and the competent authorities for an infringement when we are legally obliged to do so.

If you have any questions regarding this Policy, you can contact us at: info@donkin.eu.