What is covered by these Privacy Policies and on what legal basis? Since 25 May 2018 Bulgaria has been applying the General Data Protection Regulation (GDPR). It is adopted by the European Union and its purpose is to align the EU Member States’ policies on the collection and use of personal data. Another goal is to guarantee our right to privacy, to protect our personal data in order to provide more security against the misuse of personal information of each and every one of us. The new regulation comes with a number of requirements that Genox Ltd applies and you can meet here. These include:
- Let us know what data we use.
- Let us know why we use them.
- Ask your consent to use them.
- Allow you to change your consent for different purposes through this site to have more freedom.
- Guarantee the right to ask for your data to be corrected, deleted, and forgotten. In addition, we may provide you with the downloads or transfer them if you notify us and identify us in the appropriate ways.
- Identify all third parties / other companies with whom we exchange your data. Keep in mind that the internet is a global network, we often use standardized services to log in and track behavior.
Any data that can be identified by a user is considered to be personal data. Such may be email, names, mobile phone, home address, IP address.
What data we collect from our users:
-home / personal / data: names, address, e-mail, telephone
-dates on health
Consent for the use of personal data
Any natural person whose personal data we use in writing will declare his / her consent.
Who we share and disclose your personal information
– Public authorities – National Revenue Agency, National Social Security Institute
– The personal data processor – accountant, person and staff
– Business partners – for direct marketing, joint products and services
Sometimes we record some of our information on our servers or send it to third parties. This is necessary so that we can provide you with the best experience when using our services, and sometimes – and at all, so that we can make available the availability and accessibility of your service.
Genomax Group does not grant the right to use, sell, disclose or share information about you (GDPR personal data) with others or with unrelated companies
If you do not wish to send the information to any of our partners, you may withdraw your consent here.
Protection of information
When we store the information with us, it is physically stored on our own servers and in paper form in the form of work records.
When selecting our server support partners, we undertake detailed verification of their certification.
Covering these standards ensures maximum data security for our users.
We restrict access to information for you by employees acting under the direction of Genomax Ltd except in cases where there are reasonable grounds for dealing with that information in order to provide you with services or in connection with the work performed by these employees.
We have physical, electronic and procedural safeguards that comply with our legal obligations to protect your information.
How long we store the information
Data storage continues as long as we have a reason to store it. We apply the following terms for storing the different types of personal data according to their purpose, namely:
- We retain your personal data for the term of the contractual relationship, except where legally required for a longer period of storage, for example, under the Accounting Act, tax audit documents – 10 years, records and payables – 50 years;
- We may retain some personal data in order to exercise our rights (for example, to file court claims) or for tax and accounting purposes.
The Electronic Communications Act applies to traffic data and the data is stored within 6 months. Such data shall be transmitted to the specialized bodies and institutions only in accordance with legal provisions and with due cause.
Data subjects’ rights according to GDPR
- Right to access your personal information: You have the right to receive confirmation from us that personal data are processed for you and, if this is the case, you have the right to access personal data and information.
- Personal data rectification right: If you find that the personal data we process for you are inaccurate, you are entitled to make us correct this personal data.
- Right to delete personal data (the right to be forgotten): under certain circumstances, such as if your personal data has been processed unlawfully or you have withdrawn consent (if personal data processing is based on consent), you have the right to request and get your personal information deleted from us.
- Limitation of processing: In certain circumstances, such as if you have doubts about the accuracy of your personal data or have objected to our legitimate purpose for processing your personal data, you may request that we restrict the processing of your personal data until a solution is found.
- Right of objection to processing: in certain circumstances, such as if you have a legitimate interest in processing your personal data, you have the right to object, for reasons related to your particular situation, to such processing.
- Data portability: If your personal data is processed by automatic means in your consent or in order to perform our contractual relationship, you may request that we provide you with your personal data in a machine readable format for transferring to another data controller.
- Right to file a complaint with a control body: You have the right to complain about the processing of your personal data by us at the relevant control body.
Data processing and storage officers:
– Angela Ilieva Hristova – Chief Accountant, tel: 088 652 27 26
– Veselin Atanasov Karchinov – tel: 089 400 60 55