Terms and Conditions of Use
Last updated: 21.03.2024
I. INTRODUCTION
1.1 Welcome to https://www.optonicaled.com (hereinafter referred to as "Web site" or "Website"), which is operated by "PRIMA GROUP 2004" LTD. and may be accessed worldwide.
1.2 BY USING THIS WEBSITE YOU AGREE TO BE BOUND BY THESE TERMS AND CONDITIONS FOR THE USE OF THE WEBSITE. PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY BEFORE USING THIS WEBSITE AND IF YOU HAVE ANY QUESTIONS, PLEASE CONTACT US AT: [email protected].
1.3 IF YOU DO NOT AGREE TO ANY OF THE CONDITIONS CONTAINED IN THESE TERMS AND CONDITIONS, YOU SHOULD NOT USE THIS WEBSITE.
II. PURPOSE AND SCOPE OF THE TERMS AND CONDITIONS
2.1 These Terms and Conditions have been prepared and intend to regulate the relations between "PRIMA GROUP 2004" LTD. a company, registered in the Commercial Register at the Registry Agency with UIC: 131205029, having its seat and registered address at: Republic of Bulgaria, Sofia, p.o. box 1784, Mladost 1, “Mitropolit Serafim Slivenski” Street, bl. 144, Ground Floor, telephone: +359 2 988 45 72; +359 2 988 45 89, e-mail address: [email protected] and website: https://www.optonicaled.com/, hereinafter referred to as "Provider", and the users of the Website, hereinafter referred to as "Users", in connection with the use of the website.
2.2. These Terms and Conditions will come into force as soon as the User uses the website for the first time. The Terms and Conditions shall be applied each time the User visits and uses the website and will have effect from stopping of the use of the website. The User undertakes to use the website and all the contents of the website legally, in accordance with the conditions set forth in these Terms and Conditions.
III. DEFINITIONS
3.1. For the purposes of these Terms and Conditions:
a/ Provider is "PRIMA GROUP 2004" LTD.
b/ User/s is/are:
- the visitor/s to the Website https://www.optonicaled.com/;
- the individual who has contacted the Provider by sending a message via the contact form of the website;
- the individual who has contacted the Provider by sending a message via an online Product Request Form for receiving an offer for a selected product;
- the individual who has contacted the Provider by sending a message via an online Enrollment Form for being approved as an official Distributor of the Provider;
c/ Contact Form is a provided formular in an electronic form, that is available at https://www.optonicaled.com/ and which full completion is a condition for contacting the Provider.
d/ Product Request Form is an online form available on the Provider's website https://www.optonicaled.com/ for receiving of an offer regarding the products offered by the Provider.
e/ Enrollment Form for approval as an Official Distributor of the Provider is an online form available on the Provider's Web site https://www.optonicaled.com/, the complete completion of which is a condition for contacting the Provider about the intention of the User to become an Official Distributor of the Provider.
f/ Newsletter subscription is including an User’s e-mail address in a list with e-mail addresses where the owner of the e-mail address receives updated information about the products offered by the Provider.
3.2 These Terms and Conditions provide information about:
-Identification of the Provider;
- Subject matter of the Terms and Conditions;
- Characteristics of the Website;
- The conditions for filing a request for provision of an offer for a selected product/s;
- Pricing and payment terms;
- Delivery;
- Warranty;
- Claims;
- Force Majeure;
- Exemption from liability;
- Personal data protection;
- Links to third party websites;
- Intellectual property rights. Limitations of use;
- Final provisions - applicable law; written form for validity; amendments to the terms and conditions; partial invalidity; settlement of disputes.
IV. IDENTIFICATION OF THE PROVIDER
4.1 Name of the Provider:"PRIMA GROUP 2004" LTD.
4.2 Seat and registered address: Republic of Bulgaria, Sofia, p.o. box 1784, Mladost 1, “Mitropolit Serafim Slivenski” Street, bl. 144, Ground Floor.
4.3 Contacts: Republic of Bulgaria, Sofia, p.o. box 1784, Mladost 1, “Mitropolit Serafim Slivenski” Street, bl. 144, Ground Floor, telephone: +359 2 988 45 72; +359 2 988 45 89, e-mail address: [email protected].
4.. Data for entry in the commercial register and any other public register:
- PRIMA GROUP 2004" LTD.. is a company, registered in the Commercial Register at the Registry Agency with UIC: 131205029.
4.5 PRIMA GROUP 2004" LTD. is a VAT registered company under the Value Added Tax Act.
V. INFORMATION ABOUT SUPERVISORY AUTHOROTIES
5.1. Commission for Personal Data Protection
Address: Republic of Bulgaria, Sofia 1592, 2 Prof. Tsvetan Lazarov Blvd.
Telephone: 02/91-53-519
Fax: 02/91-53-525
Е-mail: [email protected], [email protected]
Web-site: www.cpdp.bg
5.2. Commission for Consumer Protection
Address: Sofia 1000, 1 “Vrabcha” Street, floor 3, 4 and 5
Telephone: 02/933 0565
Fax: 02 / 988 42 18
Hot line: 0700 111 22
Email: [email protected]
VI. SUBJECT MATTER OF THE TERMS AND CONDITIONS
6.1 The Provider has created the Website https://www.optonicaled.com/, which contains detailed information about the products offered to the Users.
6.2 The Provider provides and the Users undertakes to use the website under the conditions set forth in these Terms and Conditions.
6.3. In its professional activity, the Provider guarantees to the full extent the rights of the Users provided by law, as an additional corrective of its activity are namely the good faith, as well as the consumer and commercial criteria established as good practices.
VII. CHARACTERISTICS OF THE WEBSITE
7.1 The website is not an e-shop. It is created to inform Users about the products offered by the Provider and the latter to be contacted if the User wishes to order any of the products offered and advertised on the website and also if the User wishes to become an official Distributor of the Provider, or User’s e-mail address to be included in a list with e-mail addresses where the owner of the e-mail address receives updated information about the products offered by the Provider
7.2 The website includes comprehensive information on:
- Information about the Provider;
- All types of products that the Provider offers to Users;
- Information about how to contact the Provider;
- News published by the Provider;
- List of official Distributors of the Provider and contact details of such distributors.
VIII. REGISTRATION
8.1 The registration on the website is voluntary and free of charge. Registration is necessary in order the Users to be informed about the prices of products and availability of the products that the Provider offers. To register, the User shall select the "Register" button and fill out a registration form in which the following data shall be filled: username, e-mail address, password, first name, last name, phone number, language selection, country. Optional fields in the registration form include: company name, UIC, website address. After filling the required information, the User shall click the "Complete Sign Up" button.
8.2 By completing the registration procedure, a User’s account is created on the web site. To sign up the User shall his/her username and password.
8.3 The User confirms that the information provided during the registration is correct. The Provider is not responsible for any typographical errors or misrepresentations of information or information presented in a misleading manner.
IX. FILING OF A REQUEST FOR PROVISION OF AN OFFER FOR A SELECTED PRODUCT
9.1 No registration is required to use the Website. No registration is required for a provision of an offer for a selected by the User product.
9.2 In order to receive an offer for a selected Product, the User shall fill and submit the Product Request Form. Once the desired product is selected, the User shall enter the quantity for which the User wishes to receive an offer and click "Ask for Price" button. After the actions have been completed, the Quiq Order appears, where the User shall fill name, e-mail address and content of the message. This data is required in order the Provider to contact the User in connection with sending a quotation containing the price of the selected product. By filling out the form and clicking the "Send Message" button the User declares that he is familiar with these Terms and Conditions, agrees with their content and undertakes to comply with them.
9.3 Filling out the Quiq Order does not bind the User to enter into an agreement with the Provider. After filling out the Quiq Order and clicking the “Send Message” button, the Provider confirms the receipt of the request by sending an individual offer to the specified e-mail address. Sent to the e-mail address of the Provider by the User acceptance of the provided offer is considered as a conclusion of a purchase agreement between the Provider and the User.
9.4 Inquiries about products not advertised on the Website as well as other questions about the products offered by the Provider may be sent using the contact form of the Website at: https://www.optonicaled.com/en/contacts/, after filling a name, e-mail address and also the message stating the request. By filling out the form and clicking the "Send Message" button, the User declares that he is familiar with These terms and Conditions, agrees with their content and undertakes to observe comply with them. The Provider responds to the request within 48 hours.
X. PRICING AND PAYMENT TERMS
10.1 For the requested by the User products in the filled Product Request Form, the Provider sends an offer containing the prices of the selected products. The prices quoted in the offer do not include the cost of delivery of the products and possible costs of customs duties, fees collected in connection with customs clearance of documents and other charges. All shipping costs are additionally paid in addition to the price of the ordered products.
10.2 Payments of products ordered may be made in one of the two ways:
- by bank transfer, by transfer to the bank account of the Provider:
- through the PayPal System.
10.3 The User shall pay the Provider in advance the whole amount indicated in the offer. When making a bank payment, the User shall pay the bank fees or commissions.
XI. DELIVERY
11.1 The Provider delivers the products ordered by the User at a specified by the User address. The Provider delivers the ordered products worldwide with the help of courier organizations selected by the Provider. For each delivery, the Provider provides a shipping quote when the delivery address has been provided by the User.
11.2 The ordered and paid products shall be dispatched within 24 hours (on working days). The delivery terms are determined by the chosen courier organization and will be further specified for each particular order. The Provider is not responsible for any delays in delivery, as well as for any delays associated with customs clearance.
11.3 The Provider provides the User information on the dispatch of the products on the day the products are handled to the courier organization.
11.4 The products are handed over to the User against a signature certifying that the products have been received.
XII. WARRANTY
12.1 The Provider delivers products to the User with a production or commercial warranty of 24 /twenty-four/ months (unless otherwise stated) from the date of the invoice.
12.2 The Provider provides the User a written warranty containing the content and scope of the warranty, the duration of the warranty, the territorial scope of the warranty, the name and address of the authorized service to which the warranty shall be lodged.
XIII. CLAIMS
13.1 In the event that the delivered products do not correspond to the ordered products, the User undertakes to notify the Provider within three days after receipt of the products. The Provider will replace the products at his expense.
13.2 In the event of obvious defects or damages in the delivered products, which significantly reduce the price of the product or its suitability for use, the User undertakes to notify the Provider within six months of receipt of the products. Within 14 days, the Provider will offer the User a choice of one of the following three options: - to return the product and reimburse the price together with the cost of the order; - to keep the product and reduce its price; - defects or damages to be remedied at Provider's expense.
13.3 The User, who has the quality of a consumer within the meaning of the Consumer Protection Act, has the right to return the purchased products, which are not opened, used and damaged. The user undertakes to notify the Provider of the intention to return the purchased products within 14 days of receipt of the products. In order to refund the amount paid, the products shall not have been used and shall be returned in excellent condition to the Provider and in the original packaging together with the purchase documents within 14 days from the date of claiming the return of the products. All direct costs for returning of the products are at the expense of the User. The Provider refunds the amount paid by the User for the purchased product/s within 14 days of the date on which the Provider has been notified by the User about the decision to return the purchased products.
XIV. RETURN OF GOODS
14.1. According to Article 50, para. 1 of the Consumer Protection Act the User shall have the right to withdraw from the distance contract without giving any reason, without compensation or penalty and without bearing any costs whatsoever other than the costs provided for in Article 54, para. 3 and Article 55 of the Consumer Protection Act, within a period of 14 days from acceptance of the goods by the User or by a third party other than the carrier and indicated by the User - in the case of a sales contract. Return of goods beyond the specified period will not be accepted.
14.2. The User shall be obliged to return the goods in the condition in which they were at the time of delivery. The Provider will not accept goods that have been repaired or damaged, goods with damaged or incomplete packaging, with traces of wear or excessive use, as well as scratches. The Provider will not accept goods that are not accompanied by all the accessories with which the goods have been delivered.
14.3. The user shall be obliged to return the goods purchased by him/her in the original package, accompanied by the labels intact, as well as all the documents with which the goods in question were delivered.
14.4. In the event that the User has purchased more than one identical item and wishes to return it to the Provider within the statutory 14-day period, it is mandatory that only one of these products has been opened. The other must be in a sealed package, otherwise they will not be accepted.
14.5. The return of goods by the User shall be done by sending the goods, by courier, to the address: Republic of Bulgaria, Sofia, p.o. box 1784, Mladost 1, “Mitropolit Serafim Slivenski” Street, bl. 144, Ground Floor.
14.6. In order to return the goods to the Provider, the User shall fill in the following standard form pursuant to Annex 6 of the Consumer Protection Act, namely:
Standard form for exercising the right of withdrawal:
(please fill in and submit this form only if you wish to withdraw from the distance contract)
- To "PRIMA GROUP 2004"
Republic of Bulgaria, Sofia, p.o. box 1784, Mladost 1, “Mitropolit Serafim Slivenski” Street, bl. 144, Ground Floor
- I hereby inform you that I am withdrawing from the distance contract for the purchase of the following goods, namely: ................
- Ordered on / received on
- Name of the User
- Address of the User (s)
- Signature of the User (s)
- Date
14.7. After completing this form and verifying that the product(s) the User wishes to return are eligible for return in accordance with Article 14.2 of these Terms and Conditions, the User must send the completed form either together with the goods to the address specified in Article 14.5 or to [email protected].
14.8. The return of the goods shall be the sole responsibility of the User and therefore the risk of damage or loss shall be borne by the User until the goods the delivery of the goods to the Provider. All costs related to the return of the goods are at the expense of the User.
XV. REIMBURSEMENT OF PAYMENTS
15.1. In the event that the delivered goods are inconsistent with the goods ordered by the User or the delivered goods are visibly damaged and the User wishes reimbursement of the amount paid, the Provider shall be obliged to reimburse the amount paid within 14 days from the date on which the Provider is notified of the User's intention to receive the amount paid. The Provider has the right to postpone the refund of the amount paid until the goods are received in return or until evidence is provided to the Provider that the goods have been sent back.
15.2. If the amount has been paid with a card through the PayPal system, the amount will be refunded on the card from which the User has made the payment.
15.3. If the amount has been paid by bank transfer, the amount will be paid into a personal bank account specified by the User. The Provider shall not be liable for a wrongly specified bank account by the User.
XVI. FORCE MAJEURE
16.1 The Provider shall not be held liable for total or partial failure to deliver the ordered product/s, including a delay in delivery or defect and/or damage of the product if it is due to "Force Majeure" (Force Majeure). "Force majeure" means an extraordinary circumstance (event) that arose after the signing of the agreement, could not be foreseen and is not dependent on the will of the parties, such as: fire, industrial accidents, military actions, natural disasters - storms, torrential rains, floods, hailstorms, earthquakes, ice, drought, landslides, etc. natural elements, embargo, government bans, strikes, riots, etc.
16.2 In the event that the Provider has been unable to fulfill its obligations due to a force majeure, the Provider shall be obliged within 10 days to notify in writing the User of its occurrence, as well as the supposed period of validity and termination of force majeure.
XVII. EXEMPTION FROM LIABILITY
17.1 The information on this website could include technical inaccuracies or errors although the Provider uses reasonable efforts to keep all the information on this website up to date. The Provider has the right to make changes and improvements to this Web site at any time. The Provider assumes no liability or responsibility for any errors or omissions in the content on this website. The Provider assumes no liability or responsibility for any damages or losses incurred for the Users as a result of the use of this website and the materials from this website.
17.2 The Provider is entitled to make changes to the products offered or to cease offering some of the products offered.
XVIII. PERSONAL DATA PROTECTION
18.1. The Provider collects and processes personal data of Users by applying all the standards for the protection of personal data under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. The Provider respects the privacy of Users and undertakes every effort to protect the personal data of Users against unlawful processing by applying technical and organizational measures, which measures are entirely consistent with state-of-the-art technological developments and provide a level of protection that corresponds to the risks associated with the processing and the nature of the data that should be protected. Detailed information on what personal data the Provider processes, the purposes of the processing of personal data, the period for the storage of personal data, as well as other information in fulfillment of the requirements of Article 13 of Regulation (EC) 2016/679 is available in the Privacy Policy which is published on the website of the Provider.
XIX. LINKS TO THIRD PARTY WEBSITES
19.1 The Website of the Provider contains links to websites maintained by third parties ("Third Party Websites"). The Provider is not responsible for the content on the Third Party Websites, and also for the presence of viruses, other harmful components on these websites, including for damages caused by the use of the Third Party Websites.
XX. INTELLECTUAL PROPERTY RIGHTS. LIMITATIONS OF USE
20.1 The whole content on the Website, including, but not limited to, all published texts, photographs, images, illustrations, graphics, computer programs, and any information posted on the website – is the exclusive property of the Provider.
20.2 Тrademarks (registered or unregistered), that are posted on the Website are protected by the applicable law. Nothing in these Terms and Conditions shall be construed as а permission to grant the right to use the trademark.
20.3 Тhe content of the website of the Provider may only be used by Users of the website for personal, non-commercial use.
20.4 The use of the information contained in this Website for commercial purposes, in any form (copying, modifying, downloading, selling, creating derivative works, reproducing, distributing, publishing, retransmission, etc.) is strictly prohibited. Users assume all liability from the use of the content of the website in violation of the rights of the Provider and the User is entitled to full compensation for the damage caused by the User.
XXI. FINAL PROVISIONS
21.1 All communications and notifications between the Provider and the User will be deemed to be valid if they are sent to the following e-mail addresses:
- For the User: the e-mail address as specified in the Request;
- For the Provider: [email protected]
If any of the parties, changes its e-mail address without notifying the other party, the latter is not responsible for messages not received, notifications and the like.
21.2 The invalidity of any provision of these Terms and Conditions will not result in the invalidity of the Terms and Conditions as a whole.
21.3 For all matters not covered by these Terms and Conditions, the provisions of the Bulgarian civil and commercial legislation shall apply.
21.4 Any disputes between the Provider and the Use arising out of these Terms and Conditions and the individual agreement shall be settled amicably by the parties. If the dispute cannot be resolved amicably, it shall be referred for settlement to the competent court.
21.5 Тhe Provider has the right to update these Terms and Conditions at any time in the future. When this happens, the revised Terms and Conditions will be posted on this Website with a new "Last Updated" at the top of these Terms and Conditions and will be in force from the date of publication. It is therefore advisable to periodically check these Terms and Conditions to make sure that you are familiar with any changes. Using the Website after publishing the updated Terms and Conditions, you will be deemed to agree with the changes made.
21.6 These Terms and Conditions are accepted on 21.03.2024 and shall enter into force for all Users on 21.03.2024.
21.7 If you have additional questions about these Terms and Conditions, please do not hesitate to contact us by e-mail at the following address: [email protected].
Cookie Policy
Last updated: 21.03.2024
1. INTRODUCTION
1.1. Welcome to https://www.optonicaled.com/en/ (hereinafter referred to as "Web site" or "Website") which is operated by "PRIMA GROUP 2004" LTD. (hereinafter referred to as Provider) and may be accessed worldwide.
1.2. PLEASE READ THIS COOKIES POLICY CAREFULLY BEFORE USING THIS WEBSITE AND IF YOU HAVE ANY QUESTIONS ABOUT THIS COOKIES POLICY, PLEASE CONTACT US AT: [email protected] OR +359 2 988 45 72, +359 2 988 45 89, +359 882 5274 41; +359 886 0161 00. IF YOU DO NOT AGREE TO ANY OF THE CONDITIONS CONTAINED IN THIS COOKIES POLICY, YOU SHOULD NOT USE THIS WEBSITE.
1.3. "PRIMA GROUP 2004" LTD. is a company, registered in the Commercial Register at the Registry Agency with UIC: 131205029, having its seat and registered address at: Republic of Bulgaria, Sofia, p.o. box 1784, Mladost 1, “Mitropolit Serafim Slivenski” Street, bl. 144, Ground Floor, telephone: +359 2 988 45 72, +359 2 988 45 89, +359 882 5274 41; +359 886 0161 00, e-mail address: [email protected] and website: https://www.optonicaled.com.
2. WHAT ARE COOKIES AND HOW ARE COOKIES USED?
2.1. Cookies are small text files that are sent from the Website to the computer or visitor’s device and stored in the browser’s file directory that the visitor uses. They collect information about how the site is used in order to improve the Website performance. This information most often includes: IP address of the device from which the visitor has access to the platform (usually used to determine a country or city); type of device from which the visitor accesses the platform (e.g., computer, mobile phone, tablet, etc.); type of operating system; type of browser; concrete actions to be taken, including pages visited, frequency and duration of visits to the website; date and duration of visits. More information about Cookies can be found at: http://www.allaboutcookies.org/.
2.2. The Provider of this Website uses different types of cookies for the following purposes:
· Analyzing how the Website has been used;
· Establishing the number of visitors of the website;
· Establishing the duration of website visits;
· Providing Visitors a better experience.
3. WHAT ARE THE TYPES OF COOKIES?
3.1. There are two types of Cookies depending on how long they are stored on the device: session cookies and persistent cookies. Session Cookies are temporary Cookies that remain on the device until the browser is closed. Persistent Cookies remain on the device for a longer period of time or until they are deleted.
3.2. Cookies can also be the following four types, depending on their function:
|
Cookies |
Purpose |
|
Necessary |
These Cookies are necessary for the proper functioning of the Website by allowing the visitor to navigate the website and use its features, such as remembering previous back-to-back actions in the same session. Therefore, visitors cannot deactivate these cookies without affecting the functioning of the website. |
|
Analytics |
These Cookies provide information on how the Website is used. This information includes: IP address of the device from which the visitor has access to the platform (usually used to determine a country or city); type of device from which the visitor accesses the platform (e.g., computer, mobile phone, tablet, etc.); type of operating system; type of browser; concrete actions to be taken, including pages visited, frequency and duration of visits to the website; date and duration of visits. From the types of Analytics Cookies we use Google Analytics. In this way we have the opportunity to improve the functionality of the Website in order to provide visitors a better experience. |
|
Performance |
These cookies are used in order to enhance the functionality and the performance of the Website. |
|
Advertising |
These cookies are used to track visitors to the website and gain an insight into their interests based on the websites they visit, to be able to offer ads that are relevant to the visitor.
|
4. HOW LONG IS THE INFORMATION KEPT?
4.1. The period for which the information is saved depends on the type of the Cookies. Session Cookies are deleted with closing of the browser, while the persistent ones are valid between two months and several years.
5. WHAT TYPES OF COOKIES ARE USED ON THIS WEBSITE?
5.1. A list of cookies that the Provider uses on this Website is provided in the table below.
|
Name of the cookie |
Description |
Duration |
Type |
|
_XSRF-TOKEN |
Wix set this cookie for security purposes. |
20 hours |
Necessary |
|
optonica_session |
|
20 hours |
|
|
_fbp |
Facebook sets this cookie to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising after visiting the website. |
3 months |
Analytics |
|
_ga_* |
Google Analytics sets this cookie to store and count page views. |
1 year 1 month 4 days |
Analytics |
|
_ga |
Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. |
1 year 1 month 4 days |
Analytics |
6. HOW TO CONTROL AND DELETE COOKIES?
6.1. The Website allows visitors to decide whether to accept or reject Cookies.
6.2. Browser Controls: The option to control Cookies, including the option to delete Cookies, are available in the browser used by the visitor. Different browsers use different ways to disable Cookies, typically in the "options" or "tools" menus. To disable performance Cookies and disable Google Analytics, it is necessary to download an add-on to disable Google Analytics. Visitors can also find out how they can disable Google Analytics Cookies at: https://tools.google.com/dlpage/gaoptout. More detailed information about how to control Cookies for different types of browsers is available at the following addresses: https://www.aboutcookies.org/how-to-control-cookies/ or www.youronlinechoices.com.
6.3. Visitors also have the opportunity to delete all the Cookies that are saved on the device. More detailed information on how to delete Cookies for different types of browsers is available at: https://www.aboutcookies.org/how-to-delete-cookies/#gchromex.
6.4. Additionally, for the convenience of visitors, we provide direct links that inform how cookies can be deleted from the most popular browsers, with some browsers being provided in Bulgarian language, and for others in English:
· For visitors using the browser Mozilla Firefox: https://support.mozilla.org/bg/kb/delete-cookies-remove-info-websites-stored
· For visitors using the browser Internet Explorer: https://support.microsoft.com/bg-bg/help/278835/how-to-delete-cookie-files-in-internet-explorer
· For visitors using the browser Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=bg
· For visitors using the browser Safari:
- for a computer: https://support.apple.com/kb/ph21411?locale=bg_BG
- for a tablet or a mobile phone: https://support.apple.com/bg-bg/HT201265
6.5. Visitors should keep in mind that controlling and deleting Cookies may affect some of the functions of the Web site.
7. BUTTONS, TOOLS AND CONTENT FROM OTHER
7.1. The Website contains buttons, which connect to other third party websites such as „Facebook“ button, “Instagram” button, "Linkedin" button as well as a link to the website of the developer of Provider’s website. Information on the use of these elements can be also collected. Also, when using these buttons, the information from the browser of the visitor to the Website can automatically be sent to the other party. These third party websites have their own Cookies Policies and Privacy Policies and are likely to use cookies and visitors are recommended to familiarize themselves with the relevant privacy policy and cookies policy of the third party in order to obtain more information. Visitors use such third party websites at their own risk and the Provider of this Website is not liable for the privacy practices of the third party websites.
8. CHANGES TO THE COOKIES POLICY
8.1. This Cookies Policy may be updated at any time in the future. When this happens, the revised Policy will be posted on this Website with a new “Last Updated” at the top of this Cookies Policy and will be in force from the date of publication.
9. CONTACTS
9.1. If you have additional questions about this Cookies Policy, please do not hesitate to contact us at [email protected] or +359 2 988 45 72, +359 2 988 45 89, +359 882 5274 41; +359 886 0161 00.
Privacy Policy
Last updated: 21.03.2024
1. INTRODUCTION
1.1. Welcome to https://www.optonicaled.com/en/ (hereinafter referred to as “Web site” or “Website”) which is operated by "PRIMA GROUP 2004" LTD, a Bulgarian company, with UIC: 131205029, having its seat registered at: Republic of Bulgaria, Sofia, p.o. box 1784, Mladost 1, “Mitropolit Serafim Slivenski” Street, bl. 144, Ground Floor, telephone number: +359 2 988 45 72, +359 2 988 45 89, +359 882 5274 41; +359 886 0161 00.
1.2. BY USING THIS WEBSITE YOU AGREE TO THE COLLECTION AND PROCESSING OF YOUR PERSONAL DATA IN COMPLIANCE WITH THIS PRIVACY POLICY.
1.3. PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING THIS WEBSITE AND IF YOU HAVE ANY QUESTIONS ABOUT THIS PRIVACY POLICY, PLEASE CONTACT US AT: [email protected] OR +359 2 988 45 72, +359 2 988 45 89, +359 882 5274 41; +359 886 0161 00. IF YOU DO NOT AGREE TO ANY OF THE CONDITIONS CONTAINED IN THIS PRIVACY POLICY, YOU SHOULD NOT USE THIS WEBSITE.
2. DATA CONTROLLER
2.1. "PRIMA GROUP 2004" LTD. (hereinafter referred to as “Controller”) is a Bulgarian company, with UIC: 131205029, having its seat and registered address at: Republic of Bulgaria, Sofia, p.o. box 1784, Mladost 1, “Mitropolit Serafim Slivenski” Street, bl. 144, Ground Floor, telephone: +359 2 988 45 72, +359 2 988 45 89, +359 882 5274 41; +359 886 0161 00 and website: https://www.optonicaled.com.
3. SUPERVISORY AUTHORITY
3.1. Commission for Personal Data Protection
Address: Republic of Bulgaria, Sofia 1592, 2 Prof. Tsvetan Lazarov Blvd.
Telephone: +3592/91-53-518; +3592/ 91-53-515; +3592/91-53-519
Fax: +3592/91-53-525
Е-mail: [email protected]
Web-site: www.cpdp.bg
4. PURPOSE AND SCOPE OF THE PRIVACY POLICY
4.1. The Controller understands the privacy concerns of the visitors to this Website (hereinafter referred to as “individuals”) regarding the protection of personal data and is committed to protect their personal data by applying all the standards for protection of personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as “GDPR”). With this Privacy Policy, the Controller respects the privacy of individuals and undertakes every effort to protect the personal data of individuals against unlawful processing by applying technical and organizational measures, which measures are entirely consistent with state-of-the-art technological developments and provide a level of protection that corresponds to the risks associated with the processing and the nature of the data that should be protected.
4.2. With this Privacy Policy and in compliance with the requirements of the GDPR, the Controller provides information on:
· the purpose and scope of this Privacy Policy;
· personal data collected and processed by the Controller;
· purposes of personal data processing;
· period for which the personal data will be stored;
· mandatory and voluntary nature of provision of personal data;
· processing of persona data;
· protection of personal data;
· recipients of personal data;
· rights of individuals;
· procedure to exercise the rights.
5. DEFINITIONS
5.1. For the purposes of the GDPR and this Privacy Policy, the following terms shall have the following meaning:
5.1.1. Personal data means any information relating to an identified or identifiable natural person (‘individual’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
5.1.2. Processing of personal data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
5.1.3. Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.
5.1.4. Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
5.1.5. Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
5.1.6. Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
5.1.7. Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
5.1.8. Third party means a natural or legal person, public authority, agency or body other than the individual, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
5.1.9. Consent of the individual means any freely given, specific, informed and unambiguous indication of the individuals’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
5.1.10. Personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
6. PRINCIPLES RELATING TO PROCESSING OF PERSONAL DATA
6.1. The Controller observes the following principles relating to processing of personal data:
· The personal data are processed lawfully, fairly and in a transparent manner in relation to the individual (‘lawfulness, fairness and transparency’);
· The personal data are collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
· The personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
· The personal data are accurate and, where necessary, kept up to date (‘accuracy’);
· The personal data are kept in a form which permits identification of individuals for no longer than is necessary for the purposes for which the personal data are processed (‘storage limitation’);
· The personal data are processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
7. PERSONAL DATA COLLECTED AND PROCESSED BY THE CONTROLLER
7.1. Processing of special categories of personal data (“sensitive data”)
The Controller does not collect and record special categories of personal data, such as: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. Individuals shall not provide such sensitive data to the Controller. If the individual negligently or intentionally provides sensitive data to the Controller, the Controller undertakes to immediately delete such data.
7.2. Personal data collected directly from individuals
7.2.1. Personal data collected directly from individuals when the Controller is contacted by phone
Individuals provide personal data to the Controller when they contact the Controller by phone. The telephone number of the Controller is specified in the Controller’s Identification Information in this Privacy Policy and in the Contacts menu where the contact details of the Controller are provided. When the individual contacts the Controller by phone, the Controller only collects and processes the name and phone number of the individual, and in some cases also the e-mail address of the individual. These data are processed for the purpose of communicating with the individual. The processing of these personal data is necessary for actions preceding the conclusion of a contract and undertaken at the request of the individual, namely providing more information on the goods and services offered by the Controller in connection with a possible conclusion of a contract with the individual.
7.2.2. Personal data collected directly from individuals when individuals contact the Controller using the contact form of the website
Individuals provide personal data to the Controller when they contact the Controller by sending a message using the contact form on the Controller’s website. When the individual sends a message to the Controller using the contact form to contact the Controller, the Controller collects and processes the name of the individual, the e-mail address, telephone number and the other information that the individual provides in the sent message, such as the address. These personal data are processed for the purpose of communication with the individual and record keeping. The processing of these personal data is necessary for actions preceding the conclusion of a contract and undertaken at the request of the individual, namely providing more information on the goods and services offered by the Controller in connection with a possible conclusion of a contract with the individual.
7.2.3. Personal data collected directly from individuals when individuals contact the Controller by e-mail
Individuals provide personal data to the Controller when they contact the Controller by sending an e-mail. The e-mail address of the Controller is specified in the Controller’s Identification Information in this Privacy Policy and in the Contacts menu where the contact details of the Controller are provided. When the individual sends an e-mail to the Controller, the Controller collects and processes the e-mail address of the individual and the other information that the individual provides in the sent message, such as the address. These personal data are processed for the purpose of communication with the individual and record keeping. The processing of these personal data is necessary for actions preceding the conclusion of a contract and undertaken at the request of the individual, namely providing more information on the goods and services offered by the Controller in connection with a possible conclusion of a contract with the individual.
7.2.4. Personal data collected directly from individuals when individuals submit a request for provision of a quote for a selected product
Individuals provide personal data to the Administrator when they fill in and submit the Request for provision of a quote located in the "Products" menu on the Administrator's website. When an individual submits a completed Request for provision of a quote, the Administrator collects and processes the individual's e-mail address, name, and other information that the individual provides in the submitted message, such as phone number and address. This data is processed for the purposes of communication with the individual and record keeping. The processing of this personal data is necessary for pre-contractual actions taken at the request of the individual, namely providing more information about the goods and services offered by the Controller in connection with the eventual conclusion of a contract with the individual.
7.2.5. Personal data collected directly from individuals when individuals contact the Administrator by sending a message using the Facebook platform
Individuals provide personal data to the Controller when they contact the Controller by sending a message using the Facebook platform via the Facebook messaging service available through the Facebook page of the Controller. When the individual sends a message to the Controller using the Facebook platform via the Facebook messaging service, the Controller collects and processes the individual's name, as well as the other information the individual provides in the sent message. This data is processed for the purpose of communication with the individual and record keeping. The processing of such personal data is necessary for the realization of the legitimate interests of the Controller, whose legitimate interests are to reply to the received messages, as well as to keep the received messages. The administrator uses the Facebook services, an independent US service provider, to receive messages via the Facebook platform. This means that the personal data provided will be stored on Facebook servers in the United States. Facebook has its own Privacy Policy and individuals are advised to get acquainted with it in order to get more information. The Facebook Privacy Policy is posted at https://www.facebook.com/policy.php .
7.2.6. Personal data collected directly from individuals when individuals contact the Administrator by sending a message using the Instagram platform
Individuals provide personal data to the Controller when they contact the Controller by sending a message using the Instagram platform via the Instagram messaging service available through the Instagram page of the Controller. When the individual sends a message to the Controller using the Instagram platform via the Instagram messaging service, the Controller collects and processes the individual's name, as well as the other information the individual provides in the sent message. This data is processed for the purpose of communication with the individual and record keeping. The processing of such personal data is necessary for the realization of the legitimate interests of the Controller, whose legitimate interests are to reply to the received messages, as well as to keep the received messages. The administrator uses the Instagram services, an independent US service provider, to receive messages via the Instagram platform. This means that the personal data provided will be stored on Instagram servers in the United States. The Instagram Privacy Policy is posted at https://help.instagram.com/519522125107875 .
7.2.7. Personal data collected directly from individuals when individuals contact the Administrator by sending a message using the LinkedIn platform
Individuals provide personal data to the Controller when they contact the Controller by sending a message using the LinkedIn platform via the LinkedIn messaging service available through the LinkedIn page of the Controller. When the individual sends a message to the Controller using the LinkedIn platform via the LinkedIn messaging service, the Controller collects and processes the individual's name, as well as the other information the individual provides in the sent message. This data is processed for the purpose of communication with the individual and record keeping. The processing of such personal data is necessary for the realization of the legitimate interests of the Controller, whose legitimate interests are to reply to the received messages, as well as to keep the received messages. The administrator uses the LinkedIn services, an independent US service provider, to receive messages via the LinkedIn platform. This means that the personal data provided will be stored on LinkedIn servers in the United States. The LinkedIn Privacy Policy is posted at https://www.linkedin.com/legal/privacy-policy.
7.2.8. Personal data collected directly from individuals when individuals register on the website
Individuals provide personal data to the Controller when they register on the Controller's website. When making a registration, the individual provides the following data and personal data that the Controller collects and processes, namely: name and surname of the individual, e-mail address, telephone number, company name, VAT number, country and password. The collection and processing of these personal data is necessary: - for the realization of the legitimate interests of the Controller, which legitimate interests are enabling the individual to maintain a registered profile on the Controller's website; - for concluding or executing a contract for the purchase of goods.
7.2.9. Personal data collected directly from individuals when individuals make warranty claims
Individuals provide personal data to the Controller when making warranty claims. When making a warranty claim, the individual provides the following personal data, which the Controller collects and processes, namely: name and surname of the individual, e-mail address, telephone number, address, other data necessary to prove the claims, including the extent of the damage suffered. The collection and processing of this personal data is necessary for the realization of the legitimate interests of the Controller, which legitimate interests consist in establishing the validity of the claim, defending against claims in proceedings before courts and other public authorities.
7.3. Personal data collected from third parties
The Controller usually does not obtain personal data for individuals from third parties. However, in some cases, if the Controller has a reasonable grounds to suspect any individual of infringing Controller’s legal or intellectual property rights, then the Controller will obtain personal data of the suspected individual from public registers or private sources. This data may be processed for the purposes of investigating the infringement and taking legal actions against the infringement. The lawful grounds for processing of the personal data are the legitimate interests pursued by the Controller, which legitimate interests are investigating the infringement and taking legal actions against the infringement.
7.4. Data collected automatically
7.4.1. When an individual visits the Web site, the Controller automatically collects the following data, namely:
· The type of device from which the individual accesses the platform (for example, a computer, a mobile phone, a tablet, etc.);
· Internet Protocol (IP) address of the device from which the individual accesses the website (usually used to determine the country or city from which the individual accesses the website);
· Type of operating system;
· Type of the browser;
· Concrete actions undertaken, including the pages visited, frequency and duration of visits to the website;
· Date and time of visits.
7.4.2. The collection and processing of these Personal data are necessary to realize the legitimate interests of the Controller, which legitimate interests are facilitating the use of the website and improving the functionality of the website.
8. USE OF COOKIES
8.1. Individuals can obtain more information about how the Controller uses cookies on the Cookies Policy which is published on the website of the Controller.
9. PURPOSES OF PERSONAL DATA PROCESSING
9.1. The Controller collects and processes the personal data of individuals who are provided directly by them solely for the following purposes, namely:
· to provide the goods and services that the Controller offers and identify individuals (future and current clients);
· to contact the individual via e-mail in order to respond to the received inquiries;
· for the execution of obligations of a contract to which the individual to whom such data refer is a party, and for actions at the individual’s request and preceding the execution of a contract;
· for the execution of an obligation of the Controller, stipulated by law;
· accounting purposes;
· statistical purposes.
9.2. The Controller collects and processes the personal data of individuals who are automatically collected for the following purposes, namely:
· improving the efficiency and functionality of the website;
· preparing anonymous statistics on how the website has been used;
· providing better services;
· administering the website;
· adapting the website to the preferences of individuals.
9.3. The Controller may not use the personal data of individuals for purposes other than those specified in this section of this Privacy Policy.
10. PERIOD FOR WHICH THE PERSONAL DATA WILL BE STORED
10.1. Inquiries and correspondence by email, Facebook, Instagram and LinkedIn: The Controller stores the personal data and the communication received by e-mail and messages sent by Facebook, Instagram and LinkedIn for a period necessary to answer to the received message and to satisfy individual’s request, as well as for one calendar year after the Controller has answered to the received message and satisfied individual’s request.
10.2. Criteria for determining the period for which the personal data will be stored
In other situations, not specified above, the Controller will store the personal data of the individual for no longer than needed considering the following criteria, namely: - if the Controller is obliged by a legal norm to continue with the processing of the personal data of the individual; - if appropriate industry rules exist on the period for which the personal data shall be stored; - purpose for storing of the personal data both currently and in the future; - if the Controller and the individual have concluded an agreement and the Controller is obliged to continue to process the personal data in order to comply with the obligations under the agreement; - purposes for using of the personal data currently and in the future; - if it is necessary to contact the individual in the future; - if the Controller has any legal ground to continue to process the personal data of the individual; - any other sufficient grounds, like the character of the relationship with the individual.
11. MANDATORY AND VOLUNTARY NATURE OF PROVISION OF PERSONAL DATA
11.1. The personal data required to be provided by the individuals are in accordance with the services offered by the Controller. The provision of personal data by individuals is voluntary. In the event that the individual refuses to provide the personal data:
· the Controller will not receive the e-mail if the individual does not fill the necessary data in the contact form;
· The individual will not be able to create a profile on the website.
12. PROCESSING OF PERSONAL DATA
12.1. The Controller processes the personal data of individuals by means of a set of actions that can be performed by automatic or non-automatic means.
13. PROTECTION OF PERSONAL DATA
13.1. The Controller undertakes the appropriate technical and organizational measures to protect the personal data against accidental or unlawful destruction, or against accidental loss, unauthorized access, alteration or dissemination, as well as against other unlawful forms of processing, including the following:
· using only secure and protected servers and folders for storing of the personal data;
· verifying and confirming the identification of the individual inquiring access to his/her personal data before granting access to such personal data;
· web based information systems have the prefix "https:" instead of "http:". In this way, your information is protected and unchanged and unread by third parties, and for this purpose the Controller uses an SSL certificate issued by one of the world's leading companies in the field of security and encryption of data transmitted over the Internet.
· the Controller never sends correspondence, including electronically, requiring a user name and password to access the individual's profile;
· the Controller provides individuals with a secure and encrypted connection when sending personal data;
· the Controller provides individuals with a secure and encrypted connection when logging into the profile of the website.
13.2. More information on the technical and organizational measures undertaken by the Controller is available in the Instruction on the Mechanism of Personal Data Processing and their protection in the maintained registers containing personal data with the Controller. In case you would like to receive detailed information about the technical and organizational measures, please do not hesitate to contact us at [email protected] or +359 2 988 45 72, +359 2 988 45 89, +359 882 5274 41; +359 886 0161 00.
14. RECIPIENTS OF PERSONAL DATA
14.1. The Controller has the right to disclose the personal data processed to the following categories of persons, namely:
· to Individuals to whom the data relate when they exercise the right of access the personal data relating to him/her.
· to state bodies if provided for in a legal act, for example state bodies (NRA, Patent Office, Commercial Register, etc.).
· to data processors providing services in favor of the Controller’s business activities, such as hosting service providers, marketing services providers, website traffic analysis providers, which are subject to a confidentiality obligation, and they have provided sufficient assurance of enforcement appropriate technical and organizational measures in such a way that the processing proceeds in accordance with the requirements of the Regulation and ensures the protection of the rights of individuals.
14.2. The Controller does not sell personal data provided by the individual to third parties.
15.RIGHTS OF INDIVIDUALS
15.1. Right of access by the individual:
The individual has the right to obtain from the Controller confirmation as to whether or not personal data concerning him or her are being processed. If the Controller processes personal data of the individual the Controller shall provide a copy of the personal data undergoing processing.
15.2. Right to rectification:
The individual has the right to obtain from the Controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the individual has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
15.3. Right to erasure (‘right to be forgotten’):
The individual has the right to obtain from the Controller the erasure of personal data concerning him or her without undue delay and the Controller has the obligation to erase personal data without undue delay where one of the stated in article 17 of the GDPR grounds applies.
15.4. Right to restriction of processing:
The individual has the right to obtain from the Controller restriction of processing where one of the stated in article 18 of the GDPR grounds applies. If the processing has been restricted, such personal data shall, with the exception of storage, only be processed with the individual’s consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. The Controller informs the individual who has obtained restriction of processing before the restriction of processing is lifted.
15.5. Right to data portability:
The individual has the right to receive the personal data concerning him or her, which he or she has provided to the Controller, in a structured, commonly used and machine-readable format and has the right to transmit those data to another controller without hindrance from the Provided to which the personal data have been provided, if the processing is based on consent or on a contract.
15.6. Right to object:
The individual has the right to object on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her. According to Article 21, Paragraph 4 of the GDPR the right to object shall be explicitly brought to the attention of the individual and shall be presented clearly and separately from any other information. For compliance of this obligation, more information about the right to object, can be found in the section below titled “Right to object to processing of personal data”.
15.7. Right of withdrawal of consent:
The individual has the right at any time to withdraw the consent he has given. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. The order for withdrawal of the consent is specified in Section XIV of this privacy policy. The individual may either withdraw the given consent by choosing the "unsubscribe" option when receiving a newsletter.
15.8. Profiling rights:
The individual has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
15.9. Right to be informed about the personal data breach:
The individual has the right to be informed without undue delay about the personal data breach when the personal data breach is likely to result in a high risk to the rights and freedoms of individual.
15.10. Right to judicial and administrative protection:
15.10.1. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, the individual has the right to lodge a complaint with the supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the individual considers that the processing of personal data relating to him or her infringes the GDPR.
15.10.2. Right to an effective judicial remedy against a supervisory authority
Without prejudice to any other administrative or non-judicial remedy, the individual or legal person has the right to an effective judicial remedy against a legally binding decision of a supervisory authority concerning them. Proceedings against a supervisory authority shall be brought before the courts of the Member State where the supervisory authority is established.
15.10.3. Right to an effective judicial remedy against the Controller or processor
Without prejudice to any available administrative or non-judicial remedy, including the right to lodge a complaint with a supervisory authority, the individual has the right to an effective judicial remedy where he or she considers that his or her rights under the GDPR have been infringed as a result of the processing of his or her personal data in non-compliance with the GDPR. Proceedings against the Controller or a processor shall be brought before the courts of the Member State where the Controller or processor has an establishment. Alternatively, such proceedings may be brought before the courts of the Member State where the individual has his or her habitual residence.
15.11. Right to compensation and liability:
Individual who has suffered material or non-material damage as a result of an infringement of the GDPR has the right to receive compensation from the Controller or processor for the damage suffered. Court proceedings for exercising the right to receive compensation shall be brought before the courts of the Member State where the Controller or processor has an establishment. Alternatively, such proceedings may be brought before the courts of the Member State where the individual has his or her habitual residence.
15.12 If the Controller refuses to perform the obligations set forth in paragraph 3 of Art. 3 and 4 and art. 56, par. 6 and 7 of the Personal Data Protection Act, the individual shall have the right to exercise his/her rights through the Personal Data Protection Commission.
16. PROCEDURE TO EXERCISE THE RIGHTS
16.1. The individual exercises his or her right to withdraw the given consent, right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object and profiling rights, by submitting a written request to the Controller (either by post at the address specified in the identification of the Controller above or by e-mail), which should contain the following information:
· the name, address, and other data necessary for identifying the respective individual;
· a description of the request;
· signature, date of submission of the request and e-mail address.
16.2. The request shall be filed personally by the individual. The Controller keeps the requests filed by the individuals in a separate register.
16.3. When the individual exercises the right of access to the personal data relating to him or her the Controller shall verify the identity of the individual before responding to the request. This is necessary to minimize the risk of unauthorized access and identity theft. If the Controller cannot identify the individual from the collected information, then the Controller has the right to require a copy of individual’s documentation (such as ID card, driving license, other documents containing personal data that identify the individual) in order to verify the individual’s identity.
16.4. The Controller considers the request and provides the information on action taken on the request of the individual within two months of receipt of the request. This period may be extended by one further month where necessary, taking into account the complexity and number of the requests.
16.5. The Controller informs the individual of any such extension within one month of receipt of the request, together with the reasons for the delay. Where the individual makes the request by electronic form means, the information shall be provided by electronic means where possible, unless otherwise requested by the individual.
16.6. In case the Controller does not take action on the request of the individual, the Controller informs the individual without delay and at the latest within one month of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.
16.7. The Controller shall communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The Controller informs the individual about those recipients if the individual requests it.
17. RIGHT TO OBJECT TO PROCESSING OF PERSONAL DATA
17.1. The individual has the right to object on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her. According to Article 21, Paragraph 4 of the GDPR the right to object shall be explicitly brought to the attention of the individual and shall be presented clearly and separately from any other information. For compliance of this obligation, more information about the right to object, will be provided in this section of the Privacy Policy.
17.2. The individual has the right to object on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller or processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the individual which require protection of personal data, in particular where the individual is a child, including profiling based on any of these provisions. The Controller shall no longer process the personal data unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the individual or for the establishment, exercise or defense of legal claims. The individual can exercise this right by submitting a written request to the Controller, either by post at the address specified in the identification of the Controller above or by e-mail.
17.3. Where personal data are processed for direct marketing purposes, the individual has the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where the individual objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes. The individual can exercise this right by submitting a written request to the Controller, either by post at the address specified in the identification of the Controller above or by e-mail requiring to stop sending him or her marketing information or by clicking the unsubscribe link contained at the bottom of the e-mail the Controller sends to the individual.
18. BUTTONS, TOOLS AND CONTENT FROM OTHER COMPANIES
18.1. The Website contains buttons, which connect to other third party websites such as „Facebook“ button, “Instagram” button, “LinkedIn” button and a link to the website of the developer of Controller’s website. All websites of such companies that can be accessed through this website are independent and the Controller assumes no responsibility for any damages and losses incurred as a result of the use of these sites. Individuals use these sites on their own responsibility and it is recommended that they familiarize themselves with the relevant Privacy Policy of the respective company for more information.
19. CHANGES TO THE PRIVACY POLICY
19.1. This Privacy Policy may be updated at any time in the future. When this happens, the revised Privacy Policy will be posted on this Website with a new “Last Updated” at the top of this Privacy Policy and will be in force from the date of publication. It is therefore advisable to periodically check this Privacy Policy to make sure that you are familiar with any changes. Using the Website after publishing the updated Privacy Policy, you will be deemed to agree with the changes made.
20. CONTACTS
20.1. If you have additional questions about this Privacy Policy, please do not hesitate to contact the Controller at: [email protected] or +359 2 988 45 72, +359 2 988 45 89, +359 882 5274 41; +359 886 0161 00.