“Advanced Data Tech” Ltd.
Last updated: December, 2020
Advanced Data Tech Ltd. collects and uses the information for the purposes of:
• direct marketing;
• fulfillment of its contractual obligations to the Users
“Advanced Data Tech” Ltd. processes the personal data of users on the basis of a contract concluded between the User and “Advanced Data Tech” Ltd.
The user agrees to the processing of his personal data for the purposes of direct marketing by marking a checkbox.
The user can withdraw from the given consent at any time by marking a checkbox, which is located on https://adt-ltd.org and it’s subpages.
The personal data of the Users are stored for a period of 2 years.
Each User of the site enjoys all rights to personal data protection under Bulgarian law and European Union law.
Each User has the right to:
• Awareness (in connection with the processing of his personal data by the administrator);
• Access to your own personal data;
• Correction (if the data is inaccurate);
• Deletion of personal data (right to be forgotten);
• Restriction of processing by the controller or processor of personal data;
• Portability of personal data between individual administrators;
• Objection to the processing of his personal data;
• The data subject has the right not to be the subject of a decision based solely on automated processing, including profiling, which has legal consequences for the data subject or similarly affects him significantly;
• The right to judicial or administrative protection in the event that the data subject’s rights have been violated.
The user may request deletion if one of the following conditions is true:
• Personal data are no longer needed for the purposes for which they were collected or otherwise processed;
• The user withdraws his consent on which the data processing is based and there is no other legal basis for the processing;
• The user objects to the processing and there are no legal grounds for the processing to take precedence;
• Personal data has been processed illegally;
• Personal data must be deleted in order to comply with a legal obligation under Union law or the law of a Member State that applies to the controller;
• Personal data have been collected in connection with the provision of information society services to children and consent has been given by the parent responsible for the child.
The user has the right to restrict the processing of his personal data by the administrator when:
• Dispute the accuracy of personal data. In this case, the restriction of processing is for a period that allows the administrator to verify the accuracy of personal data;
• The processing is illegal, but the User does not want the personal data to be deleted, but instead requires restricting their use;
• The administrator no longer needs the personal data for the purposes of processing, but the User requires them for the establishment, exercise or protection of legal claims;
• objects to the processing pending verification of whether the legal grounds of the administrator take precedence over the interests of the User.
RIGHT OF PORTABILITY
The data subject has the right to receive the personal data concerning him and which he has provided to the controller, in a structured, widely used and machine-readable format and has the right to transfer this data to another controller without hindrance from the controller. data are provided when the processing is based on consent or a contractual obligation and the processing is carried out in an automated manner. When exercising its right to data portability, the data subject shall also have the right to receive a direct transfer of personal data from one controller to another where this is technically feasible.
RIGHT TO OBJECT
Users have the right to object to the controller against the processing of their personal data. The controller of personal data shall be obliged to terminate the processing, unless he proves that there are convincing legal grounds for the processing, which take precedence over the interests, rights and freedoms of the data subject, or for the establishment, exercise or protection of legal claims. In the event of an objection to the processing of personal data for the purposes of direct marketing, the processing should be stopped immediately.
COMPLIANT TO THE SUPERVISORY AUTHORITY
Each User has the right to file a complaint against illegal processing of his personal data to the Commission for Personal Data Protection or to the competent court.
OBLIGATIONS OF THE PERSONAL DATA ADMINISTRATOR:
The personal data controller has the following obligations:
• Processes the data in accordance with the principles of personal data protection set out in the regulation, being able to prove this (accountability);
• Provides data protection at the design stage and by default;
• Notifies the supervisory authority and the data subject in case of breach of personal data security, as well as documentation of any breach of personal data security, incl. the facts related to the violation, its consequences, the actions taken to deal with the violation;
• Performs an impact assessment on data protection;
• Implements appropriate technical and organizational measures to ensure data security, such as:
▪ Ensuring constant confidentiality, integrity, availability and sustainability of processing systems and services;
▪ Timely restoration of the availability and access to personal data in case of a physical or technical accident;
▪ Regular testing, evaluation and evaluation of the effectiveness of technical and organizational measures;
▪ Cooperation with the supervisory authority for personal data protection in fulfilling the obligations arising from the regulation.
▪ Prepares and implements internal procedures regarding the acceptance, consideration and response within one month of requests from Users to exercise their rights as personal data subjects.
MAINTENANCE OF THE REGISTER
Advanced Data Tech Ltd. maintains a register of the processing activities for which it is responsible.
This register contains all the information below:
• the name and contact details of the administrator;
• the purposes of the processing;
• description of the categories of data subjects and of the categories of personal data;
• the categories of recipients to whom personal data are or will be disclosed, including recipients in third countries or international organizations;
• where possible, the envisaged deadlines for deleting the different categories of data;
• where possible, a general description of the technical and organizational security measures.
AUTHORITY REGULATING THE ACTIVITY
The body regulating the activity of “Advanced Data Tech” Ltd. is the Commission for Personal Data Protection (CPDP), with the following coordinates:
• Website: https://www.cpdp.bg/
• tel: 02 / 91-53-518
• email: firstname.lastname@example.org
• address: Sofia 1592, bul. „Prof. Tsvetan Lazarov ”№ 2