INFORMATION ON PERSONAL DATA PROTECTION POLICIES PROCESSED IN "Rona Soft" Ltd.,
in connection with Art. 13 and Art. 14 of EU Regulation 2016/679
Personal Data Administrator
Digital Agency "ROA Soft" Ltd., address: 189G, Cherni Vrah BLVD, 1415 Sofia, Bulgaria, e-mail: office (et) ronasoft.com, tel./fax: 02/88654525 (" treats personal data of individuals ("data subjects") in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Personal Data Protection Act.
According to the General Regulation, "personal data" means any information relating to a natural person through which it can be directly or indirectly identified. Processing of personal data is any operation or set of operations that can be performed on personal data by automatic or other means.
Individuals whose personal data are processed by the company
In connection with the provided by the digital agency Rona Soft Ltd. processes personal data about the following data subjects:
- Natural persons, contractors or potential contractors of the company - customers and suppliers of goods and services, respectively their employees.
Targets of processing
The Company processes personal data to its clients, including their employees, for the following purposes:
(a) Provision of technical and digital services in performance of a contract;
(b) Protecting the legitimate interests of the company, including:
- Ensure the proper functioning, maintenance and security of the company's website and IT systems;
- Providing communication with customers, including electronically;
- Enforcement and protection of the company's rights and legitimate interests, including by court order.
(c) Enforcement of the legal obligations of the company and execution of the ordered state or judicial authorities.
Legal grounds for processing
The company processes personal data only if there is one of the alternative legal bases under the General Regulation and in particular:
(a) Execution of a contract, including pre-contractual relations prior to its conclusion;
(b) Statutory obligations applicable to the Company;
(c) The legitimate interests of the company, in so far as they have an advantage over the interests or fundamental rights and freedoms of the data subjects;
(d) Freedom of expression, in particular, informed and unambiguous consent of the data subject. The consent already granted may be withdrawn by the person at any time in the same manner as it was granted.
Possible consequences if personal data is not provided
In case the client does not provide the required information, including the necessary personal data, the company will not be able to conclude a contract with the client or will not be able to provide the requested service.
To whom personal data is transmitted or disclosed
The personal data of the company's clients are provided to:
- Commercial companies providing accounting services and information support to the IT systems of the company as processors of personal data;
- Other competent public authorities in fulfillment of an obligation provided by law.
Term of storage of personal data
The personal data of the contractors of the company are kept for 5 years from the conclusion of the respective contract in accordance with the general limitation period under the Obligations and Contracts Act.
The personal data contained in the accounting documents shall be kept within the terms of art. 12 of the Accountancy Act.
Security of personal data
The Company applies all appropriate technical and organizational measures to ensure the security of personal data, including the explicit obligation of the employees to confidentiality.
Rights as data subjects
Any individual whose data is processed by the company has the following rights:
- the right of access to his or her personal data, including a copy of them;
- the right to correct or supplement inaccurate or incomplete personal data;
- the right to delete personal data processed without a legal basis;
- the right to limit the processing - in the case of a legal dispute between the company and the person until its resolution or the establishment, exercise or protection of legal claims;
- the right of objection - at any time and on grounds relating to the particular situation of the person, provided that there are no compelling legal grounds for the processing that take precedence over the interests, rights and freedoms of the data subject or trial.
Pursuant to the Personal Data Protection Act, the aforementioned rights may be exercised by filing a written application on site at Rona Soft Ltd's office. An application may also be made electronically in accordance with the Electronic Document and Electronic Signature Act. The application is made personally by the data subject or by an explicitly authorized person.
Protecting the rights of data subjects
In accordance with the Data Protection Act and Regulation (EC) 2016/679 (General Data Protection Regulation), any individual who considers that his / her right to the protection of his or her personal data is violated may appeal to The Personal Data Protection Commission at: 1592 Sofia, "Prof. 2 Tsvetan Lazarov Str., Website: https://www.cpdp.bg/.