We, the team of UNI Delivery GROUP LTD - www.unidelivery.uk observe and engage with the European and Bulgarian legislation and in accordance with Regulation (EU) 2016/679 mAh European Parliament and the Council, the Law on Protection of Personal Data and regulations regulations governing these relations and matters concerning the protection of personal data.
AGREEMENT ON PRIVACY AND CONFIDENTIALITY PROVIDED BY OUR CLIENTS
1. The trader guarantees its users / clients confidentiality of information and personal data. The latter will be used, provided or brought to the attention of third parties outside the cases and conditions set out in these Terms and Conditions. TRADER protect the personal data of the user / customer become known when filling out the electronic form for making an application to purchase this obligation shall cease if the customer has provided false data. Subject to applicable law and the provisions of these Terms and Conditions, the trader may use customers' personal data only for the purposes set out in the contract. Any other purposes for which the data is used will be consistent with the Bulgarian legislation, the applicable international instruments, Internet ethics, morality and decency. 23a trader undertakes not to disclose any personal information about the Customer to third parties - government bodies, companies, individuals and others, except when he has received the written consent of the Customer information is required by state organs or officials according to current legislation are entitled to request and collect such information. Trader is obliged to provide the information under the law.
1. b INSTRUCTIONS Personal data
processing of personal data and protect them from unlawful forms of processing register "Contractors" conducted in the company UNI Delivery GROUP LTD
Article 1. These rules aim to regulate:
1.1. Keeping, maintenance and protection of the register "contractors" that stores personal data of customers in company UNI Delivery GROUP.
1.2. Obligations of officials processing personal data and the responsibility for these obligations.
1.3. Necessary technical and organizational measures to protect personal data of the above mentioned persons from unlawful processing (accidental or unlawful destruction, accidental loss or alteration, unlawful disclosure or access or unauthorized alteration or dissemination, as well as all other unlawful forms of processing personal data).
II. PURPOSE OF THE REGISTER
Article 2. The registry collects and stores personal data by contractors the company UNI Delivery GROUP during their performance in the execution of contracts in order to:
2.1. To establish a connection with the person on the phone to send correspondence relating to the execution of orders that are received in the online shop of the company.
2.2. For keeping the accounts.
III. KEEPING THE REGISTER
Article 3. The register is kept in electronic form.
3.1. In keeping the register of electronic media, personal data is entered on the hard disk isolated computer.
3.2 The computer is protected with access through password to access the personal data that is immediately only by the processing of personal data. When working with data using software processing of data.
3.3 Access to the operating system, files containing personal data processing have only the processing of personal data by password to open those files. Protection of electronic data from unauthorized access, damage, loss or destruction is ensured by maintaining high anti-virus software and regularly back up data.
IV. Personal data stored REGISTER
Article 4. The register supports the following data types:
4.1 Physical identity - name, address, telephone number and PIN.
V. GATHERING, PROCESSING AND STORAGE OF PERSONAL DATA
Art. 5. Personal data in the register "Clients" are raised by receiving orders online store company of a person who is a client implementing the Terms.
Article 6. In all cases, the individuals whose data are to be processed in the register, submit necessary personal data administrator / official / appointed for their processing - processing of personal data.
Article 7. The necessity of raising personal data and the purposes for which it will be used, the official / obshtabotvasht data inform the person.
Article 8. In need of repair data, persons providing such an official / processing of personal data at his request on the grounds of legal obligation.
VI. Allowing individuals to access their personal data
Article 9. Access to data of the person providing the form of:
9.1. verbal explanation;
9.2. written report;
9.3. review of the data by the person authorized by him or such;
9.4. provide a copy of the requested information.
Article 10. When submitting a request to provide access representing the administrator consider the application for access or order the processing of personal data to ensure that requests from individual access by the applicant in the preferred form. The deadline for examining the application and adjudicate on it is 14 days from the day of submission of the request or 30 days, when more time is needed to collect the personal data of the person with respect to possible difficulties in the operation of the controller. The decision is communicated in writing to the applicant in person against signature or by registered mail. When the data do not exist or can not be granted to a given legal basis, the applicant is denied access to a reasoned decision. The refusal to grant access may be appealed by the person referred to in the letter body and time.
Art. 11. Access to personal data of individuals contained in electronic media have only the processing of personal data with password access to the files.
Article 12. In addition to officials Processing personal data is lawful and access to officials directly involved in the preparation and verification of the legality of those documents - manager, chief accountant, and persons engaged in technical accounting transactions processing documents. Processing of personal data are obliged to provide access at their request.
VII. Third party access to the register "Clients" "
Article 13. Information from the register "Clients" are not exported outside the building administrator. No official or a third person has no right of access to the register "Clients" the company UNI Delivery GROUP, unless the same is required in due time by the judicial authorities (courts, prosecution, investigative authorities). Access to these authorities to personal data of individuals is in order.
Article 14. (1) does not require the consent of the person if the processing of their personal data is carried out by or under the control of a competent authority for personal data related to committing crimes, administrative violations and tort law. Such persons shall be granted access to personal data, if necessary, provide them adequate working conditions in the premises of the company.
(2) lawful access is also available a revised state bodies, showing identification with relevant documents - written instructions to the relevant authority, stating the reason, the names of persons for the purpose of their activity is necessary to provide them with access to data to register "Clients".
(3) changes in the status of the company (reorganization, liquidation, etc.) requiring the transfer of records of personal data by the company to another data controller, transmission of the register is done after authorization by the Commission for the protection of personal data and in accordance with that above procedure for submitting a request.
Article 15. Its decision to grant or refuse access to personal information about the person administrator communicated to third parties within 30 days of submission of the application, respectively. request.
Article 16. When introducing new software for data processing should be done a special commission on testing and verification capabilities of the product to meet the requirements of the protection of personal data and ensuring their maximum protection against unauthorized access, loss, damage or destruction.
Article 17. Of default assigned to the respective officials under these Rules and under the protection of personal data imposed disciplinary penalties under the Labor Code, and when the failure of the relevant obligation is ascertained and established by the proper authority - provided Protection Act data administrative penalty - fine. If the resulting actions of the official concerned the processing of personal data results in damage to a third party, the same can be held liable under general civil law or criminal procedure If he represents a more serious offense, which provides criminal liability .
Article 18. Backing up data on electronic media is done periodically every 30 (days) of the processing of personal data in order to preserve information about the persons in the current form. The same is done on floppy disks, access to which only the processing of personal data.
VIII. ADDITIONAL PROVISIONS
For the purposes of these rules:
§ 1. "data controller" is UNI Delivery GROUP LTD
§ 2. "processing of personal data" are the following officials:
- Simeon Makaveev - Authorized presented
§ 3. This regulation is issued pursuant to art. 24 para. 4 of the Law on Protection of Personal Data.
§ 4. This Regulation shall enter into force on 24.07.2017, and after all the officials who creates individual rights and obligations become familiar with its contents signature.
§ 5. A copy of the Rules is available for information and execution.