When we talk about

“personal data”,

The Association, our employees and our partners take care and the greatest effort for their protection and diligent handling, not only because the law requires it. We truly believe that the right to inviolability is a fundamental human right.

For us, the protection of personal data is one of the most important ethical norms in our relations with employees, partners, associates, associate members, participants in events and others.

“Personal Data” is and remains your property.

We can use it “temporarily” only to the extent that we apply the necessary protection and abide by the law.

As an active organization in the field of personal data protection, we respect and perceive the principle of data protection by design. Minimizing data is our other basic principle. Therefore, the personal data we process is strictly necessary and minimal.

What data do we collect?

Generally, the data we collect for you is limited to:

  • Partners – names of the representatives of the companies or names of colleagues from the respective companies we communicate daily with, as well as their contact details;
  • Responsible Bulgarian companies for the protection of personal data – names of the representatives of the companies, contact details, address or names of employees of the respective companies who we contact in connection with the provision of advice / explanations;
  • Associate members – names and other identifying data in connection with membership, contact details and data for professional skills and qualifications. This is necessary to be sure that Associate Experts to the Association meet the highest requirements in the field of personal data protection;
  • Participants in events, trainings – names, contact details that allow us to contact you; at the discretion of the participant we are also provided with the following data – place of employment, occupied position, data for issuing an invoice.
  • Site visitors – at least e-mail address for anyone who wants to send us a message directly or via the contact form on our contact page, as well as other information that will allow us to contact you. We also collect information through analytical cookies. This information is subsequently anonymised and we could not identify you through it. In our Cookie Policy you can read in detail how you can manage their on/off.

Doing our business does not require taking and implementation of automated solutions, including profiling.

What do we use your personal data for?

We use your personal information:

• to contact you;

• to create and develop successful relationships;

• to provide you with advice, help or other service you need;

• in order to implement the ancillary functions of our services – accounting services, site management, protection of our legitimate interests.

Whom do we share your personal information with?

• We share your data with state institutions when required by a normative act.

• We share your data with other colleagues and partners (to recommend you as an expert, for example) only after you have explicitly agreed.

• We share your data with our selected and reliable processors who assist us in implementing our ancillary functions (for example, information systems support, accounting). Access to your data, which in most cases is strictly limited and minimal, is exercised only in relation to the performance of the service these processors provide to us. These persons act only on our instructions, they are not allowed to use your data for their own purposes.

How do we store your personal data and for what terms?

We store your data after both technical and strict administrative controls are applied. We keep it for strictly limited terms in order to protect your interests and our interests. For partners or associate members with whom we work together on a project, we store the data within the timeframe required for our and your protection and for the protection of those who have trusted us.

Every year we update our register of experts. Accordingly, if there are no other reasons (such as a joint project that requires storing certain data for a longer period of time with respect to your protection, our protection and protection of those who have trusted us), you can unsubscribe and we can delete information about you.

Submitted data in the application process are stored for a period not exceeding 3 months, except for the Association Request and your request for “compliance with the Code of Ethics”. Other information, such as job descriptions, CVs, etc., is only necessary for us in the registration process and for your acceptance into the community. Once accepted, this means that you meet the professional criteria set by the Association’s Board of Directors and we no longer need this data, which is why it is destroyed.

Your rights

The regulation requires each company to respect your rights in relation to your personal data. At the following link, you can see in detail what your rights are. If you have questions about the information presented here, you can email us at dpo@mydata.bg at any time.

Updates to the Privacy Policy

Last updated (notably in the section on data from members of the expert community): 12/12/2019.

The Team of the Data Protection Association