Privacy and Cookie Policy

What is personal data?

Personal data is information that directly or indirectly identifies you as an individual, indirectly meaning when it is combined with other information such as your names, postal address, e-mail address, telephone number, etc.

How do we process your personal data?

We at DIGITAL & SOFTWARE SOLUTIONS LTD – the administrator of this website https://dss.bg do not collect or process personal data more than we need to fulfill the purposes set out in this privacy policy.

We will only use personal information as set out in this policy, unless you have given us your explicit consent to another type of use of your personal information, such as through an explicit written consent to send marketing messages.

What types of personal data do we process?

When you visit our website, we might process the following categories of personal data:
• IP address
• Date and time of visit of our webpage
• Specific webpage which is visited
• HTTP status
• Website from which you visit our webpage
• Type of browser

When you use our contact form, we might additionally collect the following personal information:
• Names
• Email address
• Subject and content of your message to us

The listed categories of personal data are only those that you provide to us when visiting our website and the use of cookies – mandatory and those for which you have given your explicit consent to use.

We may be required to process and store personal data on legal grounds and/or to achieve regulatory compliance, such as to prevent, establish or investigate a crime, prevent loss, fraud or other types of financial misuse.

Use of our webpage

This Privacy Policy also applies to your use of our website with the following features related to the protection of personal data.

(1) Cookies: Our Website uses cookies and other technologies to improve the user’s work and functioning of the Website, usability and security. Please see our cookie policy for more details.

(2) Third Party Websites: For the convenience of our visitors, this website contains links to some other websites(Facebook.com, LinkedIn.com) that are not controlled or managed by us. The policies and procedures we describe here do not apply to these websites. We are not responsible for the security or protection of any data collected by these third parties. We encourage you to contact these websites directly for information on their data protection policies.

In which cases we might share your personal data?

We might disclose your personal data only to public authorities and only when required by law. For example, we will respect the requests of courts, law enforcement, administrative or other public state or municipal authorities.

We do not transfer your personal data or any information that may concern you outside the territory of the Republic of Bulgaria.

Processing of personal data of children:

We do not collect or process personal data of children under 14 years of age, except with the consent of a parent or guardian in accordance with applicable local law. If we learn that a child’s personal data has been accidentally collected, we will delete such data in a timely manner.

Processing of special categories of personal data (“sensitive” data):

We do not process special categories of personal data, such as: personal data revealing racial or ethnic origin, political views, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data for the sole purpose of identifying an individual, data on the health condition or data on the sexual life or sexual orientation of the individual.

Security of your personal data

We take the security of your personal data seriously. We apply the appropriate level of protection and to this end we have developed reasonable physical, electronic and technical procedures to protect the data we collect from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to transmitted, stored or otherwise processed personal data. Access to your personal data is only granted to employees on a need-to-know basis and to other authorized persons who need it for the performance of their official duties. In the event of data breach, we will follow all applicable notification rules in such cases.

What are your rights?

As a data subject, you have specific legal rights related to the personal data we collect from you. We respect your individual rights and will always answer your questions and inquiries regarding the ways in which we process the personal data received from you.

The list that follows contains information about your rights arising from the applicable data protection laws as follows:
• Access: we may provide you information related to the processing of your personal data and a copy of this personal data.
• Correction: when you believe that your personal data is inaccurate or incomplete, you may request that this personal data be amended accordingly.
• Specific webpage which is visited
• Deletion: you may request the deletion of your personal data, to the extent permitted by law, unless the company proves that there are legal grounds for the processing that take precedence over the interests of the data subjects or for the establishment, exercise and protection the legal rights and interests of the company;
• Website from which you visit our webpage
• Restriction: you may request restriction on the processing of your personal data to the extent permitted by law.
• Objection: you may object to the processing of your personal data on grounds related to your specific situation. You have the absolute right to object to the processing of your personal data for the purposes of direct marketing, which includes profiling related to such direct marketing.
• Withdrawal of consent: when you have given your consent to the processing of your personal data, you have the right, at any time, to withdraw it.
• Data portability: where legally applicable, you have the right to have your the personal data provided to us returned to you or, where technically possible, to be provided to a third party.

Additional information needed to exercise your rights:
• Deadline: We will try to fulfill requests for your exercising of rights or information requests within 30 (thirty) days, and this deadline may be extended due to specific reasons related to the specific legal right, or due to the complexity of your request, of which we will notify you before the expiration of this period.
• Identification difficulties: In some cases we may not be able to verify your personal data based on the identifiers provided in your request. In such cases, when we cannot identify you as a data subject, we do not have the objective opportunity to comply with your request to exercise your legal rights as set out in this section, unless you provide us with additional information that would allow us to identify you.
• Exercising your legal rights: To exercise your legal rights, please contact us at the addresses listed at the end of this policy.

Storing of your personal data

We process and store your personal data for a certain retention periods, which is determined by:

• Requirements of the Bulgarian and European legislation
• Another period with a view to protecting our legitimate rights and interests, but no longer than 5 years

Amendments in this Privacy Policy

We reserve the right to amend this policy at any time. For this reason, we invite you to consult the policy regularly. This data protection policy is in force as of the date indicated at the top of the page.

Contact details

“DIGITAL & SOFTWARE SOLUTIONS” LTD, UIC: 204428477, having its corporate address at: Sofia, Student city distr., № 5А “Baku” str., fl. 6, office 6-5., e-mail: [email protected]