Art. 1 General Provisions
We, at helahim.com, are committed to ensuring the confidentiality and protection of your personal data in our capacity as the Data Controller of the personal data provided by you to us.
This Policy explains when and why we collect personal information (“personal information” and “personal data” are used in this Policy as identical terms) about people who visit our website and use our services, the way we use it, the conditions under which we may disclose it to others, and the way we protect it.
Please, send all inquiries regarding this Policy to the following e-mail: firstname.lastname@example.org
Art. 2 About us
We are helahim.com and provide services, products or general information about our business activity.
Our registered office address. When we are using the words “we” and “us”, and verbs in this form in the text below, we mean helahim.com
Art. 3 How do we collect personal data from you?
We receive information about you when you use our website helahim.com, for example when you send an enquiry to receive an offer/information, or in the process of requesting, ordering and using the services provided on the website.
Art. 4 What type of personal data do we collect?
We only collect basic personal data about you, which does not include any special categories of personal data (“sensitive data”). The Personal Information we collect may include the name, address, e-mail address, telephone number, other data required by the Accountancy Act and by other laws, and information about the pages visited and the time of their visit.
Art. 5 Why do we need your personal data?
We need to know your personal data in order to provide you with the services offered through this website, within the framework of a contract between us in connection with the rendering of these services, as well as information requested by you or expressly consented to by you. We will not collect any personal data that we do not need for the above purposes.
Art. 6 How do we use your personal data?
We may use your personal data in order to:
- Provide the services requested by you, including to process your orders and to perform our obligations arising from the contractual relationship between us;
- We provide new information directly related to services requested by you;
- We respond to enquiries and provide you with information requested by you, including help to resolve any issues arising in connection with your enquiries;
- We use re-marketing through trusted sites, including Google AdWords and Facebook;
- We are looking for your views or comments on the services and products/training provided by us;
- We perform statistical analyses and other analyses to improve our services;
- We make sure your interests are protected as regards the use of our website or services;
Art. 7 How long do we keep your personal data for?
We keep your personal data only to the extent and for as long as it is necessary for the relevant activity, for which it has been provided or as provided for in a contract between us, subject to the requirements and terms provided for in the Accounting Act, the tax laws and the other applicable enactments in force in the Republic of Bulgaria.
The data provided by use for use for marketing purposes shall be retained until you notify us that you no longer wish to receive the relevant information from us.
Upon achieving the purposes of processing your personal data, we shall destroy it.
Art. 8 Who shall have access to your personal data?
We shall not sell, lease or share your personal data to/with any third parties for marketing purposes.
We may pass your data to third parties – service providers, subcontractors and other related organisations only for the purpose of carrying out tasks and rendering services to you on our behalf.
Nevertheless, when we use third party service providers, we shall disclose only the data that is necessary for the provision of the service, and we have a contract with the third party that requires it to protect your data and not to use it for its own direct marketing purposes.
We shall not provide your personal data to any third parties for their marketing purposes, unless you have requested it or if it is becessary by virtye of the law, a court order or in order to prevent a fraud or another crime.
Your data to public authorities may be provided only in the cases stipulated for by law and to the extent not exceeding the purposes, for which they have been requested.
The Data Protection Commission exercises statutory control on the processing of personal data and we provide full access to the records we keep on personal data under the legal conditions for this.
Art. 9 Where do we process your personal data?
The personal data handled by us is processed in Bulgaria, but for the purposes of hosting and maintenance such data is located in Bulgaria. Third parties do not have access to your personal data, except where required by law.
Art.10 In which cases we shall contact you
You have a choice whether or not to receive information from us.
We may contact you freely whenever and to the extent that it is necessary for the performance of the services requested by you, the obligations under a contract between us, to provide new information directly related to services you have requested, in response to an inqyiry by you, for the purpose of protecting your interests as regards your use of our website or services, or based on a legal requirement. We have the right to send an email-newsletter about new developments on the site, to which you have subscribed with your email address.
We shall not contact you for any marketing purposes by e-mail, telephone, text messages or by post, unless you have given us your prior express consent or unless the communication is directly related to you and complies with the requirements of the General Data Protection Regulation (Regulation (EU) 2016/679).
Art.11 How can you get access to, correct or delete your personal data?
You have the right at any time to request the following from us:
- access to your personal data collected in the process of providing and using the services, including: confirmation of whether we are processing your personal data, what categories your data is, the purposes of such processing, and the recipients to whom the data is disclosed, as well as a notice with a copy of your personal data being processed and its source;
- correction of information you have requested from us, where such information has become incorrect or outdated, e.g. your email address, and any other information;
- deletion or blocking of your personal data where the processing does not meet the requirements of the Data Protection Act or the General Data Protection Regulation (Regulation (EU) 2016/679);
- notification of such correction, deletion or blocking to the third parties, to whom your personal data has been disclosed, except where this is impossible or involves excessive effort.
The action requested by you as regards the provision of access, correction, deletion or blocking of your personal data shall only be taken with respect to your personal data. The above shall be free of charge.
If you want to request access, correction, deletion or blocking of your personal data being processed by us, you need to send us a written request that contains as follows:
- name, address and other identifying data of the natural person concerned;
- description of the request;
- preffered form of providing the information according to Art. 28, paragraph 1;
- signature, date of submission of the application, and correspondence address.
- notarially certified Power of Attorney where submitted by an authorized person. The application may be also signed with an electronic signature.
The application should be sent to the following email: email@example.com
We shall comply with your request for access, correction, deletion or blocking within a term of 14 days, subject to the legal requirements and exceptions in this respect.
You shall be notified of the decision for implementing the requested action or the refusal to do so as per the requirements of the law. Such notice shall be sent to you by post with proof of delivery or may be obtained in person against signature.
Art.12 How can you lodge an objection or a complaint or against personal data processing
In the cases stipulated by the law, you will have the right:
- to file an objection to us against the processing of your personal data where there are legal grounds for this; where such objection is justified, the personal data of the respective natural person may no longer be processed;
- to object against the processing of your personal data for direct marketing purposes;
- to be notified before your personal data is first disclosed to any third parties or used on your behalf for the purposes referred to in the preceding paragraph of this Article by being given the opportunity to object against such disclosure or use.
If you wish to make any complaint about the way your data is being processed, you can contact us at firstname.lastname@example.org. If you are not satisfied with our response or if you do not believe that we are processing your data lawfully, you can contact the competent data protection authority – the Data Protection Commission.
Address: 1592 Sofia, 2 “Prof. Tsvetan Lazarov” Blvd.
tel.: +359 2 915 35 18, +359 2 915 35 15, +359 2 915 35 19, fax: +359 2 915 35 25
Art.13 Security measures in place to protect your personal data against loss, misuse or alteration
When you give us personal data, we undertake due actions in order to ensure that it is being securely processed. The website helahim.com uses a secure communication protocol SSL certificate. HTTPS authenticates the website and the corresponding web server, to which it is uploaded. It also bi-directionally encrypts the client-server connection, which provides protection against tapping, falsification or forgery of the message content. In practice, the above provides sufficient guarantees that the user connects to the correct site (and not a fake copy), and it also ensures that the content of messages between the user and the website cannot be read or falsified by any third parties. Further information about HTTPS (https://bg.wikipedia.org/wiki/HTTPS).
Non-sensitive information (your email address, etc.) is routinely transmitted over the Internet, and therefore 100% security can never be guaranteed. In this regard, while we strive to protect your information, we cannot guarantee the security of any information sent by you to us, as you do so at your own risk. Once we receive your information, we make every effort to ensure its security on our systems.
We shall not use any automated decision making or profiling.
Art.16 Links to other websites
Art. 17 Transfer of personal data outside Europe
If you use our services while you are outside the EU, your data may be transferred outside the EU to provide you with these services.
Art.18 Review of this Policy
We regularly review this Policy to ensure the quality and lawful protection of your personal data. The present Policy was last updated in March 2018 and complies with the General Data Protection Regulation (Regulation (EU) 2016/679).