INFORMATION ON THE PROCESSING OF PERSONAL DATA
Pursuant to articles 13/14 of EU Regulation n. 679/2016
This Privacy Policy represents information on the processing of personal data, provided pursuant to articles 13 and 14 of EU Regulation no. 679/2016, hereinafter "the Regulation", to all users who interact with this company (or through its website) and benefit from the services provided by Certus Eventus Ltd, city of Sofia Bulgary, Krasno selo district, 26 Ivailo Str., floor 1, ap.2, data controller (the “Controller” or the “Company”).
Pursuant to article 4, paragraph 1 of the Regulation, “personal data” is interpreted as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
"data controller", means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
"processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
"recipient" means a natural or legal person, public authority, agency or other body, to which the personal data are disclosed, whether a third party or not.
"third party" means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
"consent" means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her
Certus Eventus Ltd, city of Sofia Bulgary, Krasno selo district, 26 Ivailo Str., floor 1, ap.2.
The data of the user (hereafter also data subject) will be processed solely to fulfil the obligations of the Company pursuant to the Terms and Conditions of the service, as well as to perform any other necessary and connected activity to the provision of the service and its effective management; therefore, data can be treated according to the law even without the consent of the data subject. In fact, consent to processing for these purposes is optional; however, in the event of failure to consent, the user will not be able to use the Service. Specifically, the purposes of the processing are as follows:
In the following table, we summarise the purpose of processing your data, as well as the mandatory or voluntary nature of the transfer of data, the consequences of your refusal to communicate them and the legal basis of the processing in question.
Cookies
This website uses Google Analytics, a web analytics service provided by Google Inc (“Google”)
Google Analytics uses “cookies” which are text files placed on your computer to allow the website to analyse how users use the website.
The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored on Google’s servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse to use cookies by selecting the appropriate settings on your browser, but this may prevent you from using all the features of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
Cookies are not used for any other purpose to transmit information of a personal nature, nor are persistent cookies of any kind or systems for tracking users used.
The use of session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient exploration of the website.
Session cookies used on this website avoid the use of other technologies that could compromise the privacy of users’ browsing and do not allow the acquisition of personal identification data.
Browsers are often set to automatically accept cookies. However users can change this default configuration, so as to disable or delete cookies (from time to time or forever), with the consequence, however, that the optimal use of some areas of the website could be precluded.
You can also check the methods and types of cookies stored on your browser by changing the settings on your browser’s cookies.
The personal data of users will be processed with computer and paper tools, for the time strictly necessary to achieve the purposes for which they were collected. In this regard, when carrying out processing operations, the Controller shall comply with specific security measures in order to prevent data loss, possible illicit or incorrect use, as well as unauthorised access.
Data shall not be processed if it falls within those indicated in article 9 of EU Regulation 679/2016, i.e. data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or data qualified as genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
Personal data will be processed by the Controller in full compliance with the principles of purpose, necessity, proportionality and non-excess, set by the Regulations to protect the privacy of users and other applicable regulations and also identified by specific provisions of the Authority for the Protection of Personal Data (the “Guarantor”) and in compliance with the service provided.
The updated list of our data processors is available upon request to Certus Eventus, with registered office in city of Sofia, Krasno selo district, 26 Ivailo Str., floor 1, ap.2,
The updated list of our data processors is available upon request to Certus Eventus, with registered office in city of Sofia, Krasno selo district, 26 Ivailo Str., floor 1, ap.2, Bulgary
The access and processing of data may only be performed by employees of the Controller/Company who are authorised to handle this information correctly as authorised persons under the direct authority of the Data Controller. Where processing is to be carried out on behalf of the controller, the controller shall use only processors providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of the Regulation and ensure the protection of the rights of the data subject. Your data may also be disclosed to third parties, in the event of liquidation, merger, acquisition, joint venture or any other transaction involving the Data Controller. The personal data of the users may, if necessary, be communicated to third parties in Italian territory or in the territory of another EU Member State or even a third country with adequate organisational and technical measures to guarantee the same level of protection of personal data established by the European Privacy Regulation, which carry out ancillary and instrumental activities for the provision of services, in compliance with Chapter V of the Regulation, articles 44 to 50. For the purpose of the execution of the present contract, a person in charge of the processing of the personal data collected can be identified, identifiable from the registers responsible for data kept at the headquarters of the Controller pursuant to articles 3 and 5 and article 28 GDPR
The processing of your personal data will be carried out in lawfully and fairly pursuant to art. 6 of the Regulation, as acquired through the consent of the data subject, and as necessary in the execution of a contract or the execution of pre-contractual measures adopted at the request of the same.
Pursuant to the following articles of the EU Reg. 679/2016, you shall always have the right to withdraw your consent at any time (Article 7 paragraph 3); the right to receive information (articles 13 and 14); the right of access to the collected data (Article 15); the right to rectify the data collected (Article 16); the right to erase the data collected(Article 17); the right to restrict the processing of collected data (Article 18); the right to the portability of the collected data (Article 20); the right to object to the processing of collected data (Article 21).
Any request relating to the rights of one of the procedures listed above may be carried out by sending a communication to our dedicated email address as indicated in paragraph 7. Contacts. Each request will be handled without delay or at the latest within one month of receipt of the request, pursuant to article 12 of the Regulation. This term can be extended up to two months, if necessary, taking into account the complexity and number of requests made. Any such extension will be communicated to the data subject, in any event within one month of the request. This is, however, without prejudice to the possibility for the data subject to lodge a complaint with the Supervisory Authority, in the event of a breach of one or more provisions relating to EU Regulation no. 679/2016, cited expressly in this statement.
The data are kept by the controller for the period strictly necessary for the completion of the activities necessary for the performance of the contractual relationship; the data processed for the execution of the contract will be kept for the entire duration of the contract and for a period of 10 years and six months after the conclusion of the contract, to allow the Controller to defend his rights.
Requests by the user may be directed to Certus Eventus Ltd., 66 Vitosha Blvd 1463, Sofia, Bulgaria or by writing to the email address privacy@certuseventus.com
2020 © Certus Eventus Ltd., 66 Vitosha Blvd 1463, Sofia, Bulgaria - Company Registration number: 207189000.