PRIVACY POLICY

Last change: March 30, 2022

I. INTRODUCTION

Welcome to https://vivalux.bg/bg ("Website" or "Website"), which is made for the benefit and by order of " VIVA" Ltd., with UIC: 119044645, with registered office and address: Sliven, P.K. 8800, 27A Bansko Shosse Blvd., contact phone: +359 44 666 080. BY USING THIS WEBSITE, YOU AGREE TO THE TERMS AND CONDITIONS REGARDING THE COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL DATA IN THE PARTNERSHIP. PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING THIS WEBSITE AND IF YOU HAVE ANY QUESTIONS ABOUT THIS PRIVACY POLICY PLEASE CONTACT US AT OFFICE@VIVA.BG OR ON +359 44 666 080. IF YOU DO NOT AGREE WITH SOME OF THE TERMS CONTAINED IN THIS PRIVACY POLICY, YOU SHOULD NOT USE THIS WEBSITE.

PERSONAL DATA ADMINISTRATOR

VIVA EOOD (hereinafter referred to as “Administrator”) is a sole proprietorship with limited liability, with UIC: 119044645, with registered office and address of management: Bulgaria, Sliven, P.K. 8800, 27A Bansko Shosse Blvd., contact phone: +359 44 666 080 and website https://vivalux.bg/bg.

SUPERVISOR:

Commission for Personal Data Protection

Address: Sofia, p.k. 1592, Blvd. "Prof. Tsvetan Lazarov ” 2 Contact details: 02 /915 35 18; 02/ 915 35 15; 02/ 915 35 19; kzld@cpdp.bg , www.cpdp.bg

II. OBJECTIVES AND SCOPE OF THE PRIVACY POLICY

1.1 The Administrator understands the views of visitors to this website on the protection of personal data and is committed to protecting their personal data by applying all data protection standards in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC. With this Privacy Policy the Administrator respects the privacy of individuals and makes all necessary efforts to protect personal data of individuals against unauthorized processing by applying technical and organizational measures to protect personal data, which measures are fully consistent with modern technological achievements and provide a level of protection commensurate with the risks associated with the processing and the nature of the data to be protected.

1.2 With this Privacy Policy and in compliance with the requirements of Regulation (EU) 2016/679, the Administrator provides information on:

  • the objectives and scope of the privacy policy;
  • personal data collected and processed by the Administrator;
  • the purposes of the processing of personal data;
  • terms of storage of personal data;
  • mandatory and voluntary nature of the provision of personal data;
  • processing of personal data;
  • protection of personal data;
  • the recipients or categories of recipients to whom the data may be disclosed;
  • rights of individuals;
  • procedure for exercising the rights;
  • right to object;
  • buttons, tools and content from other companies;
  • changes to the privacy policy.

III. DEFINITIONS

2.1 For the purposes of Regulation (EU) 2016/679 and this policy, these terms have the following meanings:

  1. Personal data means any information relating to an identified or identifiable natural person ("data subject"); identifiable natural person is a person who can be identified, directly or indirectly, in particular by an identifier such as name, identification number, location data, online identifier or one or more features specific to the natural person, the physiological, genetic, mental, intellectual, economic, cultural or social identity of that individual.
  2. Processing of personal data means any operation or set of operations carried out with personal data or a set of personal data by automatic or other means such as collecting, recording, organizing, structuring, storing, adapting or modifying, retrieving, consulting, using, disclosing or transmitting, disseminating or otherwise making the data accessible, arranging or combining, restricting, deleting or destroying.
  3. Restriction of processing means marking stored personal data in order to limit their processing in the future.
  4. Profiling means any form of automated processing of personal data, in the form of the use of personal data for the assessment of certain personal aspects relating to an individual, and in particular for the analysis or forecasting of aspects relating to the performance of professional duties. natural person, his economic condition, health, personal preferences, interests, reliability, behavior, location or movement.
  5. Administrator means a natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union law or the law of a Member State, the controller or the specific criteria for determining it may be laid down in Union law or in the law of the Union of a Member State.
  6. Processor of personal data means a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the Administartor.
  7. Recipient means a natural or legal person, public authority, agency or any other body to which personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the context of a specific investigation in accordance with Union or Member State law shall not be considered as "recipients"; the processing of this data by those public authorities complies with the applicable data protection rules in accordance with the purposes of the processing.
  8. Third party means a natural or legal person, public authority, agency or other body other than the data subject, the Administrator, the processor and the persons who, under the direct supervision of the controller or the processor, have the right to process personal data.
  9. Consent of the data subject means any freely expressed, specific, informed and unambiguous indication of the data subject's will, by means of a statement or clear confirmatory action expressing his or her consent to the processing of personal data relating to him or her.
  10. Violation of the security of personal data means a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data that is transmitted, stored or otherwise processed.

IV. PRINCIPLES IN THE PROCESSING OF PERSONAL DATA

3.1 The Administrator follows the following principles when processing personal data of individuals, namely:

  • Personal data is processed lawfully, in good faith and in a transparent manner with regard to the data subject ("lawfulness, good faith and transparency");
  • Personal data is collected for specific, explicit and legitimate purposes and is not further processed in a way incompatible with those purposes;
  • Personal data is relevant, related and limited to what is necessary for the purposes for which they are processed ("minimizing data");
  • Personal data is accurate and, if necessary, kept up to date ("accuracy");
  • Personal data is stored in a form that allows identification the data subject for a period not longer than necessary for the purposes for which the personal data are processed ("storage restriction");
  • Personal data is processed in a way that ensures an appropriate level of security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures ("integrity and confidentiality").

V. PERSONAL DATA COLLECTED AND PROCESSED BY THE ADMINISTRATOR

A. Processing of special categories of personal data ("sensitive data")

4.1 The Administrator does not collect or process special categories of personal data, such as: personal data revealing racial or ethnic origin, political views, religious or philosophical beliefs or trade union membership, genetic data, biometric data solely for the purpose of identifying an individual, data on the state of health or data on the sexual life or sexual orientation of the individual. Individuals must not provide such sensitive data to the Administrator. In the event that the individual intentionally provides sensitive data to the Administrator, the Administrator undertakes to delete them immediately.

B. Personal data collected directly from individuals

Personal data collected directly from individuals when individuals contact the Administrator by telephone

5.1 Individuals provide personal data to the Administrator when they contact the Administrator by phone. The telephone number for contacting the Administrator is indicated in the identification data of the Administrator in this Privacy Policy, in the menu "Contacts" located in the upper right corner of the page or in the information indicated at the bottom of the web page where the data is provided to contact the Administrator. When the person contacts the Administrator by phone, the Administrator collects and processes only the name and telephone number of the individual, and in some cases the e-mail address of the individual. This data is processed for the purpose of communication with the individual. The processing of this personal data is necessary for actions prior to the conclusion of a contract and taken at the request of the individual, namely providing more information on the goods offered by the Administrator in connection with the possible conclusion of a contract with the individual. The Administrator uses the services of a telephone service provider; the provider is located in the Republic of Bulgaria.

Personal data collected directly from individuals when individuals contact the Administrator by e-mail

5.2 Individuals provide personal data to the Administrator when contacting the Administrator by e-mail. The Administrator's e-mail address is listed in the Administrator's credentials in this Privacy Policy and in the Contacts menu in the upper right corner of the page or in the information provided at the bottom of the web page where the data is provided to contact the Administrator. When the person sends an email to the Administrator, the Administrator collects and processes the e - mail address, as well as other information that the person provides in the sent e - mail, such as name, telephone number, address. This data is processed for the purposes of communication with the individual and record keeping. The processing of this personal data is necessary for actions prior to the conclusion of a contract and taken at the request of the individual, namely providing more information about the goods offered by the Administrator in connection with the possible conclusion of a contract with the individual.

Personal data collected directly from individuals when individuals contact the Administrator by sending a message using the Facebook platform

5.3 Individuals provide personal data to the Administrator when they contact the Administrator by sending a message using the Facebook platform through the Facebook messaging service, available through the administrator's Facebook page at the following web address: https: //www.facebook .com/VivaluxLighting. When the person sends a message to the Administrator using the Facebook platform through the Facebook messaging service, the Administrator collects and processes the name of the individual as well as other information that the person provides in the sent message. This data is processed for the purposes of communication with the individual and record keeping. The processing of this personal data is necessary for actions prior to the conclusion of a contract and taken at the request of the individual, namely providing more information on the goods offered by the Administrator in connection with the possible conclusion of a contract with the individual. The administrator uses the services of Facebook, an independent service provider located in the United States, to receive messages through the Facebook platform. This means that the personal data provided will be stored on Facebook 's servers in the United States. Appropriate safeguards for the transfer of such personal data outside the European Economic Area should be provided in accordance with Article 46 of Regulation (EU) 2016/679. Facebook has its own Privacy Policy and individuals are advised to read it for more information. Facebook 's privacy policy is published at the following address: https://www.facebook.com/policy.php

Personal data collected directly from individuals when individuals contact the Administrator by sending a message using the Instagram platform

5.4 Individuals provide personal data to the Administrator when they contact the Administrator by sending a message using the Instagram platform through the Instagram messaging service, available through the Administrator's Instagram page at the following web address: https://www.instagram .com/vivalux.lighting. When a person sends a message to the Administrator using the Instagram platform through the Instagram messaging service, the Administrator collects and processes the name of the individual as well as other information that the person provides in the sent message. This data is processed for the purpose of communication with the individual. The processing of this personal data is necessary for actions prior to the conclusion of a contract and taken at the request of the individual, namely providing more information about the goods offered by the Administrator in connection with the possible conclusion of a contract with the individual. The administrator uses the services of Instagram , an independent service provider located in the United States, to receive messages through the Instagram platform. This means that the personal data provided will be stored on Instagram servers in the United States. Appropriate safeguards for the transfer of this personal data outside the European Economic Area should be provided in accordance with Article 46 of Regulation (EU) 2016/679, which Instagram provides and describes in detail in its Privacy Policy. Instagram 's privacy policy is published at the following address: https://help.instagram.com/519522125107875

Personal data collected directly from individuals subscribed to receive a newsletter

5.5 Individuals provide their e-mail address when they wish to subscribe to receive a newsletter. When the person subscribes to receive newsletters containing publications and useful information about the goods offered by the Administrator, promotional offers and the like, the Administrator collects and processes the e-mail address of the individual, name and surname of the individual and the type of information which the Individual wishes to receive (there is a choice between News and Promotion Offers). This data is processed for the purpose of sending ballots to the person. The reason for processing this personal data is the explicit consent of the individual. The administrator uses the services of MailChimp, an independent service provider based in the United States, to send newsletters and manage the email list. This means that the e-mail addresses provided will be stored on MailChimp's servers in the United States. Appropriate safeguards for the transfer of such personal data outside the European Economic Area should be provided in accordance with Article 46 of Regulation (EU) 2016/679. MailChimp has its own Privacy Policy and individuals are advised to read it for more information. MailChimp's privacy policy is published at the following address: https://mailchimp.com/legal/privacy/.

Personal data collected directly from individuals when they file complaints

5.6 Individuals provide personal data to the Administrator when filing complaints. When filing a complaint, the individual provides the following personal data that the Administrator collects and processes, namely: name and surname of the individual, e-mail address, telephone number, address, other data necessary to prove the complaints, including the extent of damages. The collection and processing of this personal data is necessary for the realization of the legitimate interests of the administrator, which legitimate interests are consisting in establishing the validity of the claim, protection against claims in proceedings before courts and other public authorities.

C. Personal data of natural persons provided by third parties

6.1 The administrator does not normally receive personal data about individuals from third parties. However, in some cases, if the Administrator has reasonable grounds to suspect that an individual infringes intellectual property rights and other similar cases, then the Administrator has the right to obtain personal data of the suspect from public registers, such as: Commercial register, the register of registered trademarks kept by the European Union Intellectual Property Office and the like. This data may be collected and processed for the purpose of bringing an infringement action against the infringer. The processing of personal data collected from a public register is necessary for the purposes of the legitimate interests of the Administrator, which legitimate interests are filing a claim for a violation against the offender, as well as on legal grounds.

D. Data collected automatically

7.1 When visiting the website, the Administrator may automatically collect the following data, namely:

  • Internet Protocol (IP) address of the device from which the individual accesses the platform (usually used to determine the country or city from which the individual accesses the platform);
  • Type of device from which the individual accesses the platform (eg computer, mobile phone, tablet, etc.);
  • Type of operating system;
  • Browser type;
  • The specific actions that the individual takes, including the pages visited, the frequency and duration of visits to the website;
  • Date and time of visits.

The collection and processing of this personal data is necessary for the realization of the legitimate interests of the administrator, which legitimate interests are to facilitate the use of the website and improve the functionality of the website.

VI. COOKIES

8.1 Individuals can obtain more information on how the Administrator uses cookies by reading the Cookie Policy of published on the website of the Administrator.

VII. PURPOSES FOR WHICH PERSONAL DATA IS PROCESSED

9.1 The Administrator collects and processes the personal data of natural persons, which are provided directly by them only for the following purposes, namely:

  • to make contact with the individual by e-mail so that the Administrator can respond to the request received from the individual;
  • for fulfillment of obligations under a contract to which the natural person to whom the data relate is a party, as well as for actions prior to the conclusion of a contract and taken at his request;
  • for fulfillment of a normatively established obligation of the Personal Data Administrator, in accordance with the applicable law;
  • to send newsletters containing information about new collections, discounts, etc. Newsletters are sent only after the Administrator has obtained the explicit consent of the individual;
  • accounting purposes;
  • statistical purposes.

9.2 The Administrator collects and processes the personal data of individuals, which are automatically collected for the following purposes, namely:

  • improving the efficiency and functionality of the website;
  • production of anonymous statistics on the way the website has been used;
  • to provide better service;
  • to administer the website;
  • acceptance and processing of complaints;
  • adapting the website to the preferences of individuals.

9.3 The controller may not use the personal data of individuals for purposes other than those specified in this section of this Privacy Policy.

VIII. PERIOD OF STORAGE OF PERSONAL DATA

10.1 Inquiries and correspondence by e-mail, Facebook,Instagram : The administrator stores personal data and received messages by e-mail and Facebook for a period necessary to respond to the received message and to satisfy the request of the individual, as well as for a period of one year, after the Administrator has responded to the message received.

10.2 Personal data of persons who have subscribed to receive a newsletter: The administrator keeps the personal data of persons who have subscribed to receive a newsletter until the person unsubscribes from the option to receive a newsletter or until the service is terminated by the administrator.

10.3 Personal data of persons who have purchased goods: The Administrator stores the personal data of persons who have purchased goods from the Administrator for a period of ten years, which period is the legally established period for storage of customer invoices.

B. Criteria for determining the period for which personal data will be stored

10.4 In other cases not mentioned above, the Administrator will store the personal data of the individual for no more than necessary, taking into account the following criteria, namely: - whether the Administrator undertakes to comply with a legal obligation to continue the processing of the personal data of the natural person; - the purpose of storing personal data both now and in the future; - whether a contract has been concluded between the Administrator and the natural person and the Administrator is obliged to continue processing personal data in order to fulfill the obligations under the contract; - goals for the use of personal data now and in the future; - whether it is necessary to make contact with the individual in the future; - whether the Administrator has a legal basis to continue processing the personal data of the individual; - any other valid reasons, such as the nature of the relationship with the individual.

IX. OBLIGATORY AND VOLUNTARY NATURE OF PROVISION OF PERSONAL DATA

11.1 The personal data required to be provided by individuals are in accordance with the services offered by the Administrator and are mandatory. The provision of personal data by individuals is voluntary. In case of refusal to provide personal data:

  • The Administrator will not be able to provide the desired service by the individual, namely: to acquaint the User with the goods that the Administrator offers for purchase from its physical stores;
  • The individual will not be able to receive a newsletter.

X. PROCESSING OF PERSONAL DATA

12.1 The Administrator processes the personal data of individuals through a set of actions that can be performed by automatic or non-automatic means.

12.2 The Administrator processes the personal data of individuals independently or by assigning data processors on behalf of the Administrator, who are providers of accounting services, hosting service providers, providing marketing services, providing services for traffic analysis on the website.

XI. PROTECTION OF PERSONAL DATA

13.1 The Administrator shall take the necessary technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, unauthorized access, alteration or dissemination, and other unlawful forms of processing, namely:

  • all personal information provided by the individual to the Administrator is stored on secure and reliable servers and folders;
  • when exercising the right of access by the natural person, the Administrator verifies the identity of the natural person before providing him with the requested information;
  • Web-based information systems are prefixed with " https:" instead of " http:". In this way, your information is protected and unaltered and unread by third parties, for which purpose the Administrator uses an SSL certificate issued by one of the world's leading companies in the field of security and encryption of data transmitted over the Internet.
  • The administrator provides individuals with a secure and encrypted connection when sending personal data.

13.2 If you wish to receive detailed information on technical and organizational measures, please do not hesitate to contact us on +359 44 666 080 or at office@viva.bg.

XII. RECIPIENTS TO WHOM PERSONAL DATA CAN BE DISCLOSED

14.1 The Aministrator has the right to disclose the processed personal data to the following categories of persons, namely:

  • to the natural persons to whom the data relate;
  • to persons, if provided for in a normative act, for example state authorities;
  • to personal data processors who provide services for the benefit of the Administrator's business activities, such as accounting service providers, hosting service providers, telephone service providers, marketing service providers, website traffic analysis services, such as these persons are bound by the obligation of confidentiality, and these persons have also provided sufficient guarantees for the application of appropriate technical and organizational measures in such a way that processing takes place in accordance with the requirements of the Regulation and ensures protection of the rights of individuals. faces.
  • to courier companies for the purpose of delivery of the purchased goods;
  • to providers that provide electronic and banking payment services.

14.2 The administrator does not sell personal data provided by the individual to third parties.

XIII. RIGHTS OF INDIVIDUALS

RIGHTS OF INDIVIDUALS

Right of access

15.1 The natural person has the right to receive confirmation from the Administrator whether personal data related to him are processed, and if so, to gain access to the data - the relevant categories of personal data. Right of adjustment

15.2 The natural person has the right to ask the Administrator to correct without undue delay the inaccurate personal data related to him. Given the purposes of processing, the individual has the right to complete incomplete personal data, including by adding a declaration.

Right to be erased (right to be forgotten)

15.3 The natural person has the right to request from the Administrator the deletion of personal data related to him without undue delay, and the Administrator has the obligation to delete personal data without undue delay, when any of the grounds specified in Article 17 of Regulation 2016/679 is applicable.

Right to limit processing

15.4 The natural person has the right to request from the Administrator restriction of the processing, when one of the conditions specified in art. 18 of Regulation 2016/679 is applied. Where a restriction on processing is granted, such data shall be processed, except for their storage, only with the consent of the individual or for the establishment, exercise or protection of legal claims or for the protection of the rights of another individual or on important public interest grounds. for the Union or a Member State. When the natural person has requested a restriction of processing, the Administrator shall inform him before the lifting of the restriction of processing.

Right to data portability

15.5 The natural person has the right to receive the personal data concerning him and which he has provided to the administrator, in a structured, widely used and machine-readable format, when the processing is based on consent in accordance with a contract or obligation and the processing is carried out automated way.

Right to object

15.6 The natural person has the right, at any time and on grounds related to his specific situation, to object to the processing of personal data concerning him. Pursuant to Article 21, paragraph 4 of Regulation 2016/679, the natural person is explicitly notified of the existence of the right to object, which is presented in a clear manner and separately from any other information. To fulfill this obligation, more information on the right to object can be found in the section below entitled "Right to object".

Right of withdrawal of consent

15.7 The natural person has the right to withdraw the consent given by him at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent prior to its withdrawal. The individual may withdraw his consent in accordance with Section XIV of this Privacy Policy or by choosing the "unsubscribe" option upon receipt of a newsletter.

Profiling rights

15.8 The individual has the right not to be the subject of a decision based solely on automated processing, including profiling, which has legal consequences for the data subject or similarly significantly affects him.

Right to be notified if breach of personal data security

15.9 When the breach of personal data security is likely to pose a high risk to the rights and freedoms of individuals, the individual must be notified without undue delay of the breach of personal data security.

Right to protection by court and administrative order

Right to lodge a complaint with a supervisory authority

15.10 The natural person has the right to lodge a complaint with a supervisory authority, in particular in the Member State of habitual residence, place of work or place of the alleged infringement, if the natural person considers that the processing of personal data concerning him infringes Regulations.

Right to effective judicial protection against a supervisory authority

15.11 Every natural or legal person is entitled to an effective remedy by a judicial authority which is subject to a binding decision by the supervisory authority. Proceedings against a supervisory authority shall be instituted before the courts of the Member State in which the supervisory authority is established.

Q: Right to effective judicial protection against a controller or processor

15.12 Without prejudice to any available administrative or non-judicial remedies, including the right to lodge a complaint with a supervisory authority, a natural person shall be entitled to effective judicial protection when he considers that his rights under the Regulation have been violated as a result of processing of his personal data which is not in accordance with the Regulation. Proceedings against a controller or processor shall be instituted in the courts of the Member State in which the controller or processor is established.

Right to compensation for damages

15.13 Any person who has suffered material or non-material damage as a result of a violation of the Regulation is entitled to receive compensation from the Administrator or processor of personal data for the damage caused. Legal proceedings in connection with the exercise of the right to compensation shall be instituted before the courts of the Member State in which the controller or processor has its place of establishment.

XIV. PROCEDURE FOR EXERCISE OF RIGHTS

16.1 Natural persons shall exercise their right to withdraw consent, right of access, right of deletion, rectification, right of restriction of processing, right of data portability, right of objection and right of profiling by submitting a written request to the Administrator (or by mail to the address specified in the Administrator's identification above in this Privacy Policy or by email), which should contain the following information:

  1. name, address and other data for identification of the respective natural person;
  2. description of the request;
  3. signature, date of submission of the request and e-mail address.

16.2 The request is made personally by the individual. The administrator records the requests submitted by individuals in a separate register.

16.3 After the natural person has exercised his right of access to personal data concerning him, the Administrator verifies the identity of the natural person before responding to the request. This is necessary to minimize the risk of unauthorized access to data and identity theft. In case the Administrator cannot identify the individual from the collected personal data, then the Administrator has the right to request a copy of documents that identify the individual (such as ID card, driver's license, other documents containing personal data that may identify the individual).

16.4 The administrator shall review the request and provide the individual with information on the actions taken in connection with the request within two months of receipt of the request. If necessary, this period may be extended by another month, taking into account the complexity and number of requests.

16.5 The administrator shall inform the individual of any such extension within one month of receiving the request, indicating the reasons for the delay. Where the individual submits a request by electronic means, the information shall, where possible, be provided by electronic means, unless the person has requested otherwise.

16.6 If the Administrator does not take action on the request of the natural person, the Administrator shall notify the person without delay and at the latest within one month of receiving the request of the reasons for not taking action and the possibility of filing a complaint to the supervisory authority and seeking protection. judicially.

16.7 The Administrator undertakes to report any correction, deletion or restriction of processing to any recipient to whom personal data have been disclosed, unless this is impossible or requires a disproportionate effort. The administrator shall inform the individual of these recipients if the person so requests.

XV. RIGHT TO OBJECT

17.1 The natural person has the right, at any time and on grounds related to his specific situation, to object to the processing of personal data concerning him. Pursuant to Article 21, paragraph 4 of Regulation 2016/679, the natural person is explicitly notified of the existence of the right to object, which is presented in a clear manner and separately from any other information. To fulfill this obligation, more information on the right to object will be provided in this section of this Privacy Policy.

17.2 The natural person has the right, at any time and on grounds related to his specific situation, to object to the processing of personal data concerning him, in cases where the processing is necessary for the performance of a task of public interest or in the exercise of official powers conferred on the Administrator or the processing is necessary for the legitimate interests of the Administrator or a third party, except where such interests take precedence over the interests or fundamental rights and freedoms of the individual requiring the protection of personal data. -especially when the individual is a child. The Administrator undertakes to terminate the processing of personal data, unless it proves that there are compelling legal grounds for processing that take precedence over the interests, rights and freedoms of the individual, or for the establishment, exercise or protection of legal claims. Individuals exercise their right to object by submitting a written request to the Administrator by mail to the address specified in the Administrator's identification above in this Privacy Policy or by sending an email.

17.3 When processing personal data for the purposes of direct marketing, the individual has the right at any time to object to the processing of personal data relating to him for this type of marketing, which includes profiling insofar as it relates to direct marketing. When the individual objects to processing for the purposes of direct marketing, the processing of personal data for these purposes shall be terminated. Individuals exercise their right to object by submitting a written request to the Administrator by mail to the address specified in the Administrator's identification above in this Privacy Policy or by sending an email stating that they do not wish to receive advertising messages.

XVI. LINKS, TOOLS AND CONTENT FROM OTHER COMPANIES

18.1 The Website contains buttons, tools or content that link to services of other companies, such as the "Facebook" button, "YouTube" button and "Instagram" button, as well as links to the developer of the Administrator's website and others. All sites of such companies that can be accessed through this website are independent and the Administrator does not assume any responsibility for any damages and losses resulting from the use of these sites. Individuals use these sites at their own risk, and it is advisable to familiarize yourself with the relevant Privacy Policy of the respective company in order to obtain more information.

XVII. CHANGES TO THE PRIVACY POLICY

19.1 This Privacy Policy may be updated at any time in the future. When this happens, the changed policy will be published on this website with a new date "Last change" at the top of this Privacy Policy and will be effective from the date of publication. It is therefore recommended that you periodically review this Privacy Policy to ensure that you are aware of any changes. By using the website after the publication of the updated Privacy Policy, you will be deemed to agree with the changes made.

XVIII. CONTACTS

20.1 In case you have additional questions about this Privacy Policy, please do not hesitate to contact us on +359 44 666 080 or at office@viva.bg.

12.338 ms. | 2.00MB
Please accept our cookies to get the best experience of our website. By clicking “Accept all cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts.
read more