Personal data protection
Personal Data Protection
INFORMATION REGARDING THE PERSONAL DATA PROTECTION POLICY APPLIED BY
DITANI EOOD,
IN ACCORDANCE WITH ARTICLES 13 AND 14 OF REGULATION (EU) 2016/679
1. Personal Data Controller
DITANI EOOD, with address: Sofia, Lozenets district, 18 Krichim St.,
email: contact@ditani.bg, tel./fax: 0885 188 180 (“Personal Data Controller”),
processes personal data of natural persons (“data subjects”) in accordance with Regulation (EU) 2016/679
(General Data Protection Regulation – GDPR) and the Personal Data Protection Act.
According to the General Data Protection Regulation, personal data is any information relating to a natural person
by which that person can be directly or indirectly identified. Processing of personal data is any operation or set
of operations performed on personal data by automated or other means.
2. Natural persons whose personal data are processed by the company
In connection with the services provided by DITANI EOOD, the company processes
personal data relating to the following data subjects:
- Natural persons who are counterparties or potential counterparties of the company – customers and suppliers
of goods and services, respectively their employees.
3. Purposes of processing
The company processes personal data of its customers, including their employees, for the following purposes:
(a) Provision of technical and digital services in the performance of a contract;
(b) Protection of the legitimate interests of the company, including:
- Ensuring the normal operation, maintenance, and security of the company’s systems;
- Communication with customers, including by electronic means;
- Exercise and protection of the rights and legitimate interests of the company, including through judicial proceedings.
(c) Fulfillment of the company’s legal obligations and compliance with orders of competent state or judicial authorities.
4. Legal grounds for processing
The company processes personal data only where one of the alternative legal grounds under the General Regulation exists,
and in particular:
(a) Performance of a contract, including pre-contractual relations prior to its conclusion;
(b) Legal obligations applicable to the company;
(c) Legitimate interests of the company, insofar as they prevail over the interests or fundamental rights and freedoms of the data subjects;
(d) Freely given, specific, informed, and unambiguous consent of the data subject. Any consent given may be withdrawn by the data subject
at any time in the same manner in which it was provided.
5. Possible consequences of failure to provide personal data
If the client does not provide the required information, including the necessary personal data, the company will not be able
to conclude a contract with the client and, respectively, will not be able to provide the requested service.
6. To whom personal data are transferred or disclosed
Personal data of the company’s clients may be disclosed to:
- Commercial companies providing accounting services and IT system maintenance, acting as personal data processors;
- Other competent public authorities, in fulfillment of a legal obligation.
7. Retention period of personal data
Personal data of the company’s counterparties are stored for a period of 5 years after the termination of the relevant contract,
in accordance with the general limitation period under the Obligations and Contracts Act.
Personal data contained in accounting documents are stored for the periods provided for in Article 12 of the Accounting Act.
8. Security of personal data
The company applies all appropriate technical and organizational measures to ensure the security of personal data,
including the explicit obligation of employees to maintain confidentiality.
9. Rights of data subjects
Each natural person whose data are processed by the company has the following rights:
- Right of access to their personal data, including the right to receive a copy thereof;
- Right to rectification or completion of inaccurate or incomplete personal data;
- Right to erasure of personal data processed without legal grounds;
- Right to restriction of processing – in the event of a legal dispute between the company and the data subject,
until its resolution, or for the establishment, exercise, or defense of legal claims; - Right to object – at any time and on grounds related to the particular situation of the data subject, provided that
there are no compelling legal grounds for the processing that override the interests, rights, and freedoms of the data subject,
or a judicial process.
In accordance with the Personal Data Protection Act, the above rights may be exercised by submitting a written application in person
at the office of DITANI EOOD. An application may also be submitted electronically in accordance with
the Electronic Document and Electronic Trust Services Act. The application must be submitted personally by the data subject or by an
expressly authorized representative.
10. Protection of the rights of data subjects
In accordance with the Personal Data Protection Act and Regulation (EU) 2016/679 (GDPR), any natural person who believes that their right
to personal data protection has been violated may file a complaint with the Commission for Personal Data Protection at the following address:
Sofia 1592, 2 Prof. Tsvetan Lazarov Blvd., website:
https://www.cpdp.bg/.
Rings with gemstones
Pendants
Rings
Bracelets
Crosses
Earrings
Engagement rings
Anniversary rings
Anniversary rings with precious stones
Eternity rings
Curved rings
Stackable rings
Collection Flora Elegance
Collection Virtuosa
