Privacy Policy

1. PREAMBLE

1.1. Fifty X EOOD, entered in the Commercial Register at the Registry Agency with UIC 207879485, with seat and address of management: 34 Georgi Danchov Str., Trakia district, city of Plovdiv, 4023, Bulgaria, hereinafter referred to as the Company, is the controller of personal data and is responsible for compliance with the provisions of the General Data Protection Regulation 2016/679.

1.2. This Privacy Policy aims to inform the visitors of the www.fiftyx.org what personal data the Company processes and for what purposes, to whom it provides them, what are the rights of the visitors in relation to their processed personal data and how they can exercise them. The company strives to provide visitors with accessible and useful information on its Website.

2. CATEGORIES OF PERSONAL DATA PROCESSED ON THE WEBSITE

2.1. The Company, as a Controller, processes the following categories of personal data

a) visitors data automatically collected or generated in connection with the use of the website:

  • internet provider;
  • date of duration of access;
  • information about the visitors’ browser and operating system;
  • location, incl. country and city;
  • language used.

b) data of visitors that are collected when making inquiries, requests, signals or other correspondence through the Website:

  • Name;
  • Email address;
  • Confirmation that the visitor is familiar with the legal documentation of the Website;
  • Other information contained in the message, which is personal data, including to third parties.

3. PURPOSES AND GROUNDS FOR PROCESSING PERSONAL DATA

3.1. The Company, as a Controller of Personal data, processes only the necessary personal data of the visitors for the following purposes:

a) processing of personal data for purposes necessary to fulfill a legal obligation:

  • Providing information to the competent administrative and judicial authorities, or providing assistance, where applicable;
  • Responding to inquiries and requests from visitors;
  • Documentation of electronic statements (confirmation of agreement with the legal documentation of the website)

1. Processing of personal data for the purposes of legitimate interest:

  • Managing the website and analyzing the way it is used;
  • Providing the opportunity for communication through e-mail;
  • Management and protection of legal rights and interests before administrative and judicial authorities, when applicable.

4. PERIOD OF STORAGE OF PERSONAL DATA

4.1. The Company processes the personal data of visitors for a period necessary to meet the purposes set out in this Policy, unless their processing is required for a longer period.

a) Storage of personal data in order to comply with legal obligations

Personal data related to and/or contained in documents for which there are statutory retention periods will be stored for the periods provided for in applicable law, unless this Policy provides for a longer retention period.

b) Storage of personal data contained in correspondence with the Company

In cases where there is no statutory period for storing personal data contained in correspondence conducted with the Company, personal data are stored for a period of up to 5 years, counted from the end of the corresponding correspondence.

c) Other terms for storage of personal data

In the event that no other term is provided for the processing of personal data, they are processed for a period of up to 5 years, in order to preserve the legitimate interest of the company.

In the event of a legal dispute or proceeding requiring the retention of data, and/or in the event of a request from a competent state authority, it is possible to retain data for a period longer than the above-mentioned periods, until the final completion of the arising dispute or proceedings before all instances and for a period of up to 5 years after its final conclusion.

5. USE OF COOKIES AND RELATED TECHNOLOGIES

5.1 Currently, the Company does not use its own cookies or similar technologies on the Website.

5.2 The cookies that the Company uses on the Website are third-party cookies that are not managed by the Company. Such third party cookies are the cookies provided by Google Ireland Limited. More specifically, these are cookies for statistics and traffic analysis via Google Analytics. They allow the use of the Website to be analyzed in order to measure its effectiveness. Thanks to these cookies, the Company can understand which pages of the Website are the most popular and which are the least popular. All information these cookies collect is aggregated and does not relate personally to Website visitors.

6. TRANSFER TO THIRD PARTIES

6.1 When transferring data to third parties, incl. business partners and service providers, personal data may be transferred to countries outside the European Union (EU) and the EEA, which do not provide the same level of protection as that guaranteed by applicable European legislation. In these cases, the transfer of data takes place in accordance with the applicable legislation based on a decision of the European Commission (EC) on the adequate level of data protection in the third country or, in the absence of such a decision, based on EU standard contractual clauses according to decisions of the EC.

7. RECIPIENTS AND CATEGORIES OF RECIPIENTS

7.1 Disclosure of personal data to personal data processors

In certain cases, it is possible for the Company to disclose certain personal data to strategic partners – subcontractors who work with it by providing services it needs in carrying out its commercial activity. The personal data it provides to its partners is in a volume that is necessary to perform the assigned work.

7.2 Disclosure of personal data to other personal data controllers

In certain cases, it is possible for the Company to provide personal data to other personal data controllers. In these cases, the Company always requires them to strictly comply with the provisions of Bulgarian and European legislation in the field of personal data protection.

7.3 Disclosure of personal data to competent administrative and judicial authorities

Disclosure of personal data is also possible when this is necessary for the fulfillment of a legal obligation of the Company or for the protection of its rights or legal interests, or the interests of third parties. Normally, such disclosure of personal data is carried out before competent administrative or judicial authorities.

7.4 Disclosure of personal data in other cases provided by law

8. PROTECTION OF PERSONAL DATA

8.1 The Company has taken precautions, including physical, digital and personal protection, to protect the personal data of visitors to the website from loss, theft and misuse, as well as from unauthorized access, disclosure, alteration or destruction.

8.2 All employees of the Company are obliged to maintain the confidentiality of personal data, as well as to observe the applicable organizational and technical measures for their protection. The access of Company employees to personal data is limited to the extent necessary to perform their duties.

9. VISITORS’ RIGHTS

9.1 Every visitor to the Website who has provided personal data to the Company has the following rights, which they can exercise at any time:

  • Right to be informed about personal data processing – visitors have the right to receive information about their personal data processed by the Company. This Policy aims to provide detailed information regarding the processing of personal data when using the Website.
  • Right of access to personal data – every visitor has the right to request and obtain information regarding what personal data of theirs are being processed, as well as to obtain access to such data.
  • Right to correction of inaccurate personal data – every visitor has the right to request correction (change or addition) of the provided personal data.
  • Right to delete personal data – every visitor has the right to request the deletion of theirs personal data when the conditions for this provided for in the Regulation are met.
  • Right to limit the processed personal data – every visitor has the right to request the restriction of the processing of theirs personal data, in case any of the hypotheses provided for in the Regulation are present.
  • Right to data portability – every visitor has the right to receive his personal data processed by the Company in a structured, widely used and machine-readable format, if this is technically possible. Also, every visitor has the right to request the transfer of his personal data from the Company to another controller, in case this is technically feasible.
  • Right not to be subject to automatic decision- making, including profiling.
  • Right to object to the processing of personal data – every visitor has the right to object at any time to the processing of theirs personal data when it is processed based on a legitimate interest. In case such an objection is made, the Company will consider it and if it is justified, the processing will be terminated. In the event that the objection is unfounded, the Company will inform you of this fact.
  • Right to withdraw consent – every visitor has the right at any time to withdraw the consent provided by them, when the processing of personal data is carried out on the basis of such consent. When consent is withdrawn by a visitor, the Company will stop processing personal data for the purposes for which it was provided. Withdrawal of consent does not affect the lawfulness of the processing of personal data retroactively, i.e. until the time of submission of the withdrawal request.
  • Right to complain to the supervisory authority – every visitor has the right to submit a complaint to the supervisory authority in case he believes that theirs rights to the protection of personal data have been violated.

9.1 Visitors can exercise their rights mentioned above completely free of charge. In the event that visitors’ requests are manifestly unfounded or excessive, the Company may charge a reasonable fee or refuse to act on the request.

All changes are effective immediately, unless otherwise noted.

10.1 If you have any questions or concerns about the processing of your personal data or wish to exercise any of your rights, you can contact:

  • email: privacy@www.fiftyx.org
  • address: 34 Georgi Danchov Str., Trakia district, city of Plovdiv, 4023, Bulgaria

11. COMPETENT SUPERVISORY AUTHORITY

11.1 The Commission for Personal Data Protection (CPDP) is the independent state body that performs the protection of natural persons in the processing of their personal data and in the implementation of access to such data, as well as the control of compliance with the Personal Data Protection Act on the territory of the Republic of Bulgaria.

11.2 The Commission for Personal Data Protection (CPDP) is the independent state body that performs the protection of natural persons in the processing of their personal data and in the implementation of access to such data, as well as the control of compliance with the Personal Data Protection Act on the territory of the Republic of Bulgaria.

  • Address: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592 , Bulgaria
  • E-mail: kzld@cpdp.bg
  • Website: www.cpdp.bg

12. VALIDITY AND UPDATE OF POLICY

The Company reserves the right to change and update its „Privacy Policy“. In the event of a change to this Policy, a notice will be posted on our Website, as well as the updated “Privacy Policy“.

All changes are effective immediately, unless otherwise noted.