Мостове на доверието

logo mnd en

Privacy Policy

In accordance with the requirements of Regulation (EU) 2016/679 of the EU of 27.04.2016 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC ( below only “Regulation 2016/679” or “GDPR”) and the other applicable acts of the European Union and the Republic of Bulgaria, with this notice the “Bridges of Trust” Foundation informs you about its personal data processing activities, the purposes , for which the data is processed, the measures and guarantees for the protection of the processed data, your rights and the way you can exercise them.

 

  1. Introduction

With this policy, we aim to inform you about the processing of personal data that we collect in connection with our activities. Personal data covers all information related to an identified or identifiable natural person. This includes information such as name, address, email or phone number. Information that is not directly related to your identity, e.g. the number of users of the website does not fall within this scope.

Most of our services do not require any form of registration. We respect and honor the privacy of all users of our website. This privacy policy describes the ways and conditions under which your personal data collected when visiting or using the web page is processed and used. We recommend that you read this Privacy Policy to obtain more information about the processing and use of your personal data.

  1. Basic concepts to better understand this policy

“Personal Data” within the meaning of this policy is data provided by users and clients of the Bridges of Trust Foundation in relation to (including but not limited to):

  1. use of the web pages and/or online applications owned and administered by the Foundation “Bridges of Trust” (including the official pages of the Foundation in social networks – Facebook; Instagram, Linkedin, etc.)
  2. receiving and sending personal information about initiatives or other events organized, supported or financed by the “Bridges of Trust” Foundation;
  3. applications for the announced job vacancies on the Foundation’s website.
  4. in connection with the exercise of rights of data subjects.

“Processing of personal data” of a user is any operation or set of operations performed on personal data or a set of personal data by automatic or other means such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use , disclosure by transmission, distribution or other way in which data is made available, arrangement or combination, limitation, erasure or destruction

“Controller” means a natural or legal person, public body, agency or other structure which alone or jointly with others determines the purposes and means of processing personal data, where the purposes and means of such processing are determined by Union law or the law of a State Member State, the controller or the special criteria for its designation may be laid down in Union law or in the law of a Member State.

“Consent of the data subject” means any freely expressed, specific, informed and unequivocal indication of the will of the data subject, by means of a statement or a clear affirmative action, which expresses his consent to the personal data relating to him being processed;

“Processor of personal data” means a natural or legal person, public body, agency or other entity that processes personal data on behalf of the Bridges of Trust Foundation.

“Third party” means a natural or legal person, public body, agency or other body other than the data subject, the controller, the personal data processor and the persons who, under the direct supervision of the controller or the personal data processor, have the right to process the personal data.

“Data subject” means a natural person who can be identified directly or indirectly, in particular by an identifier such as name, identification number, location data, online identifier or by one or more characteristics specific to the physical, physiological, genetic, the psychic, mental, economic, cultural or social identity of that natural person.

“Applicable legislation” means the legislation of the European Union and the Republic of Bulgaria, which is relevant to the protection of personal data (Law on the Protection of Personal Data, etc.);

“Regulation (EU) 2016/679” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and on repealing Directive 95/46/EC (General Data Protection Regulation), published in the Official Journal of the European Union on May 4, 2016, hereinafter referred to for short as “the Regulation”.

  1. Purposes of personal data processing

Bridges of Trust Foundation collects and uses your personal data through the website for the following purposes:

  • Provision of services requested by you:

Almost all personal data that you fill in the registration forms or your profile is necessary for us to respond to your need or requested service that the Bridges of Trust Foundation provides. In order to provide quality services online and offline, we need your identification data, the scope of which varies depending on the type of service requested and the legal requirements applicable to it.

 

  • Marketing activity:

The personal data you provide may be used to inform you about new services provided by the Bridges of Trust Foundation. The messages sent by us will be in accordance with the applicable Bulgarian and European legislation.

 

 

You can object in an easy and convenient way to the use of your data for marketing, where the basis for the processing is a legitimate interest, and we will stop it immediately; information on how to withdraw consent once given or object to receiving an unsolicited marketing message will always be placed prominently in the message.

 

For the purposes of marketing activity, we perform traffic analysis and track user behavior on the website through codes from third-party domains, where we process your personal data using cookies. You can read more about them in our cookie policy.

 

  • Selection of employees who applied for job advertisements:

Through our website, we offer a convenient opportunity to familiarize yourself with announced job vacancies in partner companies that have signed contracts with the “Bridges of Trust” Foundation and to apply for a position of your choice. Thus, through the website, you can submit your documents, and for the purposes of the selection, we will identify you and process the information you sent and your personal data.

 

  1. Principles of personal data processing

Personal data is processed lawfully, in good faith and transparently in compliance with the following principles:

(1) The data subject is informed in advance about the processing of his personal data;

(2) Personal data are collected for specific, precisely defined and legal purposes and are not further processed in a manner incompatible with these purposes;

(3) Personal data correspond to the purposes for which they are collected;

(4) Personal data must be accurate and, if necessary, updated;

(5) Personal data are deleted or corrected when it is established that they are inaccurate or do not correspond to the purposes for which they are processed;

(6) Personal data is maintained in a form that allows identification of the relevant natural persons for a period not longer than necessary for the purposes for which these data are processed.

 

 

  1. Grounds for processing personal data

When the Bridges of Trust Foundation processes your personal data for the purposes of providing services that you have requested through our website, we most often process your personal data on a contractual basis pursuant to Art. 6, paragraph 1, letter “b” of Regulation (EU) 2016/679 (GDPR).

In the event that you apply for an advertised position through the website of the “Bridges of Trust” Foundation, we collect the data for selection purposes on the basis of your consent to this in accordance with Art. 6, paragraph 1, letter “a” of Regulation (EU) 2016/679 (GDPR).

For the purposes of marketing activities, we process your personal data because we have a legitimate interest within the meaning of Art. 6, paragraph 1, letter “f” of Regulation (EU) 2016/679 (GDPR) or because you have given us your consent for this on the basis of art. 6, paragraph 1, letter “a” of Regulation (EU) 2016/679 (GDPR).

  1. What personal data of yours do we process?

We collect and process your personal data through our website, including through: online forms submitted by you on our website.

We may process the following categories of personal data (the list is exemplary and non-exhaustive) provided by you to the Foundation:

 

A) General Personal Data Category

 

1. General personal data

  • Three names and initials
  • Address
  • Email
  • Telephone

 

2. Specific Identification Data

  • Identification number;
  • The data from an identity document of the person;
  • Data on workplace, profession/position, work experience and education;

 

3. Data about your state of health

  • TELK decisions, medical certificates, hospital sheets, etc.

4. Expressed interests, preferences, opinions, comments, positions and the like in relation to the activities of the “Bridges of Trust” Foundation, including for specific campaigns, initiatives or other events organized, supported or financed by the “Bridges of Trust” Foundation “

B) Other data

Any other information that you may voluntarily provide to us by accessing and/or using our website, including applications operating on it, filling out forms, etc., or by accessing and/or using the Foundation’s official pages in social networks – Facebook; Instagram; Twitter, Linkedin, Youtube, etc.).

 

  1. Who has access to your information?

“Bridges of Trust” Foundation is the administrator of your personal data and as such will not share, transmit, disclose or distribute your personal data to third parties, except for those provided for in this Policy. Bridges of Trust Foundation respects and protects the privacy of your personal data. In compliance with the legal requirements or with your consent, it is possible for the Foundation to disclose your personal data to third parties who are personal data processors, joint or independent administrators.

  1. The persons with whom we share information are:
  • Other companies – partners of the “Bridges of Trust” Foundation based on contracts concluded with the Foundation and providing the opportunity to employ users of the Foundation’s services;
  • Regulatory national and European administrative authorities receiving the information based on legal powers to request and receive such information, as well as other government authorities in the cases provided for by law, in connection with the fulfillment of legal obligations or in connection with legal proceedings.
  • Security companies holding a license to carry out private security activity, processing the video recordings from Leno’s offices and/or maintaining other registers in the process of ensuring the access regime in the same objects;
  • Companies participating in the process of hiring workers and employees.
  • Companies and organizations maintaining information related to the health status of individuals.
  • State and municipal bodies related to the fulfillment of the Foundation’s obligations arising from tax and insurance legislation.
  1. For how long do we store your personal data?

Your personal data will be stored for a certain period of time, solely for the purposes for which it was collected and is being processed. They can be stored both on paper and on electronic media. For example, your contact details will be stored and used solely to send you information that you have requested from us, until you withdraw your consent.

  1. Personal data protection measures

Technical measures

 

Personal data is stored by the Administrator only on an electronic medium.

 

The protection of electronic data from unauthorized access, damage, loss or destruction, committed intentionally by a person or in the event of technical malfunctions, accidents, accidents, disasters, etc., is ensured through:

– entering passwords for the computers through which access to the personal data is provided and the files that contain personal data;

– antivirus programs, checks for illegally installed software;

– periodic checks of the integrity of the database and updating of system information, maintenance of the data access system;

– periodic archiving of data on technical media, maintenance of information on paper (archive copies).

 

Documentary protection measures

 

The company establishes procedures for processing personal data, regulating access to data, destruction procedures and storage terms, detailed in these Rules.

 

The reproduction and distribution of documents or files containing personal data is carried out only and only by authorized employees when necessary.

 

Personal protective measures

 

Before taking up the relevant position, the persons who carry out the protection and processing of personal data:

– take an obligation not to distribute the personal data to which they have access and sign a confidentiality declaration;

– familiarize themselves with the legal framework, the company’s internal rules and policies regarding the protection of personal data;

– undergo training to react to events threatening data security;

– are instructed about the dangers for the personal data processed by the company;

– undertake not to share critical information with each other and with outsiders, except in accordance with the procedure established by these Rules.

 

Follow-up training and staff training are conducted periodically to ensure knowledge of the regulatory framework, potential data security risks and mitigation measures.

 

  1. Your rights regarding your personal data

Subject to compliance with Bulgarian and European legislation, including Regulation (EU) 2016/679, you have the following rights regarding your personal data processed by the “Bridges of Trust” Foundation:

1.  General Rights

In connection with the processing of personal data, you have the rights described below, which you can exercise at any time while the Foundation “Bridges of the Dorevieto” stores or processes your personal data, by sending an application to the address of the Foundation indicated above, or by electronic via email.

Every person, after making a written application, has the right to access the personal data collected for him by Leno. In cases where, when the client exercises this right of access, personal data may also be disclosed to a third party, the Foundation is obliged to provide the relevant person with access to the part of them that pertains only to him. In exercising their right of access, each client of the Foundation has the right at any time to request:

  • confirmation of whether data relating to him is being processed, information on the purposes of such processing, on the categories of data and on the recipients or categories of recipients to whom the data is disclosed;
  • a message to the client in an understandable form containing his personal data that is being processed, as well as any available information about their source;
  • information about the logic of any automated processing of personal data.

 

Each client has the right at any time to request the Foundation to:

  • delete, correct or block his personal data, the processing of which does not meet the requirements of the regulatory framework;
  • notify the third parties to whom his personal data has been disclosed of any deletion, correction or blocking carried out in accordance with the previous point, except in cases where this is impossible or involves excessive efforts.

 

Each customer to whom the personal data relates has the right to:

  • objected to the Foundation against the processing of his personal data if there is a legal basis for this; when the objection is justified, the personal data of the respective customer can no longer be processed;
  • object to the processing of his personal data for direct marketing purposes;
  • be notified before his personal data is disclosed for the first time to third parties or used on their behalf for direct marketing purposes, and be given the opportunity to object to such disclosure or use.

2. Complaint to the supervisory authority

You have the right to file a complaint directly with the supervisory authority, the competent authority being:

Commission for the Protection of Personal Data, address: Bulgaria, Sofia 1592, “Prof. Tsvetan Lazarov” No. 2 (www.cpdp.bg).

In the event that you have questions and/or complaints regarding the processing of your personal data and/or the exercise of the aforementioned rights, you may contact the Data Protection Officer (at the above contact details).

3. Objection to use for direct marketing

You have the right to object to the future processing of your personal data for the purposes of direct marketing and advertising, as well as to their disclosure to third parties and their use on their behalf for the purposes of direct marketing and advertising, by withdrawing your consent under anytime. For this purpose, you can send an electronic message with the corresponding request to stop using your data for direct marketing purposes to the address: info@mnd.bg

5. Can you refuse to provide personal data to the Foundation and what are the consequences of this

 

In order to enter into a valid contract with you and/or to provide you with the requested services in accordance with our legal and subsequently contractual obligations, the Foundation needs certain data detailed in this Privacy Policy.

Failure to provide such data may prevent us from providing you with the type of service you have requested and/or entering into a contract on the terms you desire.

6. Portability of personal data

You have the right to request that your personal data be transmitted or transferred to another controller in a structured, widely used and machine-readable format. Leno will only carry out a direct data transfer if this is technically feasible.

  1. Who are we?

Bridges of Trust Foundation is a Foundation created for public benefit, registered in the Commercial Register at the Registration Agency under EIK 206771528, with headquarters and management address: Republic of Bulgaria, Gr. Sofia, Krasno Selo District, Lerinska Chuka St. No. 2, floor 5, apartment 20. In accordance with applicable data protection legislation, Bridges of Trust Foundation acts as a data controller with respect to the Personal Data of users of its website and applications.

How to contact us?

In the event that this policy does not answer your questions or you have another inquiry, please contact us directly at the following address: Sofia, Krasno Selo District, Lerinska Chuka Street No. 2, Floor 5, Apt. 20, or at email: winfo@mnd.bg, or with our data protection officer:Ivaylo Tsvetomirov Mitev – email: ivaylo.mitev@mnd.bg