PRIVACY POLICY

The Privacy Policy is related to the data subject to personal identification, which are shared with http://www.ivb.bg, which domain is owned by IVB EOOD, UIC 203641248, with registered office and address of management: Sofia, 9B Latinka Str., 4th floor, apt. 13, represented by the manager: Iva Vicheva Balasheva. The policy describes the opportunities, the rights and the choices that the consumers have.

Official website: https://ivb.bg

In creating the Privacy Policy, we have taken into account the principles and requirements of the General Data Protection Regulation (GDPR).

The General Regulation (GDPR) guarantees better protection of our privacy. It is a set of principles and rules for the European Union that guarantee legal certainty for legal entities and the protection of citizens’ data. The regulation allows for greater rights for citizens, such as the right to information for the purposes of personal data processing, the categories of personal data processed, the transfer of data to other companies and third parties, the right to access data, the right “to be forgotten” and others. The right to data portability allows personal data subjects to transfer their data from one company to another.

This Privacy Policy shall enter into force and apply as of 01.09.2020.

Administrator: IVB EOOD, UIC 203641248, with registered office and address of management: Sofia, 9B Latinka Str., 4th floor, apt. 13, represented by the manager: Iva Vicheva Balasheva

What activity does https://ivb.bg develop and provide?

“IVB EOOD, UIC 203641248e is a commercial company registered in accordance with the legislation of the Republic of Bulgaria.

https://ivb.bg is a platform aimed at providing professional consulting services for owners and managers of small and medium-sized companies in the field of human resources management, in particular creating a structure and description of business processes, personnel selection, training of employees and managers, performance appraisal, event organization, preparation of documents related to personnel management, etc. The platform provides various programs to users, ensuring their efficiency in team management.

The main goals of the platform are:

• To increase the professional training of managers to manage people;
• To assist in the successful selection of staff;
• To assist in the preparation of all necessary documents related to people management, creation of an appropriate structure and business processes;
• Introduction and use of innovations.

This policy aims to present to users the main goals and algorithms for processing their personal data provided through our website – https://ivb.bg.

What data do we collect and process?

The data we collect is related to the fulfillment of the goals of the platform.

The main data we collect is of the persons present at https://ivb.bg (users and/ or clients). The personal data, without the list being exhaustive, are: names, telephone, e-mail, settlement, address or other social contact, which the user leaves when making a request for service through the system of https://ivb.bg or through the contact form on the site.

We also use the data we collect from all users to achieve better quality and security of our services, as well as to guarantee and protect the interest of the company and consumers in society.

What data do you provide us?

When filling in a contact form by a user of services in https://ivb.bg are provided names (personal, and/or paternal, and/or family), e-mail address, feedback phone, as well as other identifying features and data described in the previous paragraph.

Your personal data is most often objectified in the account system of the platform; electronic forms (contact form, email, etc.) for communication, as well as in contracts, declarations, requests, applications, registration cards, invoices and others.

We collect your personal data when you use our services or when you communicate with us through our website https://ivb.bg, phone, email, Facebook and all modern ways of communication.

For what purposes do we collect personal data:

• To administer the relationship between supplier and consumer.
• To protect the legal interests of the consumer and the supplier before the public and the regulatory authorities.
• To comply with special legislative requirements.

Consumer Behavior Survey – What Data Do We Collect?

On the site we maintain, an option can be activated to collect and store information for all visitors for:

IP address (Internet protocol address). These numbers are usually assigned in blocks by geographical indication. The IP address can often be used to identify where the device connects to the Internet.

Data from automatic data collection tools, such as:

• Tracking sections on the sites you visit;
• How much time do you spend on a site;
• Which page or article you entered;
• The ads you have seen or interacted with;
• Anonymous answers from voting in online polls;
• Demographic data, etc.

This data is collected solely for the purpose of analyzing the marketing and product status of https://ivb.bg, as well as for the purpose of conducting subsequent advertising campaigns. In this regard, the provider can send users all kinds of messages through various marketing communication channels – email, Facebook, Google, SMS, Viber, MailChimp, web push, etc., for which the user gives his prior consent, accepting this privacy policy. In connection with the processing of data, and with the express will of the user, the provider provides a permanent opportunity to terminate the processing in cases where it does not comply with the objectives set out in this policy or law. Notwithstanding the above, the collected data is deleted after the grounds for their use have ceased to exist.

To whom do we provide your data?

The data we collect and store is not provided to persons or companies other than our partner companies serving the provider’s servers and storage sites, and who are required to maintain high levels of security and confidentiality.

We may provide information we store for legal reasons if access, use, retention or disclosure is lawfully required by public authorities or officials authorized by law to request and collect information containing personal data and in compliance with regulatory requirements, established procedure or when presented to the competent authorities in order to protect the legal interest of the supplier or other consumers in the event of a legal dispute.

Is it possible for your data to end up in third parties?

The provider carries out the commercial activity mainly on the territory of the Republic of Bulgaria and as a rule does not provide personal data to third parties. Such provision may be made considering the fulfillment of the objectives set out in this policy, as well as considering the fulfillment of other technical or legislative obligations of the provider – such as performing server technical support, accounting services which activities are performed by third parties and others. Access to personal data of users is carried out in compliance with the demands and principles of confidentiality of the GDPR.

What physical or automatic data collection tools do we use?

The main method of collecting personal data is through their (physical) voluntary provision. For example: when submitting a request for providing a service through the account system of http: //ivb.bg the user provides us with his names, email, phone number and address for communication, and at his discretion other relevant and identifying him personal data. When signing a contract with us, users provide names, address, telephone and email for feedback, in order to enter the services into the accounting books and their formalization between the parties. We also collect data through internet communication methods such as email, phone, etc.

Cookie policy

With respect to http://www.ivb.bg, an option for the application and use of cookies can be activated.

A “cookie” is a small file containing a series of characters that is placed on your computer when you visit a website. When you visit it again, the “cookie” allows this site to recognize your browser. Cookies may store user preferences and other information. It is often used in combination with a pixel identifier. Cookies can be temporary (session) and permanent. See more at http://www.allaboutcookies.org. 

What do we use or would we use cookies for?

Cookies are used for settings, functions and other services of the site.

Cookies are used to authenticate users, to prevent fraudulent use of login credentials, and to protect user information from unauthorized parties.

Cookies are used to improve the performance of the sites and to provide the services expected by the visitor, such as navigating web pages or accessing secure parts of sites or forums. Without these cookies, they cannot function properly.

Cookies are used to provide information about our ad management system. They are also used by external ad management systems, such as those of Google, Facebook and others. Some of their common applications are selecting ads based on certain parameters, reporting on campaign performance, and avoiding ads that a user has already seen.

Cookies collect information about how users interact with the sites. This may include the pages that people visit most often and whether they receive error messages from some of them. We use temporary (“session”) cookies to improve our services, improve our users’ browsing, and more. Blocking or deleting them will not prevent you from using the site.

Cookies are used to collect data that allows us to better understand the preferences of our users and through the analysis to improve and develop our services. Anonymous information is usually collected without identifying individual users or their personal data. Very often, for the purposes of objectivity and comparability of data and analytical results, these cookies are set and / or monitored by external companies. We use e.g. Gemius and Google Analytics.

How to disable cookies?

If you do not want to allow cookies at all or you want to use only certain cookies, check your browser settings. You can use them to withdraw an already given consent for use at any time, as well as to delete accepted cookies. Your browser’s Help menu or www.allaboutcookies.org contains detailed information about the process of refusing cookies for different browsers. However, please note that disabling certain cookies may restrict your access to certain features and parts of the site content.

How we store and protect your data?

We store the information collected by users on servers with a high degree of security and protection during data processing. These servers are owned by the provider, third parties serving the provider in strict compliance with the requirements of confidentiality – such as hosting companies, or shared (cloud) servers – such as Google Drive, Dropbox.

We use the servers we own under the operating system “LINUX” and “WINDOWS”, and function applying all possible technical solutions for encryption and protection of information. Our servers are located in a protected area, which can be accessed only by an employee of the provider and third parties who have signed a contract with the provider.

Who has access to personal data:

Access to identifiable information is restricted to employees working for the supplier or third parties who have a contract with the supplier and is specified physically, electronically and procedurally to the extent necessary to carry out their work commitments. When subcontractors are used, they are bound by strict confidentiality obligations and also work under the control of the supplier.

We encrypt many of our services via SSL. We review our practices for collecting, storing and processing information, including physical security measures, in order to prevent unauthorized access to the systems. However, this is not always enough to prevent malicious attacks and crashes.

Complete access and methodological guide for data protection of the consumers of the provider is carried out by Iva Vicheva Balasheva, contact phone +359 887 509 543, e-mail: iva.balasheva@ivb.bg, performing the functions of a person for personal data protection.

Regarding the registration of consumers, the contracts concluded by them, signed declarations, invoices, etc. a separate file is created, which the provider keeps for the purposes of accounting and administrative services. In addition to the DPO, the managers and employees who are responsible for the provision of services rendered by the provider also have access to the file. For the purpose of fulfilling its obligations under the law, the provider may provide access to the file to third parties (such as accountants, technical administrators, etc.) or government agencies, if necessary.

Is data being transferred to other countries?

The provider operates mainly on the territory of the Republic of Bulgaria, as the accepted and implemented projects are namely on the territory of the country. However, insofar as the provider’s marketing campaigns, social media services and internet are carried out through Google, Facebook and other networks whose servers are located in other countries, it is possible that some personal data may be transferred in compliance with all requirements of the Regulation (GDPR).

How long do we store the information?

For users registered with us, the data is stored from registration until its expiration date, or until the time necessary to protect the provider and our other users in case of legal claims, as well as to be able to respond to legally justified inquiries from competent authorities.

What rights do you have with regard to your data processed by us?

We are obliged to provide access to your personal data upon request. After contacting us, we may need to clarify additional facts to ensure that the data is really provided to you.

If it is necessary to correct the data filled in when sending a request or subsequent provision, you can contact us.

Deletion of personal data is realized under the following cases:

• Personal data is no longer needed for the purposes for which they were collected or otherwise processed – for example, the user accepted under the terms of the social service expires and they are deleted, unless they need to be maintained for other legal purposes.
• You withdraw your consent on which the data processing is based and there is no other legal basis for the processing – for example, you decide to stop using the provider’s services. Then all data related to you are hidden, and after the expiration of the storage period, they are completely deleted from our systems. After deleting the information on the used service, we save only the information necessary to prove that the request has been fulfilled.
• You object to the processing and there are no legal grounds for the processing to take precedence.
• Personal data has been processed illegally.• Personal data must be deleted in order to comply with a legal obligation under EU law or the law of a Member State that applies to the administrator.
• Personal data has been collected in connection with the provision of information society services to children and the consent has been given by the parent responsible for the child.

In certain circumstances, such as if you have doubts about the accuracy of your personal data or have objected to our legitimate purpose of processing, you have the right to request that we restrict the processing of your personal data until a solution is found.

You have the right to receive the personal data that concern you and that you have provided to us in a structured, widely used and machine-readable format and you have the right to transfer this data to another administrator when the processing is based on consent or contractual obligation and processing is performed in an automated manner.

If you object to us against the processing of your personal data, we are obliged to terminate the processing, which will make it impossible to provide some of our services. The only ground on which we can proceed is for the purposes of establishing, exercising or defending legal claims. In case of objection to the processing of personal data for the purposes of direct marketing, the processing shall be terminated immediately.

You have the right to refuse to be the subject of profiling, which has legal consequences for you or similarly affects you significantly. If we offer a service that you believe falls into this category, you will be asked in an appropriate manner so that you can accept or decline.