1. Information for the data controller:
Rila Academy EOOD is a company registered in the Commercial Register of the Registry Agency with UIC 205355854, with registered office and address: 47 Cherni Vrah Blvd., 1407 Sofia, Tel: 0879588653; E-mail: email@example.com.
2. The grounds and purposes for which we use your personal data
2.1 We process your personal data on the following grounds:
Contracts between us and you in order to fulfill our obligations under it;
Your explicit consent - the purpose is stated on a case-by-case basis;
In the case of a statutory obligation;
2.2 In the following paragraphs, you will find detailed information about the processing of your personal data, depending on the basis on which we process it.
2.3 We process your personal information in order to fulfill our contractual and pre-contractual obligations and to enjoy the rights under the contracts entered into with you.
2.4 Processing objectives:
Identifying your identity;
managing and executing your request and executing a contract;
drafting a contract proposal;
preparing and sending an invoice/invoice for the services you use with us;
providing you with all the necessary services and to collect the amounts due for the services used;
keeping correspondence in connection with placed orders, processing of requests, reporting problems and more.
notifying you of everything related to the services you use with us;
analyzing all of client history;
identifying and / or preventing unlawful acts or actions contrary to our terms of service;
2.5 Data we process on this basis:
Based on the contract concluded between us and you, we process information about the type and content of the contractual relationship, as well as any other information related to the contractual relationship, including:
personal contact information - contact address, email, telephone number;
identification data - names, permanent address;
information on orders placed;
full-service correspondence - e-mail, letters, information about your troubleshooting requests, complaints, requests, complaints, feedback we receive from you;
credit or debit card information, bank account number, or other bank and payment information in connection with the payments made;
Other information such as:
IP address when visiting our website;
Information about your actions on the site
2.6 The processing of the personal data provided by us is obligatory for us to be able to enter into an agreement with you and perform it. Without providing us with the above information, we could not fulfill our contractual obligations.
2.7 Data we process on this basis:
For this reason, we only process data for which you have given us your explicit consent. Specific data are determined on a case-by-case basis. Usually, this information is names, phone, e-mail.
2.8 How we protect your personal information
In order to ensure adequate protection of the data of the company and its clients, we apply all necessary organizational and technical measures provided for in the Personal Data Protection Act. For maximum security in processing, transferring and storing your data, we may use additional security mechanisms such as encryption, alias, etc.
2.9 Personal information we have received from third parties
We do not receive data from third parties.
3. Withdrawal of consent
3.1 Consents provided may be withdrawn at any time. Withdrawal of consent does not affect the performance of contractual obligations. If you withdraw your consent to the processing of personal data for any or all of the ways described above, we will not use your personal data and information for the purposes set out above. Withdrawal of consent does not affect the lawfulness of the processing based on consent prior to its withdrawal.
3.2 To withdraw this consent, you only need to use our site or simply our contact information.
4. We provide personal information to third parties
4.1 We provide your personal information to third parties, and our primary goal is to provide you with quality, fast and comprehensive service. We do not disclose your personal information to third parties until we have made sure that all technical and organizational measures have been taken to protect that data, and we seek to exercise strict control over the fulfillment of this purpose. In this case, we remain responsible for the privacy and security of your data.
4.2 We provide personal data to the following categories of recipients (data controllers):
postal operators and courier companies;
contracting entities maintaining equipment, software and hardware used to process personal data and necessary for the business of the company
Consultants in various fields.
5. Administrator details
5.1 Rila Academy Ltd. with Unified Identification Code 205355854 with headquarters and registered address Sofia, Cherni Vrah Blvd No.47 is the administrator of personal data and processes your personal data lawfully, in good faith and in a transparent manner.
You can contact us at the management address:
Sofia, 1407, Cherni Vrah Blvd. No.47
Phone: 087 958 8653
The Data Protection Officer of Rila Academy Ltd. is Borislav Borisov, address: 1407 Sofia, Cherni Vrah Blvd. No.47, email: firstname.lastname@example.org.
6.1 The platform contains state-of-the-art and well-established security applications and technologies. Commits to protecting any information about the personal data of users that they provide online through the possibility of personal correspondence.
6.2 Users do not require "sensitive" information. The collection of this information is used to contact interested users. Also to collect statistics on the traffic of the platform and the interests of its users. Any user can request that their data be deleted or changed by formally declaring it by email to any of these contacts.
6.3 The right of the association to provide this information to a partner is reserved organizations in other countries for statistical purposes.
6.4 Links to other websites. This website may contain links to foreign sites. Rila Academy Ltd. is not responsible for the privacy practices or the content of websites outside the Rila Academy platforms. We strongly recommend that you carefully read the privacy statements of such sites.
7.1 The Platform collects only statistics regarding site visits that are not related to the User's personal data.
8. The systems and servers we use
Rila Academy uses Gmail.com to email email@example.com.
Rila Academy uses the services of POWr.io (https://www.powr.io/?platform=wix), which are implemented on the website of Rila Academy Ltd. Registered students receive emails from POW.io servers located in the US.
As a payment provider, Rila Academy uses PayPal.com services.
9. Social sharing options
9.1 Our services may provide options and tools for sharing information on social networks such as Facebook, LinkedIn, Twitter, Instagram. For example the Facebook Like button, which lets you share information from our Facebook services. The use of such options and their ways of processing information depends on the particular social network.
10. Storage period
10.1 The data collected on this basis shall be erased 2 years after the termination of the contractual relationship, whether due to the expiry of the contract, termination or other reason.
10.2 We retain personal data only for as long as is necessary to provide the services you have requested and thereafter for a variety of legitimate legal or business purposes. If you have questions about the security or protection of your personal information, you can contact us at firstname.lastname@example.org.
10.3 When we delete data collected on this basis
Data collected on this basis will be deleted at your request or 12 months after the initial collection.
11. Processing of anonymized data
11.1 We process your data for static purposes, that is, for analyzes where the results are only summarizing and therefore the data are anonymous. It is impossible to identify a specific person from this information.
Your data may also be anonymized. Anonymization is an alternative to deleting data. On anonymization, all personally identifiable items/items that allow you to be identified are permanently deleted. For anonymized data, there is no legal obligation to delete, since they do not represent personal data.
12. Consumer Rights
12.1 Each User of the Site shall enjoy all rights for the protection of personal data in accordance with the Bulgarian legislation and the law of the European Union.
12.2 The user can exercise his rights through the contact form or by sending a message to our email.
12.3 Each User has the right to:
Awareness (regarding the processing of personal data by the controller);
Access to your own personal data;
Correction (if data is incorrect);
Deletion of personal data (right to be forgotten);
Restriction of processing by the controller or the processor;
Transferability of personal data between different administrators;
Objection to the processing of his personal data;
The data subject is entitled not to be the subject of a decision based solely on automated processing involving profiling, which has legal effects on the data subject or similarly significantly affects it;
The right to a judicial or administrative remedy if the data subject's rights have been violated.
12.4 The user may request deletion if one of the following conditions is true:
Personal data are no longer needed for purposes for which they were otherwise collected or processed;
The user withdraws his consent on which the data processing is based and there is no other legal basis for the processing;
The user of the data objects to the processing and there are no legitimate grounds for processing to take precedence;
Personal data were processed illegally;
Personal data must be deleted in order to comply with a legal obligation under Union or Member State law applicable to the controller;
Personal data have been collected in connection with the provision of information society services to children and consent has been given by the parent responsible for the child.
12.5 The user has the right to restrict the processing of his personal data by the controller when:
Challenge the accuracy of personal data. In this case, limiting processing is for a period allowing the controller to verify the accuracy of personal data;
The processing is unlawful, but the User does not want the personal data to be erased but requires that its use be restricted instead;
The controller no longer needs the personal data for the purposes of the processing, but the User requires it for the establishment, exercise or protection of legal claims;
12.6 Objects to the processing pending verification that the legitimate grounds of the Administrator take precedence over the interests of the User.
13. Keeping a register
13.1 We maintain a register of the processing activities for which we are responsible. This register shall contain all the following information:
The name and contact details of the administrator
The purposes of the processing;
Description of the categories of data subjects and the categories of personal data;
The categories of recipients to whom personal data are or will be disclosed,
Including recipients in third countries or international organizations;
Where possible, the time limits for the deletion of the different categories of data;
Where possible, a general description of the technical and organizational security measures.