We consider the guarantee of the right to protection of personal data as one of WebSeo’s key obligations, so we will use and invest all necessary means and efforts to process your data in full compliance with Regulation (EU) 2016/679 (“General Regulation EU” Data Protection Regulation “or ” ORD ” ) and any other applicable Bulgarian legislation. As one of the main principles of this legal framework is transparency, we have prepared this document with which we want to inform you about how we collect, use, transfer and protect your personal data when you interact with us when ordering services from WebSeo and visiting the website.
Who are we and how can we be contacted?
WebSeo is a trademark of WebSeo International Ltd., a company with registered office and management address WebSeo ЕООD, Reg.No.: 206178136, VAT Number: BG206178136
9010 Bulgaria , city of. Varna, 10 “Zyumbul” str. 8, office 22
(“WebSeo” or “we” ). For data protection purposes, we are joint administrators when processing your personal data.
Because your feedback is always important to us, and we are always willing to provide you with any additional information you may need in connection with the processing of your data.
What categories of personal data do we process?
Generally, we collect your personal information directly from you, so you decide what information to give us. For example, the information we collect from you is as follows
- When you send a message, you give us your name, phone number, e-mail and other contact information in the body of the message;
- When ordering a service company WebSeo you give us the following information: desired product, first and last name, company website, phone number.
WebSeo does not collect and store customers’ payment information and uses software products and services offered by banks to protect personal information of WebSeo clients.
In addition, we may collect and subsequently process certain information about your online behavior on our website. We invite you to learn more about this by reading the processing section below.
We do not collect or otherwise process sensitive data included in the special categories of personal data in the General Data Protection Regulation. In addition, we do not want to collect or process data about minors under the age of 18.
What is the purpose and basis of the treatment ?
We will use your personal data for the following purposes:
- Providing WebSeo services for your benefit
This overall goal may include, as appropriate:
- order processing, including receiving, checking, execution of work and invoicing;
- resolving problems related to order cancellations or any other problems related to orders, services rendered;
- reimbursement of the cost of work in accordance with the provisions of the law;
- assistance, including answering your questions about WebSeo services;
The processing of your data for these purposes is in most cases necessary for the conclusion and execution of a contract between you and WebSeo. In addition, processing in accordance with applicable laws, including tax and accounting laws, is required to achieve these purposes.
- Improving our services
In order to provide you with a better customer experience, we may use certain information about your customer behaviour, invite you to complete post-order satisfaction surveys or conduct them directly or through partners.
We base these activities on our legitimate business interests and always ensure that your fundamental rights and freedoms are not affected.
We want you to be always aware of the best offers for the services you are interested in. In this regard, we can send you all types of messages via electronic communication channels (e-mail / SMS / mobile push / webpush, etc.), which contain general and thematic information, information on similar services or services that complement them.
In order to provide you with the information you are interested in, we may use certain data about your behaviour as a customer (e.g. pages viewed / order history). We always ensure that this processing is carried out in accordance with your rights and freedoms and that decisions made in connection therewith do not entail any legal consequences and do not affect you.
In most cases, sending you marketing messages requires your prior consent. You can change your mind and withdraw your consent at any time:
- change the settings in the client’s profile under “My subscriptions”;
- use the “Unsubscribe” link in messages you receive from us; or as
- contact WebSeo using the contact information above.
In certain situations, we may base our marketing activities on our legitimate interest in promoting and developing our business. In all cases where we use your information for our legitimate interests, we take care and take the necessary steps to ensure that your fundamental rights and freedoms are not affected. However, you may, at any time, using the means described above, stop processing your personal data for marketing purposes and we will respond to your request.
- Protecting our legitimate interests
There may be occasions when we use or share information to protect our rights and business. These may include:
- measures to protect the site and users of the WebSeo platform from cyber-attacks;
- measures to prevent and detect attempted fraud, including the communication of information to the competent state authorities;
- measures to manage other risks.
The main reason for these types of treatments is our legitimate interest in protecting our own business, provided that we ensure that all the measures we take balance our interests with your fundamental rights and freedoms.
In addition, in some cases our processing is based on legal provisions, such as the obligation to protect values under applicable law in this regard.
How long do we keep your personal data?
You can always ask us to remove certain information and we will respond to that request by retaining certain information.
Who do we send your personal information to?
Depending on the case, we may transfer or provide access to some of your personal information to the following categories of recipients:
- payment / banking service providers;
- market research service providers;
- insurance companies;
- other companies with whom we can develop joint programs to promote our products and services.
If we are required by law or if necessary to protect our legitimate interests, we may also disclose certain personal information to government agencies.
We ensure that access to your data by private third parties is carried out in accordance with data protection and privacy legislation on the basis of contracts concluded with them.
To which countries do we transfer your personal data?
We currently store and process your personal data in Bulgaria.
However, some of your personal data may be shared with organizations located inside or outside the European Union, including in countries for which the European Commission has not recognized an adequate level of personal data protection.
We will always take steps to ensure that any international transfer of personal data is carefully managed in order to protect your rights and interests. Data transfers to service providers and other third parties will always be protected by contractual obligations and, where appropriate, other safeguards such as standard contractual provisions issued by the European Commission or certification schemes such as Privacy Shield. Personal data transmitted by the EU to the United States of America.
You can contact us at any time using the contact details above to find out the countries to which we transfer your data and the security measures we apply to such transfers.
How do we keep your personal information secure?
We are committed to ensuring the security of personal data by applying appropriate technical and organisational measures in line with industry standards.
We store your data on secure servers using the latest encryption algorithms and provide backup storage.
We use the PayU payment processing service to make payments. All payment information is encrypted using SSL technology.
Despite the measures we take to protect your personal data, we are aware that in principle the transmission of information via the Internet or other public networks is not completely secure and there is a risk that data could be viewed and used by unauthorised third parties. We cannot be held responsible for these vulnerabilities in systems that are not under our control.
What are your rights?
The General Data Protection Regulation recognises a number of rights in relation to your personal data. You can request access to your data, have errors corrected in our files and/or raise objections against the processing of your personal data. You can also exercise your right to lodge a complaint with a competent supervisory authority or a court. Depending on the case, you may also have the right to request deletion of your personal data, the right to restrict the processing of your data and the right to data portability.
You can get more information about each of these rights by viewing the table below.
To exercise your rights, you may contact us using the contact information above. Please note the following if you wish to exercise these rights
Personality. We take the privacy of all records containing personal information seriously.
Fees and Charges. We will not charge you for exercising any rights with respect to your personal information unless your request for access is unreasonable, repeated or unnecessary, in which case we will charge a reasonable amount. We will notify you of any applicable fees before we consider your request.
Response Time. We plan to respond to all valid requests within one month unless the request is particularly complex or you have made multiple requests, in which case we will respond within a maximum of two months. We will let you know if we need more than a month. We may ask you to tell us exactly what you want or are concerned about. This will help us act faster and reduce the time it takes us to respond to your request.
Rights of third parties. We reserve the right not to respond to a request if it adversely affects the rights and freedoms of other data subjects.
You can send us enquiries to: confirm that we process your personal data; provide a copy of the data we process; provide you with information about your personal data, such as the data we hold, how we use it, to whom we disclose it, whether we transfer it abroad and how we protect it, how long we hold it, what rights you have, how you can complain if we receive your data, if the information was no longer provided to you through this notice.
Update and adjustment
You may ask us to correct or amend your inaccurate or incomplete personal information.We may attempt to verify the accuracy of the data before correcting it.
You can ask us to delete your personal data, but only if: it is no longer needed for the purposes for which it was collected; or you withdraw your consent (if the data processing is based on consent); or you exercise a legal right to object; or it has been unlawfully processed; or a legal obligation exists in this respect.We are under no obligation to comply with your request to delete your personal data if the processing is necessary: to comply with a legal obligation; or to establish, exercise or defend a legal claim; there are certain other
Restriction of data processing
You can ask us to restrict the processing of your personal data, but only if: its accuracy is disputed (see section on data rectification) so that we can check its accuracy; or the processing is unlawful but you do not want the data deleted; or it is no longer necessary for the purposes for which it was collected, but we still need to make, exercise or defend a legal claim; orYou have already exercised your right to object and check whether our rights continue to prevail.We may continue to use your personal
You can ask us to provide your personal data in a structured, commonly used and machine-readable format, or you can request that it be “transferred” directly to another data controller, but only if: the processing is based on your consent or a contract concluded with you; and the processing is automatic.
Right to object
You can object at any time for reasons relating to your particular situation to the processing of your personal data on the basis of our legitimate interests, if you believe that your fundamental rights and freedoms override those interests.Furthermore, you can object at any time to the processing of your data for direct marketing purposes (including account creation) without giving a reason, in which case processing will be terminated as soon as possible.
You can ask us not to make decisions based solely on automatic processing, but only if the decision: creates legal consequences for you; It affects you in a similar and significant way.This right does not apply if the decision made after the automatic decision: we need to make or enforce a contract with you; is permitted by law and there are adequate safeguards for your rights and freedoms; or is based on your explicit consent.
You have the right to file a complaint with the local supervisory authority regarding the processing of your personal data. In Bulgaria, the contact details of the data protection inspector are as follows
Personal Data Protection Commission of the Republic of Bulgaria
Address: Sofia 1592, Prof. Tzvetan Lazarov “no. 2
Phone 02 / 91-53-519Email
Data Protection Officer – Lubomir Grancharov Email
Without prejudice to your right to contact the supervisory authority at any time, please contact us in advance and we promise to make every effort to resolve your concerns by mutual agreement.
- We remind you that you can contact the WebSeo Privacy Officer at any time by sending a request to email@example.com.