Data Protection Policy

General information on the processing of personal data

We know how important privacy and trust are and therefore we aim to be clear about how we collect, use, disclose and store personal information. Operating worldwide, we consider the protection of personal data very seriously and treat personal data at all time confidential. We do not sell, rent or trade email lists or any other data with other companies and businesses. We do not provide your personal information to any third parties for the purpose of direct marketing.

This Data Protection Policy applies to iTransformers Labs ltd., a Bulgarian limited liability company and answers questions regarding the procession of personal data during your business or otherwise relationship with us.

It is important to read the Data Protection Policy because it provides information on how your personal data is processed and your rights.

If you have any specific questions about this Data Protection Policy or wish to exercise any of your rights, please contact us at:

By post: Magnaurska shkola 11, fl. 3, room 315 (Hightech Park Business Building, BIC IZOT), 1784, Sofia, Bulgaria

 

By email: info@thingslog.com

We may update this Data Protection Policy from time to time if we change our data processing activities or we wish to reflect the newest developments in data protection laws and best practices. You should check our Data Protection Policy posted on our web site (thingslog.com) on a regular basis to ensure you are always aware of the most recent version.

Who is processing your personal data?

For iTransformers Labs Ltd.: If not indicated differently in a separate notice, contract document or other communication as the case might be, iTransformers Labs Ltd. is responsible for collecting, storing and processing of your personal data.

What personal data do we process?

We collect personally identifiable information such as your name, email address, postal address, phone number, title, function, should we have a relationship with you as an individual, or the same information on the individuals who act on behalf of/work for you should you as our contractual partner be a legal entity.

Depending on the individual occasion, we process the following personal data:

  1. Information relating to any transactions carried out between you and us, including information about any purchases you make of our goods;
  2. Information that you provide to us for the purpose of registering with us (THINGSLOG IOT consumption monitoring platform);
  3. Information that you provide to us for the purpose of our email notifications and/or online services;
  4. Any other information you provided directly to us;
  5. Information on employees as required for the performance of our duties and obligations under labor law and related laws governing protection of employee interests, incl. health and safety at workplace;
  6.  Information we obtain from third party sources and public registers.

On what legal grounds we process your personal data?

We process your personal data based on the following legal grounds:

  1. Contractual performance;
  2. Compliance with legal obligations, regulatory requirements and internal rules;
  3. Legitimate interests (customer support and communication; improvement of products, services and customer satisfaction; market studies; send requested samples; prevention of fraud; responding to enquires; handling of claims, complaints and actions against us; safety of premises; maintenance of business operations)
  4. As an exception, data subject’s consent.

Why do we process personal data?

Depending on the specific case, we process personal data for various purposes described below:

  1. conclusion and execution of contracts with customers, suppliers, employees and counterparties and of related obligations arising from the statutory requirements;
  2. providing online services (THINGSLOG IOT platform);
  3. manage enquires and complaints;
  4. communication (send emails, offers, statements, invoices, transport documents, general commercial information, requested email notifications);
  5. internal administration, recruitment, accounting, auditing and archiving purposes;
  6. security reasons and for protection of rights. We make video recordings in appropriately marked areas for your own safety, the safety of our employees and for evidence purpose. If you do not want to be recorded, you should not enter the relevant areas;
  7. fulfillment of legal obligations and execution of legal rights.

We also use “cookies”, which are small text files that are temporarily or permanently stored on your device when you visit our website. The information that the cookies collect is anonymous. We use this information to analyze usage of our website by visitors to improve its performance.

Who will have access to your personal data?

We may disclose information about you to our employees, directors, agents, suppliers, subcontractors, etc. as reasonable necessary for the purposes specified in this policy. We take steps to ensure that our employees and third party service providers treat your data confidential in accordance with the law and keep it secure.

In addition, we may disclose your data:

  1. To the extent that we are required to do so by law;
  2. In connection with any legal proceedings or prospective legal proceedings;
  3. In order to establish, exercise or defend our legal rights (such as fraud prevention).

What is the period of personal data processing?

We will retain personal data for as long as required or permitted in the light of the purpose/s for which it was obtained. We also hold your personal data as long as it is subject to a legal retention obligation.

How we keep your data secured?

We strive to implement appropriate technical and organizational precautions in order to protect your personal information against accidental or unlawful destruction, loss, modification, disclosure and any other unlawful forms of processing. We store the information you provide on secure servers in a controlled environment, protected from unauthorized access, use or disclosure. However, please note that although we take reasonable steps to protect your information, no website, Internet transmission, computer system, or wireless connection is completely secure.

What are your rights as a data subject?

As a data subject, you have the following rights:

  1. Right to information. You have the right to be informed clearly about what personal data (about you) is being processed and the rationale for such processing;
  2. Right to access. You have the right to request access to your personal data that is being stored and processed by us;
  3. Right to rectification. You have the right to make changes to incorrect data in case you believe that your personal data that we are processing is not up to date or accurate.
  4. Right to erasure (“to be forgotten”). You have the right to ask for your personal data to be deleted.
  5. Right to restriction. You have the right to limit the processing of your personal data.
  6. Right to data portability. You have the right to ask for transfer of your personal data to another controller in case your personal data is provided in a machine-readable electronic format.
  7. Right to object. You have the right to object to the processing of your personal data.
  8. Right not to be subject to a decision based solely on automated processing.

Kindly be advised that if you revoke your consent (in case of data subject’s consent) or effectively object to further processing, we will no longer process your personal data for the corresponding purpose/s, respectively in some cases we may not be able to work with you. However, we might also be statutory obliged to further process your personal data.

If you want to exercise your rights, please contact us using the details set out above.

How to manage a complaint? 

If you think that we have not processed your data in accordance with this policy, please let us know as soon as possible.

You also have the right to file a complaint to the competent supervisory authority about the way we handle or process your personal data as follows: Commission for Personal Data Protection, 2 Professor Tsvetan Lazarov Boulevard, Sofia (postal code 1592), Bulgaria.

May 2018

 

 

FrenchBulgaria