CONFIDENTIALITY AND CONSENT FOR DATA PROCESSING
"MANAGEMENT AND HOTELS EOOD", BULSTAT 205317355, with headquarters and address of management Sofia, 132 Bulgaria Boulevard, ent. A, Manager - Svetlin Yulianov Iliev, processes personal data of its clients or persons interested in the services of the company, in the capacity of administrator of personal data in carrying out its main activity - provision of fitness services to members of the association and provision of accompanying services from authorized partners of the sports club. This means that your personal data - such as name, address, telephone, e-mail contact, etc. may be stored and handled by us and by our authorized partners. We collect and process your personal data for precisely defined and necessary purposes for the provision of our services.
In order to secure your rights under Regulation (EC) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, we ask for your explicit agreement.
If you click on the "I accept all" button, you will give free, specific, informed and unambiguous consent to the provision and processing of your personal data to the data manager "MANAGEMENT AND HOTELS EOOD", BULSTAT 205317355, with headquarters and management address, Sofia, Bulgaria Blvd. 132, ent. A, Governor - Svetlin Yulianov Iliev, as well as to all third parties, our partners (processing personal data) for the purpose of providing the services offered on our site and in our fitness clubs throughout the country.
By clicking the "I Accept All" button, you explicitly accept and give unambiguous consent that your personal data obtained by registering on the Site or in connection with the use of the Site may be subject to subcontracting, agents or agents who perform tasks, related to the site and / or services provided by the site, "MANAGEMENT AND HOTELS EOOD", and its partners as well as for the purpose of storing the data in the respective databases.
Please note that "MANAGEMENT AND HOTELS EOOD" may provide aggregate statistics for our customers, sales, traffic patterns and related third party sites, but these statistics will not contain any personal information.
"MANAGEMENT AND HOTELS EOOD" collects and processes personal data for the purpose of providing, developing and customizing the site and fitness services and / or products offered by our association and sports clubs across the country, research, statistics and customer care. In particular, "MANAGEMENT AND HOTELS EOOD", collects personal information for the purpose of personal communication with you in order to answer your questions and fulfill your requests. Such information may include, among other information, your name, address, email address, IP address, and phone number. This data will be used in events you agree to participate in, as well as for direct marketing purposes by mail, email or telephone, Viber et al., For market research and information and receipt reviews of forthcoming products, services, and / or promotions.
If you send us requests for services or if you send materials to the site, we may need to contact you in order to obtain additional information necessary for the processing or execution of your orders and / or requirements. Your personal information will not be disclosed to third parties without your prior consent, unless otherwise provided by legal regulations or cases where this is necessary to fulfill your order and to improve service.
The site may use different technologies to enable PULSE Sports Club in Sofia to collect certain technical information such as your IP address, the type of operating system on your computer, the type of Internet browser, and the addresses of the linked sites. improve service delivery.
Also, we receive technical information when using our site. Every time you use a site, mobile app or other Internet service, the system creates and writes certain information automatically. Here are some of the categories of information we collect:
a / Log data. When using the site, our servers record information ("log data" or "log data"), including information your browser automatically sends when visiting a website or mobile app automatically sends you when you use it. This log data includes the internet protocol address, address and activity of the web sites you visit, searches, browser type and settings, date and time of your request, how you used the site, cookie data, and device data. If you want to get more details about the information we collect - contact us via the contact form.
c / Device information. In addition to log data, we collect device information to use our web site, including device type, operating system, settings, unique device identifiers, and crash data to help us understand when something is broken. Whether we collect some or all of the information often depends on the type of device you are using and its settings. For example, there are different types of information depending on whether you are using a Mac or a computer or iPhone or an Android phone. To learn more about what information makes your device available to us, please also check your device manufacturer or software provider's policy.
"MANAGEMENT AND HOTELS EOOD" may use third-party scripts on our sites to optimize the performance of PULSE Sports Club ads in Sofia that appear on other sites, such as the type and / or frequency of ads , promotions or other marketing messages that the client sees.
Types of data that are collected and processed
Data about the normal functioning of the site
These data are strictly necessary for the normal operation of our site and mobile applications. Through them, we can verify your identity as a logged-in user, show you better content, load the site faster, protect the site and you from intimidation. Such data, for example, is your session data - information about logged-in, cached content, and more. This group also includes the data related to your identification in connection with our use of our service. Every time you use a site, mobile app or other internet service, the system creates and writes certain information automatically.
Data on the performance of our services
Some of our services, such as signing a contract, issuing a club card or issuing an invoice, require us to share personal information with us. We use them to be able to prepare and execute our contract with you and to promote our fitness services. When linking your account to your Facebook or Google account or other third party services, we also receive the information from these accounts (for example, friends or contacts). The information we receive from these services depends on the settings and the privacy statements so that each person should check what they are.
Data used to measure and report the services used
We collect information about the content you use that we combine with previously collected information to measure, understand and report your use of our services to improve quality.
For the normal functioning of our website and following normal business logic, we need a baseline measurement of your user behavior.
To do so, we only use the Google Analytics tool, and until we have received your consent, we have disabled the Google Analytics features for advertising features and have submitted a command to anonymize your IP to Google Analytics.
We believe that, on the one hand, we have minimized the amount of information gathered for measurement purposes to the minimum required for that, and thus ensure that these data are not used for purposes other than measurement but by on the other hand, we believe that we defend our legitimate interest in the normal and necessary operation of our services.
Data for selection, delivery and reporting of ads
Our business model is based on providing users with free access to the content of our website at the expense of advertising. We collect information and combine it with a previously available one to select and provide you with a relevant ad to be able to measure delivery and performance. This may include pre-collected information about your past interest in selected ads, processing of your behavior data, when your ad was shown, how often you see ads, where and when you were shown, whether you've taken action on the ad, including a click on the ad and a purchase made.
By confirming an account registration request, confirming an order for a service or commodity, the user gives his explicit consent to the processing and transfer of personal data for one or more of the following purposes:
a / Inclusion of the consumer's assessment and his opinion in marketing studies by electronic methods - by e-mail or messenger.
b / Receive e-mails for products, services, and more. ad messages on all owned devices.
c / Receive a customized ad that is consistent with user preferences. Personalization is based on an assessment of user behavior data;
d / Receive personalized shopping suggestions by e-mail, mail, or messenger tailored to the user's behavior and related to his / her preferences. For this purpose, consumer data on the basis of its purchasing behavior, its participation in advertising actions and the use of the site may be subject to an analysis and forecast of the consumer's interests.
e / Receive a non-customized ad. Users will also receive information on up-to-date products, services, initiatives, and more. advertising messages.
Personalization and profiling data
We collect and process information about the use of our services for the subsequent serving of personalized advertising and / or content in another context, e.g. other sites and mobile apps in time. Typically, your content and site / mobile app behavior is used to create conclusions about your interests that govern the future selection of ads and / or content served.
Data collected from joint projects with third countries
For specific third-party projects, we collect your personal data that we share with them for the purposes of their projects. Detailed information on the objectives can be found in the General Terms and Conditions of each specific project that will be provided to you for your consent. Sometimes we use your personal information to inform you about games and promotional offers from third parties - our partners. To meet this goal, we collect your personal information to inform you or our third parties, our partners, initiatives, promotions, games, offers, and more.
For all of the above purposes, we can use third-party tools.
Direct marketing data
To always send you up-to-date and useful information about our initiatives, we collect data such as an email address or other means of contacting you - Viber, Skype, Messenger, or another communications platform.
Objectives of data storage and processing
"MANAGEMENT AND HOTELS EOOD" processes and stores the personal data mentioned above solely for the purpose of fulfilling its contractual obligations and more precisely processing its users' requests, providing services as well as for the following purposes:
a / On the grounds of Art. 6 (1) (b) of the Regulation - for pre-contractual relations;
b / On the grounds of Art. 6 (1) (b) of the Regulation - to fulfill already existing contractual obligations.
c / On the grounds of Art. 6, para. 1, letter "a" and Art. 7 of the Regulation - for unsolicited advertising;
d / On the grounds of Art. 6, para. 1, letter "a" and Art. 7 of the Regulation - for personalized advertising;
e / On the grounds of Art. 22, para. 2, letter "c", Art. 6, para. 1, letter "a" and Art. 7 of the Regulation - to perform a personalized assessment of information;
f / Pursuant to Art. 6, para. 1, letter "e" - for marketing purposes.
g / Pursuant to Art. 6, para. 1, letter "e" of the Regulation - Returgeting in relation to the objectives of marketing, remarketing or optimization;
Data is stored and processed while the user's account is in effect for one year after deactivation or deletion, as well as when it is needed to provide our services. If the person makes the request, the information is immediately destroyed.
For the purpose of making a delivery, when so requested by the user, "MANAGEMENT AND HOTELS EOOD" has the right to provide the aforementioned personal data or a part thereof to courier companies or national postal operators. In this regard, the user may receive SMS or calls from these persons.
Rights you may exercise in connection with your personal data.
All rights are exercised, and the relevant claims and notifications regarding the rights of the data subjects are filed through the CONTACT FORM FOR PERSONAL DATA QUESTIONS http://pulsefit.bg/bg/obshti-uslovia of corporate email @ pulsefit.bg. Or by mail at the management address mentioned above. Requests shall be made in a way that identifies the identity of the applicant. For some rights, technical capabilities may be applicable, such as a Button for writing off. In any case, the administrator must respond to the request or make a pronouncement regarding the right to address the address or e-mail provided in the contact form within one month of receiving it.
Under the General Data Protection Regulation, the data subject is entitled to:
• Awareness (in connection with the processing of his or her personal data by the administrator); Where there is a risk of breaching the security of your personal information, the administrator is required to notify you of the nature of the violation and what steps have been taken to resolve it, as well as whether the supervisor has been notified of the violation.
• Access to their own personal data and the right to withdraw consent to processing. As a subject of personal data, you have the right to request confirmation that your personal data is being processed and, if so, to access your data and the following information: for what purpose data is being processed, what personal data, data recipients, . Requests for access must be made in written / electronic form and addressed to the administrator. You also have the right at any time to withdraw your consent to the processing of your personal data.
• Correction (if the data is inaccurate). As a subject of personal data, you have the right to request the correction of your personal data that is inaccurate / outdated. To do so, you must submit a separate request. Your request will be answered by the administrator in the following manner - in writing, at the e-mail address provided.
• Delete personal data (right to be forgotten). As a subject of personal data, you have the right to "be forgotten", ie. ask for your personal data to be deleted without unnecessary delay ie. the administrator deletes your personal data from all systems and records where they are stored, including notification to any third party / processor of personal data to which the data has been provided. A request for deletion may be made on the grounds provided for in the Regulation, on any of the following grounds: personal data are no longer necessary for the purposes for which they were collected; when you have withdrawn your consent; when you have objected to the processing when the processing is unlawful; where personal data must be erased in order to comply with a legal obligation under Union law or the law of a Member State which applies to the controller; when personal data has been gathered in connection with the provision of information society services. The administrator may refuse to delete personal data on the grounds specified in the Regulation - when the processing of the particular data is for the purpose of: exercising the right to freedom of expression and information; fulfillment of a legal obligation or task of public interest or exercise of public authority; for the purposes of public health; archiving for purposes in the public interest, research historical research or statistical purposes; or the establishment, exercise or protection of legal claims.
• Limitation of processing by the administrator or the personal data processor. As a subject of personal data you have the right to ask the administrator of your personal data to restrict their processing. Restrictions are allowed in the following cases: - when you believe that your personal data is inaccurate, in which case the limitation is for a period that requires the controller to verify the accuracy; - where your personal data is unlawful, but you do not wish to be deleted, but you only wish to be restricted; - when the administrator no longer needs your personal data for the purpose of processing, but you, as the data subject, ask them for the establishment, exercise or protection of legal claims; - when you have objected to the treatment pending verification that the lawful grounds of the controller have an advantage over your interests. To do so, if you have any of the above conditions, you should submit a request.
• Portability of personal data, incl. between individual administrators. The data subject has the right to be portable - to receive the personal data that concerns him and which he has provided to an administrator in a structured, widely used and machine-readable format, and has the right to transfer this data to another administrator without hindrance by the administrator, to whom personal data are provided when the processing is based on consent or a contractual obligation and the processing is done in an automated manner. When exercising its right to data portability, the data subject is also entitled to receive a direct transfer of personal data from one administrator to another where this is technically feasible.
• Opposition to the processing of his or her personal data. As a subject of personal data you have the right to object to the processing of your personal data at any time, when it is for direct marketing purposes. The Administrator should give reasons for accepting the objection, respectively. why he continues to process personal data if he rejects the objection.
• The data subject is also entitled not to be the subject of a decision based solely on automated processing involving profiling that produces legal consequences for the data subject or similarly affects it significantly. The data subject may at any time challenge the automated solution.
• Right to judicial or administrative redress if the rights of the data subject have been violated. As a subject of personal data, you have the right to complain about the processing of your personal data or the failure to observe your rights in relation to the protection of personal data to the competent supervisory authority - Data Protection Commission, address: Sofia 1592, Prof. Blvd. . Tzvetan Lazarov "№ 2 (www.cpdp.bg). Similarly, a person who has suffered material or non-material damage as a result of a breach of this Regulation is entitled to receive compensation from the controller or the personal data processor for the damage suffered.
We have taken many technical, legal and organizational measures to protect the personal data of each individual. In order to avoid unauthorized access, we perform encryption procedures in some areas. We also use SSL protocols to prevent data from third parties from being misused. We do not share data with third parties except when we have to deliver a ordered item.
It is possible to use the services of third parties who are processing personal data for the above mentioned processing purposes. These individuals process the personal data of our assignment and are required to comply with the applicable data protection provisions. These individuals are carefully selected by us and have access only to the data they need to provide the services they are engaged with and within the agreement we have made. In the event that these persons are outside the EU and do not meet the necessary GDPR requirements, based on its legal status, we will guarantee the protection of personal data through contractual or other legal instruments. It is also possible that personal data may be made available to state or municipal authorities that carry out different types of control within the law.
In the process of processing personal data, "MANAGEMENT AND HOTELS EOOD" complies with the principles of European and national legislation related to the protection of personal data of individuals. Applying a package of organizational, technical and legal measures, we strive to ensure a high level of personal data security, protection against unauthorized processing, destruction or damage.
"MANAGEMENT AND HOTELS EOOD" is committed to the protection of your personal data that will be processed only for the purposes for which you have provided it in compliance with REGULATION (EC) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation, GDPR) and the Personal Data Protection Act.
Please note that there are always risks associated with the provision of personal information, whether personally, by telephone or over the Internet or otherwise, and no technological system is completely safe but "MANAGEMENT AND HOTELS EOOD" will endeavor to take appropriate measures to prevent and minimize the risks of unauthorized access, misuse and inaccuracies of your personal data. For example, when collecting or transferring sensitive data, we always use encryption technology.
"MANAGEMENT AND HOTELS EOOD", on its own initiative or upon your request, completes, corrects or deletes all other inaccurate or outdated personal data stored by PULSE Sports Club in Sofia in connection with the operation of the Site.
Please be advised that you have the right to object / complaint to the Personal Data Protection Commission, address: Sofia 1592, "Prof. Tsvetan Lazarov "№ 2; www.cpdp.bg.