Privacy Policy

Thank you for visiting our website. We take the protection of your privacy very seriously and want you to feel protected during your visit.

Exercise your rights

Privacy Notice on incoming and outgoing telephone records

Уведомление за поверителност относно записи на входящи и изходящи телефонни разговори
"Please read this document!

At the beginning of each phone call, our employee will inform you that the call will be recorded, indicating that more information about the recording conditions can be found in this document.

We know that providing detailed information during the call is practically impossible, as it can be confusing and hinder the conversation. At the same time, however, we are legally obligated to provide you with this information. Therefore, in order to balance your right to receive the necessary information and our obligation to provide it, we have created this comprehensive Privacy Notice regarding the recording of incoming and outgoing phone calls, which complies with the available best practices in the field of data protection.

If you have any questions, please feel free to contact our data protection officer at the email: [email protected]

Information in accordance with Articles 13/14 of the General Data Protection Regulation.

Data about the administrator:

“EOS Matrix” Ltd, UIC: 131001375

Address: 6 Racho Petkov Kazandzhiyata Str., postal code 1766 Sofia, Bulgaria.

Purposes of processing and legal basis
Phone calls made to and from our Customer Service Contact Center (“Call Center”) are recorded for the purposes of:

Internal monitoring for compliance with legal and ethical frameworks in communication with customers.

Investigating reports, complaints, and grievances from customers.

A limited number of these recordings, after anonymization, are used for the purposes of:

Training and improving the qualifications of employees, as well as enhancing service to enable more effective communication with customers.
The data being processed and the activities themselves are based on:

Legitimate interests of the customers of “EOS Matrix” Ltd to receive quality service that complies with legislation and ethical standards.
Under the data protection legislation, this is a legal basis specified in Article 6, paragraph 1, letter e) of the GDPR.

Legitimate interests of the employees of “EOS Matrix” Ltd, in case it is necessary to prove a certain circumstance in response to a complaint from a customer/another person or from a supervisory authority (as long as the complaint was made within the retention period of the recordings) or alternatively, if there are doubts about unprofessional or unethical behavior of an employee, as a result of which an internal investigation is conducted.
Under the data protection legislation, this is a legal basis specified in Article 6, paragraph 1, letter e) of the GDPR.

Regulatory requirements for “EOS Matrix” Ltd to ensure compliance with applicable legislative requirements, including those for the sector, as well as the legitimate interests of “EOS Matrix” Ltd to provide quality service to its customers, to train and improve the qualifications of its employees, and to protect the security of the company, its customers, and employees.
Under the data protection legislation, this is a legal basis specified in Article 6, paragraph 1, letter e) of the GDPR.

You have the right to object to such a recording by notifying our telephone operator. In this case, the call will be marked for "immediate deletion." You can also send your request to the above-mentioned email of the data protection officer, namely: [email protected].

In case you raise an objection, an additional review of the content of the call will be conducted, specifically whether it violates the legitimate interests of the company or a third party.

If such a violation is not established, the call will be irreversibly deleted within seven days. We will explicitly inform you of the results and the action taken.

In case a dispute arises regarding the call, it will be retained until the completion of the investigation procedure itself.

We would like to inform you that the recordings are used only for the purposes mentioned above, and the recordings are made using technical means and systems without functionalities for automated processing of your personal data (including biometric data), and there is also no possibility for you to be profiled or to be subject to automated decision-making.

The recordings are stored in an internal system of “EOS Matrix” Ltd for a minimum period, as specified below.

Categories of data and sources of data
The personal data we collect during incoming/outgoing phone calls to and from our Call Center is provided to us directly by you.

Your phone number has been obtained from your previous creditor, another obligated party regarding the credit, another designated contact person from your side, or if you have contacted us from the specified phone number or during communication with you, if you have explicitly provided a specific phone number.

If a contact number for you appears in public registers (e.g., in the Commercial Register and the Register of Non-Governmental Organizations with the Registry Agency), we may use this phone number to contact you.

“EOS Matrix” Ltd follows a strict information security policy for its clients during phone calls, which excludes the provision of information about you and your obligation to third parties when those parties have no connection to the specific obligation.

When recording phone calls, the following categories of personal data are processed:

Recording of the voice of the person initiating the phone communication and of the employee of “EOS Matrix” Ltd who receives or makes the call.
Information identifying the employee of “EOS Matrix” Ltd who receives or makes the call (name, position).
Information identifying the person who receives or makes the call.
Other data that the person voluntarily decides to share during the phone call.
Depending on the purpose of the incoming/outgoing call to and from our Call Center, it may also be possible to collect other information regarding your obligation that we have purchased (e.g., providing information about the amount of the obligation, options for entering into an agreement for installment of the obligation, or clarifying reasons for delay or lack of payments, etc.).
As a rule, only information about you that is necessary for us to manage and collect the respective obligation is processed. This includes the collection and processing of personal data about you that are not classified as special categories of personal data (“sensitive data”), revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or membership in trade unions, as well as the processing of genetic data, biometric data solely for the purposes of identifying a natural person, data about health status, or data about the sexual life or sexual orientation of a person. Therefore, we emphasize that if during the phone call you decide to share such sensitive data, “EOS Matrix” Ltd will not be able to take them into account and process them without your explicit written consent. The call operator will explain the requirements of the Vulnerable Customers Management Policy, under which sensitive data about you may be collected, as well as the conditions under which these sensitive data may be collected, namely by filling out a special declaration.

Recipients
Only duly authorized employees of “EOS Matrix” Ltd have access to phone recordings for the purposes mentioned above.

In certain cases, during the investigation of incoming reports and complaints, phone recordings may also be disclosed to competent law enforcement authorities in fulfillment of our legal obligation to assist them during the investigation.

The personal data contained in recordings of phone calls made with/from our Call Center is not transferred to a third country outside the European Union or to an international organization.

Retention period
Recordings of incoming/outgoing phone calls will be stored through our recording system for up to 6 months. If necessary to extend the period for the purpose of protection against legal claims (e.g., in case of a dispute with or complaint from a customer), we may retain specific recordings until the respective case is resolved.

Rights of data subjects
You have the right to object by sending an email as mentioned above or by informing our operator.

Beyond the right to object to the recording being made, “EOS Matrix” Ltd will consider and respond to any other inquiry and/or request for exercising rights under Articles 15 – 22 of the GDPR, including your right to information, right of access, right to rectification, right to deletion, right to restriction of processing, within a period not exceeding 1 month.

In accordance with Article 77 of the GDPR, you also have the right to lodge a complaint with the Commission for Personal Data Protection, Republic of Bulgaria, which is our supervisory authority.

This policy was updated on December 21, 2023."

Privacy Notice for debtors of EOS Matrix

Уведомление за поверителност относно обработката на лични данни на клиенти (длъжници) на ЕОС Матрикс

Information in Accordance with Article 13/14 of the General Data Protection Regulation

Identity of the controller:

EOS Matrix EOOD, company ID 131001375,

Address: 6 Racho Petkov Kazandjiata, Str. Sofia, 1766, Bulgaria

You can contact the Data Protection Officer via the above-mentioned postal address or by e-mail: [email protected].

Additional information about our company, details about the empowered representatives and additional contact options is available on our website: https://bg.eos-solutions.com.

1. Purposes for processing and legal basis:

Data processing is carried out for the purposes of exercising of a credit contract (or other contract/agreement) as well as the collection of the receivable under such contract in accordance with Art. 6, par. 1 (b) of the GDPR.

The processing is carried out also for fulfillment of the legal obligations of the controller in accordance with Art. 6, par. 1. (c) of the GDPR (for example for applying anti money-laundering measures and measures against terrorism financing, obligations for sending information to Central Credit Register etc.).

Personal data processing is needed also for the purposes of the legitimate interests of the controller - Art. 6, par. 1. (f) of the GDPR for example: for collection of receivables under contract, concluded with the previous creditor, when the receivables have been transferred to the controller, including for enforcement procedures, as well as for initiation of court and out-of-court proceeding for debt collection and maintaining contact with the debtor, as well as for debt managing.

Another purpose for processing is notifying for the cession agreement in the name of the previous creditor, in cases when we have been empowered for such action by the the previous creditor.

When the controller processes your personal data, you are not subject to automatic decisions, including profiling.

2. Data categories and data sources:

We process some or all of the following categories of data: Personal master data (name, PIN etc.), address data, communication data, data for working place and employer, property status, contract data, receivables data, payments information, bank account, previous/initial creditor, if applicable.

The data from these categories was either supplied to us bythe initial/previous creditor, by you or by any of the recipients hereunder.

3. Recipients:

Regarding the business activities of the controller your personal your data will be processed by employees of the company, who have undertaken confidentiality obligations about the information they have acknowledged in connection to their occupational obligations and which have received such data in connection to their responsibilities in the company, on a need-to-know basis.

We may disclose your data, if necessary and according the requirements of legislation applicable, to any of the following categories of recipients: competent administrative institutions when provided by law, courts, Ministry of Internal Affairs, State Agency National Security, prosecutor’s office, bailiffs, Central Credit Register, lawyers, service suppliers, e.g. post office services, banks, companies for receivable management. Disclosing of data to third parties can be done after consideration of the necessity the basis for each case.

We may provide data to personal data processors in case your data will be processed by data processor according to Art. 28 GDPR.

Your data will be processed only within the EU. In case in the future it is needed the data to be transferred to third countries or international organizations outside EU, this will be done by following the requirements of GDPR and only if the third country has been confirmed an adequate level of personal data protection by the European committee or if other appropriate level of security is presented (e.g. standard contractual clauses, approved according to GDPR or obligatory company rules).

4. Duration of storage:

After total repayment of the debt/s (via repayment, set-off etc.) or termination of the legal obligations with company on other basis, we will store our data for a period of 5 (five) years and after that, when we protect our legitimate and/or legal interest, until their protection is realised, unless we have legal right or obligation to store the data for a longer period. Personal data, for which there is no legal basis for storage for a longer period, will be deleted after fulfillment of the purposes for which the data have been collected and processed.

5. Rights of the data subject:

In accordance with Art. 15–22 of the GDPR, you have the following rights if the legal requirements are applicable:

Right to access:

As per Art. 15 GDPR you have right of access to your personal data processed by the Controller.

We notify you that if you file a non-written request, we could ask you to provide an additional proof for your identity.

Right to personal data rectification:

As per Ar. 16 GDPR you have the right to require rectification of non-correct personal data or supplementation of your personal data storage by us.

Right to erasure:

As per Art. 17 GDPR you have the right to erasure (right to be forgotten) of personal data which have been processed unlawfully or on expired legal basis (expired period of storage, withdrawn consent, fulfilled purpose for which the data have been collected etc.)

Right to restriction of processing:

As per 18 GDPR you have the right to restriction of processing of your personal data in case the accuracy of the data is being disputed or the processing is unlawful, but you do not want erasure, or in case we do not need the data, but you require establishment, exercising or protection of legal claims or you have filed objection against processing as per Art. 21 GDPR.

Right to data portability:

As per Art. 20 GDPR you require to receive your personal data, which you have provided to us in a structured, commonly used and machine-readable format or their transfer to another controller.

Consent withdrawal:

As per Art. 7, para 3 GDPR you can withdraw your consent for personal data processing which you have previously given to us at any time. In such case we would not be able to continue personal data processing, based on your consent.

Right to object:

In cases in which processing is based on legitimate interest of the company or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller you have the right to object against processing meeting the requirements of Art. 21 GDPR.

Right to file a complaint:

Pursuant to Article 77 GDPR, you have the right to lodge a complaint before the competent court or a Data Protection Supervisory Authority, namely Commission for Personal Data Protection, address: 2 bul. Prof. Tzvetan Lazarov, Sofia, 1592, Republic of Bulgaria.

Date of this Information: July 2020

Privacy Notice for Applicants EOS Matrix

Уведомление за поверителност относно обработката на лични данни на участници в процедури по наемане и подбор на персонал

Information in Accordance with Article 13/14 of the General Data Protection Regulation

We are delighted that you are interested in EOS Matrix EOOD and that you have applied or are applying for a position in our company. We attach particular importance to the protection of your personal data. Your personal data will be processed in accordance with the current data protection regulations in accordance with the legal regulations in force from 25 May 2018, i.e. the General Data Protection Regulation. Below we would like to provide you the information for the processing of your personal data in connection with your application.

Identity of the controller:

EOS Matrix EOOD, company ID 131001375,

Address: 6 Racho Petkov Kazandjiata, Str. Sofia, 1766, Bulgaria

You can contact the Data Protection Officer via the above-mentioned postal address or by e-mail: [email protected].

Additional information about our company, details about the empowered representatives and additional contact options is available on our website: https://bg.eos-solutions.com

Purposes of data processing and legal basis for the processing

We process the data that you have sent us in connection with your application in order to check your suitability for the position (or other vacancies in our company, if necessary - if your consent is required by law, we will obtain it beforehand) and to carry out the application procedure for choosing appropriate candidates for vacant job positions in the company.

If further data are processed in the context of the current application process, we will inform you about this separately.

The legal basis for the processing of your personal data in this application procedure is primarily Article 6 (1) b GDPR – processing is need for initiating of steps for request of the data subject before the conclusion of the contract, as well as per Art. 6, para. 1 f) GDPR considering the legitimate interest of the company to choose employees, which meet the requirements for the respective job position and to enter into employment relationship with them.

Should the data be necessary for legal/judicial prosecution after completion of the application procedure, data may be processed on the basis of the requirements of Art. 6 para. 1 f) GDPR - to fulfil legitimate interests of the controller. Our interest is then to protect our rights and interests by filing or defending against claims or other pretenses, including within administrative procedures.

When the controller processes your personal data, you are not subject to automatic decisions, including profiling.

2. Data categories and data sources:

Within the application process for vacant positions in the company we process personal data provided by you in your CV and/or motivation letter, or during the job interview.

We process the following categories of data -

Personal master data (name, date of birth), address data, communication data and data for education and other qualifications and other data relative and necessary for the personnel selection process.

Your data might be received by a company specialized in intermediary services for employment, in case you apply via such company and you have provided your personal data to it.

Recipients

Your application data will be reviewed by an employee from the Human Resources Department upon receipt of your application. Suitable applications are then forwarded internally to the department heads for the respective open position. In the company, only those persons have access to your data who need them for the proper handling of our application process on a need-to-know basis.

We can provide data to personal data processors and their sub processors, who provide services connected to personnel selection by meeting the requirements of Art. 28 GDPR.

Your data will be processed only within the EU. In case in the future the data is needed to be transferred to third countries or international organizations outside EU, this will be done by following the requirements of GDPR and only if the third country has been confirmed an adequate level of personal data protection by the European committee or if other appropriate level of security is presented (e.g. standard contractual clauses, approved according to GDPR or obligatory company rules).

Duration of data storage

In case of rejection data of the applicant will be deleted after 6 months.

In the event that you have provided consent to further storage of your personal data, we will add your data to our applicant pool. There the data will be deleted after three years.

The company has the right to storage personal data of applicants in personnel selection procedure, which data is contained in the internal documents of the company compiled by its employees, regarding the personnel selection process for the purposes provided as per Art. 52 from the Protection against discrimination act for a period of 3 years.

If you have been approved for a respective job position during the personnel selection process and you sign an employment agreement with the company, your data will be processed on this legal ground.

5. Rights of the data subject:

In accordance with Art. 15–22 of the GDPR, you have the following rights if the legal requirements are met:

Right to access

As per Art. 15 GDPR you have right of access to your personal data processed by the Controller.

We notify you that if you file a non-written request, we could ask you to provide an additional proof for your identity.

Right to personal data rectification:

As per Ar. 16 GDPR you have the right to require rectification of non-correct personal data or supplementation of your personal data storage by us.

Right to erasure:

As per Art. 17 GDPR you have the right to erasure (right to be forgotten) of personal data which have been processed unlawfully or on expired legal basis (expired period of storage, withdrawn consent, fulfilled purpose for which the data have been collected etc.)

Right to restriction of processing:

As per 18 GDPR you have the right to restriction of processing of your personal data in case the accuracy of the data is being disputed or the processing is unlawful, but you do not want erasure, or in case we do not need the data, but you require establishment, exercising or protection of legal claims or you have filed objection against processing as per Art. 21 GDPR.

Right to data portability:

As per Art. 20 GDPR you require to receive your personal data, which you have provided to us in a structured, commonly used and machine-readable format or their transfer to another controller.

Consent withdrawal:

As per Art. 7, para 3 GDPR you can withdraw your consent for personal data processing which you have previously given to us at any time. In such case we would not be able to continue personal data processing, based on your consent.

Right to object:

In cases in which processing is based on legitimate interest of the company or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller you have the right to object against processing meeting the requirements of Art. 21 GDPR.

Right to file a complaint:

Pursuant to Article 77 GDPR, you have the right to lodge a complaint before the competent court or a Data Protection Supervisory Authority, namely Commission for Personal Data Protection, address: 2 bul. Prof. Tzvetan Lazarov, Sofia, 1592, Republic of Bulgaria.

Date of this Information: July 2020

Privacy notice suppliers clients and contact persons EOS Matrix

Уведомление за поверителност на личните данни за доставчици, клиенти и лица за контакт ЕОС Матрикс

Information in Accordance with Article 13/14 of the General Data Protection Regulation.

Identity of the controller:

EOS Matrix EOOD, company ID 131001375,

Address: 6 Racho Petkov Kazandjiata, Str. Sofia, 1766, Bulgaria

You can contact the Data Protection Officer via the above-mentioned postal address or by e-mail: [email protected].

Additional information about our company, details about the empowered representatives and additional contact options is available on our website: https://bg.eos-solutions.com

1. Purposes for processing and legal basis:

Data processing is carried out for the purposes of initiating a contract as well as the fulfilment of the contract in accordance with Art. 6, par. 1 (b) of the GDPR.

For fulfillment of his legal obligations in accordance with Art. 6, par. 1. (c) of the GDPR (for example for applying anti money-laundering measures and measures against terrorism financing).

In accordance with Art. 6, par. 1. (f) of the GDPR another purposes for data processing is for:

Maintaining contact and correspondence regarding concluded contracts, tenders, negotiations and exercising procedural rights.

Building and maintain business relationships/partnerships (e.g. by inviting you to our client events, sending you greeting cards and etc.).

When the controller processes your personal data, you are not subject to automatic decisions, including profiling.

2. Data categories and data sources:

We process some or all of the following categories of data:

Personal master data (name, PIN), address data, communication data and data for working place and employer. The data from these categories was either supplied to us by you, third parties – for example the contracting party or acquired from publicly available data sources (e.g. Commercial Register).

3. Recipients:

Regarding the business activities of the controller your personal your data will be processed by employees of the company, who have undertaken confidentiality obligations about the information they have acknowledged in connection to their occupational obligations and which have received such data in connection to their responsibilities in the company, on a need-to-know basis.

We may disclose your data, if necessary and according the requirements of legislation applicable, to any of the following categories of recipients: competent administrative institutions when provided by law, courts, Ministry of Internal Affairs, State Agency National Security, prosecutor’s office, bailiffs, lawyers, company part of EOS Group, service suppliers, e.g. post office services, banks, companies for receivable management. Disclosing of data to third parties can be done after consideration of the necessity the basis for each case.

We may provide data to personal data processors in case your data will be processed by data processor according to Art. 28 GDPR.

Your data will be processed only within the EU. In case in the future it is needed the data to be transferred to third countries or international organizations outside EU, this will be done by following the requirements of GDPR and only if the third country has been confirmed an adequate level of personal data protection by the European committee or if other appropriate level of security is presented (e.g. standard contractual clauses, approved according to GDPR or obligatory company rules).

4. Duration of storage:

Your data will be stored for a period no longer than the period necessary for the respective purpose unless the legislation applicable provides a longer or shorter period or the storage is need for the preservation of the legal interests of the controller. Upon expiration of this period your personal data will be deleted from our data bases.

If the erasure of data is requested, or permission to process the data is revoked, an assessment is performed regarding whether there is a lack of legal basis and what the purposes for storage are. If there is neither a legal basis nor legitimate purpose for storage, the data is erased immediately.

5. Rights of the data subject:

In accordance with Art. 15–22 of the GDPR, you have the following rights if the legal requirements are met:

Right to access

As per Art. 15 GDPR you have right of access to your personal data processed by the Controller.

We notify you that if you file a non-written request, we could ask you to provide an additional proof for your identity.

Right to personal data rectification:

As per Ar. 16 GDPR you have the right to require rectification of non-correct personal data or supplementation of your personal data storage by us.

Right to erasure

As per Art. 17 GDPR you have the right to erasure (right to be forgotten) of personal data which have been processed unlawfully or on expired legal basis (expired period of storage, withdrawn consent, fulfilled purpose for which the data have been collected etc.)

Right to restriction of processing:

As per 18 GDPR you have the right to restriction of processing of your personal data in case the accuracy of the data is being disputed or the processing is unlawful, but you do not want erasure, or in case we do not need the data, but you require establishment, exercising or protection of legal claims or you have filed objection against processing as per Art. 21 GDPR.

Right to data portability:

As per Art. 20 GDPR you require to receive your personal data, which you have provided to us in a structured, commonly used and machine-readable format or their transfer to another controller.

Consent withdrawal:

As per Art. 7, para 3 GDPR you can withdraw your consent for personal data processing which you have previously given to us at any time. In such case we would not be able to continue personal data processing, based on your consent.

Right to object:

In cases in which processing is based on legitimate interest of the company or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller you have the right to object against processing meeting the requirements of Art. 21 GDPR.

Right to file a complaint

Pursuant to Article 77 GDPR, you have the right to lodge a complaint before the competent court or a Data Protection Supervisory Authority, namely Commission for Personal Data Protection, address: 2 bul. Prof. Tzvetan Lazarov, Sofia, 1592, Republic of Bulgaria.

Date of this Information: July 2020

1. The name and contact details of the person responsible for the processing ('data controller') and the company's data protection officer

The privacy policy applies to data processing by:

EOS Matrix EOOD / EOS Services EOOD

4–6, Racho Petkov Kazandzhiyata Str.
Matrix Tower
Sofia 1766
Bulgaria

Tel.: +359 2 9760800
Fax: +359 2 4899468

E-mail: [email protected]

Managing Directors
Rayna Mitkova-Todorova
Tihomir Valchev

Commercial Register

10016/2002

The data protection officer for the companies EOS Matrix EOOD / EOS Services EOOD can be contacted at the above address (please include the line ATTENTION: EOS Matrix EOOD / EOS Services EOOD – bg.eos-solutions.com or by email at [email protected].

2. Scope

This privacy policy applies to the collection of personal data on our website and the subsequent processing of these data by us.

This privacy policy further serves towards provision of information pursuant to Articles 13 and 14 of the GDPR for data processing outside the scope of collection via this website. As such we will provide you with separate privacy policies for specific data processing activities on a case-by-case basis.

3. Privacy policies of the other companies of EOS Group

This privacy policy does not apply to data processed by the other companies of EOS Group. This is also the case if these other companies of EOS Group along with their contacts are named on our website and/or their services are shown on our website.

The other companies of EOS Group will provide you with separate privacy policies for specific data processing activities on a case-by-case basis.

4. Collection and storage of personal data and nature and purpose of their processing

a. When you visit the website

When you retrieve our website bg.eos-solutions.com the browser used on your device automatically sends information to our website’s server. This information is temporarily saved in a log file. The following information is collected without your intervention and saved until it is is automatically deleted after three (3) days:

IP address of retrieving computer,
date and time of access,
name and URL of retrieved file,
website from which access occurred (referrer URL),
website retrieved from our website,
your computer’s browser and possibly operating system as well as name of your access provider.

The aforementioned data are processed by us for the following purposes:

to ensure trouble-free connection establishment to the website,
to ensure comfortable use of our website,
to analyse the system security and stability, and
for other administrative purposes.

The legal basis for processing of the data is Art. 6(1) Sent. 1 (f) of the GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about you.

Beyond that we use cookies and analysis services when you visit our website. More detailed information about this can be found in sections 4 and 5 of this privacy policy.

b. When you contact us by email

You can contact us with questions of any kind via the provided email address(es).

If you do so the personal data transmitted via the email are saved. The legal basis for data processing for the purpose of making contact is Art. 6(1)(f) of the GDPR. If contact is made for the purpose of concluding a contract an additional legal basis for processing is Art. (6)(1)(b) of the GDPR.

We delete the personal data collected by us after processing your enquiry provided we are not legally entitled or obligated to process it further.

5. Passing on of data

We only pass your personal data on to other companies of EOS Group or other third parties (recipients) if:

you have provided your explicit consent for one or more specific purposes pursuant to Art. 6(1) Sent. 1 (a) of the GDPR,
disclosure pursuant to Art. 6(1) Sent. 1 (f) of the GDPR is necessary for the assertion, exercising or defence of legal claims and there is no reason to assume that you have a primary protection-worthy interest in not having your data disclosed,
for the case that there is a legal obligation for disclosure pursuant to Art. 6(1) Sent. 1 (c) of the GDPR and
it is legally permissible and necessary for fulfilment of contractual obligations pursuant to Art. 6(1) Sent. 1 (b) of the GDPR.
we have the data processed on our behalf in compliance with Art. 28 of the GDPR.

Transmission of your personal data for purposes other than those listed above does not occur.

6. Cookies

Like most websites, we use cookies when you access and browse our website in order to make your visit as comfortable and effective as possible. Cookies are small files that are created by the website and are automatically stored in the browser of your device (laptop, tablet, smartphone, or similar). Cookies do not harm your device and do not contain any viruses, Trojans, or other malicious software. Information yielded in connection with the specific device used is stored in the cookie. However, this does not mean that we directly receive knowledge of your identity through this.

Use of cookies serves, for one thing, to make use of our offering more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after you leave our website. Likewise, to optimize the user-friendliness, we also use temporary cookies, which are saved on your device for a specific defined period of time. If you visit our website again to use our services, it will automatically be recognized that you already visited us and the entries and settings you made will automatically be recognized so that you do not have to enter them again.

Cookies are divided up into the four categories of “Necessary,” “Statistics,” “Comfort,” and “Marketing.”
Necessary cookies are required for the operation and the basic functions of our website. They enable the security-relevant functioning of this website.

Statistical cookies are used for improving our offering and ensuring a needs-based design and the continuous optimization of our website. For this, we collect anonymized data for statistics and analytics, for example, to determine site traffic, page view statistics, user behavior, and to adapt and improve our content and the website experience.

Comfort cookies are used for facilitating the use of our website. If you visit this website again to use our service, it will automatically be recognized that you were on our website and the entries and settings you made will automatically be recognized so that you do not have to enter them again. For example, through this, you will not have to reenter your user data every time, but rather you can access the data already entered when you visit the website again.

We use marketing cookies so that we can provide you with relevant and interest-based content when you visit our website.

The data processed through necessary cookies are for the stated purposes for safeguarding our legitimate interests pursuant to Article 6 para. 1 sent. 1 lit. f of the GDPR, such as the proper functioning of the site.
The data collected and processed through comfort, statistical and marketing cookies is done under your given consent, in accordance with Article 6 para. 1 sent. 1 lit. a of the GDPR for the purposes of serving personalized content, for statistical purposes that aim to improve the user experience and marketing purposes. For these you can change/withdraw your consent, by clicking on the Change Cookies settings on the bottom of the website.

Cookie Management

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a notification message always appears before a new cookie is placed. Each browser differs depending on how it manages cookie settings. This is described in the Help menu of each browser, which explains how to change your cookie settings. Follow the links below depending on the browser you are using:

Complete deactivation of cookies, however, may lead to you not being able to use all of the features of our website.

Click here for more information about the individual cookies.

7. Analysis tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6(1) Sent. 1 (f) of the GDPR. We use these tracking measures to ensure that our website is designed according to requirements and optimised on an ongoing basis. We also use the tracking measures to collect statistics on the use of our website and analyse them for the purpose of optimising our offering for you. These interests are to be considered as being legitimate in the sense given in the aforementioned regulation.

The respective purposes for data processing and data categories can be found in the corresponding tracking tools in this section.

8. Siteimprove Analytics

Usage of Siteimprove Analytics

This website uses Siteimprove Analytics, a web analytics service provided by Siteimprove. Siteimprove Analytics uses „cookies“, which are text files placed on your computer, to help
EOS Matrix EOOD / EOS Services EOOD analyse how visitors use the site. The information generated by the cookies about the visitors’ use of the website will be stored and processed by Siteimprove on servers in Denmark.

IP addresses are anonymized irreversibly before data is made available in the Siteimprove Analytics or Intelligence Suite for EOS.

9. Social media and video

a) Social Media

We use buttons from social networks Facebook, Twitter, Google+, LinkedIn, an on our website. The buttons are simple HTML links. The procedure we use is within the framework of the Shariff solution. With the Shariff solution a script retrieves the number of times, e.g., the share button on a page has been clicked on: for this the script contacts the social network via the programming interfaces and retrieves the numbers. None of your personal data are transmitted in the process. Rather than your IP address, only our server address is transmitted to Facebook, Google and Twitter. You only become directly connected to Facebook, Google or Twitter if you perform an action. Before that the social networks cannot collect any data about you. As long as you do not click on a link to share content, you remain invisible to the networks. If you click on a link, the obligation to provide information about data collection and processing no longer rests with us, but rather with the operator of the social network.

b) YouTube Videos

Our website contains links to videos from YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. If you visit a website on our website that contains such a video, a direct connection is established between your browser and the YouTube server after you have activated the video.

YouTube receives the information that you have visited our website with your IP address. If you click on the link to the video, your IP address will be forwarded to YouTube. We would like to point out that, as the provider of our website, we have no knowledge of the content of the transmitted data or of its use by YouTube. For more information, please see YouTube's privacy policy (https://www.youtube.com/)

10. Rights of data subjects

You have the right:

pursuant to Art. 15 of the GDPR to request information about your personal data processed by us, in particular about the purposes for processing, the personal data category, the categories of the recipients to whom your data have been or will be disclosed, the planned retention duration, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if they were not collected by us and the existence of automated decision-making including profiling and if applicable meaningful information about their details;

pursuant to Art. 16 of the GDPR to demand the immediate rectification of incorrect or completion of the personal data saved by us about you;
pursuant to Art. 17 of the GDPR to demand the erasure of the personal data saved by us about you as long as processing is not necessary for exercising of the right to freedom of expression and information, for fulfilment of a legal obligation, for reasons of public interest or for assertion, exercising or defence of legal claims;
pursuant to Art. 18 of the GDPR to demand the restriction of processing of your personal data as long as the accuracy of the data is questioned by you and processing is unlawful, but you reject their erasure and we no longer need the data, but you require them for assertion, exercising or defence of legal claims or you have filed an objection to the processing in accordance with Art. 21 of the GDPR;
pursuant to Art. 20 of the GDPR to demand receipt in a structured, standard and machine-readable format of your personal data which you provided to us or transmission to another responsible party;
pursuant to Art. 7(3) of the GDPR to withdraw the consent you previously granted us at any time. This has the consequence that we may not continue the data processing upon which this consent was based in the future and
pursuant to Art. 77 of the GDPR to file a complaint with a supervisory authority. Usually you can contact the supervisory authority in your usual place of residence or workplace or our headquarters.

11. Right to object

If your personal data are processed on the basis of legitimate interests in accordance with Art. 6(1) Sent. 1 (f) of the GDPR you have the right pursuant to Art. 21 of the GDPR to object to the processing of your personal data as long as there are reasons arising from your particular situation for this or the objection is directed to direct advertising. In the latter case you have a general objection right which will be implemented by us without statement of any particular situation.

If you would like to make use of your right to withdraw or reject you only need to send an email to: [email protected].

12. Data security

Within the website visit we use the widespread SSL (secure socket layer) method in conjunction with the highest level of encryption supported by your browser. In general this is 256-bit encryption. If your browser does not support 256-bit encryption, we fall back on 128-bit v3 technology instead. You can recognise that an individual webpage in our internet presence is being transmitted in encrypted form by the closed key or padlock icon in the bottom status bar of your browser.

We also take suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are being improved continuously according to technological developments.

13. Updating and amending this Privacy Policy

This privacy policy is currently valid and was last updated in May 2018.

It may be necessary to change this privacy policy due to improvements in our website and the offerings via our website or due to changed legal or official requirements. The current privacy policy can be retrieved from our website at https://bg.eos-solutions.com and printed out at any time.