Privacy Policy

Thank you for visiting our website. We take the protection of your privacy very seriously and want you to feel protected during your visit.

Exercise your rights

  • Information in Accordance with Article 13/14 of the General Data Protection Regulation

    Identity of the controller:

    EOS Matrix EOOD, company ID 131001375,

    Address: 6 Racho Petkov Kazandjiata, Str. Sofia, 1766, Bulgaria

     

    You can contact the Data Protection Officer via the above-mentioned postal address or by e-mail: DPO@eos-matrix.bg.

    Additional information about our company, details about the empowered representatives and additional contact options is available on our website: https://bg.eos-solutions.com.

    1. Purposes for processing and legal basis:

    Data processing is carried out for the purposes of exercising of a credit contract (or other contract/agreement) as well as the collection of the receivable under such contract in accordance with Art. 6, par. 1 (b) of the GDPR.

    The processing is carried out also for fulfillment of the legal obligations of the controller in accordance with Art. 6, par. 1. (c) of the GDPR (for example for applying anti money-laundering measures and measures against terrorism financing, obligations for sending information to Central Credit Register etc.).

    Personal data processing is needed also for the purposes of the legitimate interests of the controller - Art. 6, par. 1. (f) of the GDPR for example: for collection of receivables under contract, concluded with the previous creditor, when the receivables have been transferred to the controller, including for enforcement procedures, as well as for initiation of court and out-of-court proceeding for debt collection and maintaining contact with the debtor, as well as for debt managing.

    Another purpose for processing is notifying for the cession agreement in the name of the previous creditor, in cases when we have been empowered for such action by the the previous creditor.

    When the controller processes your personal data, you are not subject to automatic decisions, including profiling.

    2. Data categories and data sources:

    We process some or all of the following categories of data: Personal master data (name, PIN etc.), address data, communication data, data for working place and employer, property status, contract data, receivables data, payments information, bank account, previous/initial creditor, if applicable.

    The data from these categories was either supplied to us bythe initial/previous creditor, by you or by any of the recipients hereunder.

    3. Recipients:

    Regarding the business activities of the controller your personal your data will be processed by employees of the company, who have undertaken confidentiality obligations about the information they have acknowledged in connection to their occupational obligations and which have received such data in connection to their responsibilities in the company, on a need-to-know basis.

    We may disclose your data, if necessary and according the requirements of legislation applicable, to any of the following categories of recipients: competent administrative institutions when provided by law, courts, Ministry of Internal Affairs, State Agency National Security, prosecutor’s office, bailiffs, Central Credit Register, lawyers, service suppliers, e.g. post office services, banks, companies for receivable management. Disclosing of data to third parties can be done after consideration of the necessity the basis for each case.

    We may provide data to personal data processors in case your data will be processed by data processor according to Art. 28 GDPR.

    Your data will be processed only within the EU. In case in the future it is needed the data to be transferred to third countries or international organizations outside EU, this will be done by following the requirements of GDPR and only if the third country has been confirmed an adequate level of personal data protection by the European committee or if other appropriate level of security is presented (e.g. standard contractual clauses, approved according to GDPR or obligatory company rules).

    4. Duration of storage:

    After total repayment of the debt/s (via repayment, set-off etc.) or termination of the legal obligations with company on other basis, we will store our data for a period of 5 (five) years and after that, when we protect our legitimate and/or legal interest, until their protection is realised, unless we have legal right or obligation to store the data for a longer period. Personal data, for which there is no legal basis for storage for a longer period, will be deleted after fulfillment of the purposes for which the data have been collected and processed.

    5. Rights of the data subject:

    In accordance with Art. 15–22 of the GDPR, you have the following rights if the legal requirements are applicable:

    Right to access:

    As per Art. 15 GDPR you have right of access to your personal data processed by the Controller.

    We notify you that if you file a non-written request, we could ask you to provide an additional proof for your identity.

    Right to personal data rectification:

    As per Ar. 16 GDPR you have the right to require rectification of non-correct personal data or supplementation of your personal data storage by us.

    Right to erasure:

    As per Art. 17 GDPR you have the right to erasure (right to be forgotten) of personal data which have been processed unlawfully or on expired legal basis (expired period of storage, withdrawn consent, fulfilled purpose for which the data have been collected etc.)

    Right to restriction of processing:

    As per 18 GDPR you have the right to restriction of processing of your personal data in case the accuracy of the data is being disputed or the processing is unlawful, but you do not want erasure, or in case we do not need the data, but you require establishment, exercising or protection of legal claims or you have filed objection against processing as per Art. 21 GDPR.

    Right to data portability:

    As per Art. 20 GDPR you require to receive your personal data, which you have provided to us in a structured, commonly used and machine-readable format or their transfer to another controller.

    Consent withdrawal:

    As per Art. 7, para 3 GDPR you can withdraw your consent for personal data processing which you have previously given to us at any time. In such case we would not be able to continue personal data processing, based on your consent.

    Right to object:

    In cases in which processing is based on legitimate interest of the company or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller you have the right to object against processing meeting the requirements of Art. 21 GDPR.

    Right to file a complaint:

    Pursuant to Article 77 GDPR, you have the right to lodge a complaint before the competent court or a Data Protection Supervisory Authority, namely Commission for Personal Data Protection, address: 2 bul. Prof. Tzvetan Lazarov, Sofia, 1592, Republic of Bulgaria.

    Date of this Information: July 2020

  • Information in Accordance with Article 13/14 of the General Data Protection Regulation

    Identity of the controller:

    EOS Services EOOD, company ID 202965400,

    Address: 6 Racho Petkov Kazandjiata, Str. Sofia, 1766, Bulgaria

     

    You can contact the Data Protection Officer via the above-mentioned postal address or by e-mail: DPO@eos-matrix.bg.

    Additional information about our company, details about the empowered representatives and additional contact options is available on our website: https://bg.eos-solutions.com.

    1. Purposes for processing and legal basis:

    Data processing is carried out for the purposes of exercising of a credit contract as well as the collection of the receivable under such contract in accordance with Art. 6, par. 1 (b) of the GDPR.

    The processing is carried out also for fulfillment of the legal obligations of the controller in accordance with Art. 6, par. 1. (c) of the GDPR (for example for applying anti money-laundering measures and measures against terrorism financing, obligations for sending information to Central Credit Register etc.).

    Personal data processing is needed also for the purposes of the legitimate interests of the controller - Art. 6, par. 1. (f) of the GDPR for example: for collection of receivables under contract, concluded with the previous creditor, when the receivables have been transferred to the controller, including for enforcement procedures, as well as for initiation of court and out-of-court proceeding for debt collection and maintaining contact with the debtor, as well as for debt managing.

    Another purpose for processing is notifying for the cession agreement in the name of the previous creditor, in cases when we have been empowered for such action by the the previous creditor.

    When the controller processes your personal data, you are not subject to automatic decisions, including profiling.

    2. Data categories and data sources:

    We process some or all of the following categories of data: Personal master data (name, PIN etc.), address data, communication data, data for working place and employer, property status, contract data, receivables data, payments information, previous/initial creditor, if applicable.

    The data from these categories was either supplied to us bythe initial/previous creditor, by you or by any of the recipients hereunder.

    3. Recipients:

    Regarding the business activities of the controller your personal your data will be processed by employees of the company, who have undertaken confidentiality obligations about the information they have acknowledged in connection to their occupational obligations and which have received such data in connection to their responsibilities in the company, on a need-to-know basis.

    We may disclose your data, if necessary and according the requirements of legislation applicable, to any of the following categories of recipients: competent administrative institutions when provided by law, courts, Ministry of Internal Affairs, State Agency National Security, prosecutor’s office, bailiffs, Central Credit Register, lawyers, service suppliers, e.g. post office services, banks, companies for receivable management. Disclosing of data to third parties can be done after consideration of the necessity the basis for each case.

    We may provide data to personal data processors in case your data will be processed by data processor according to Art. 28 GDPR.

    Your data will be processed only within the EU. In case in the future it is needed the data to be transferred to third countries or international organizations outside EU, this will be done by following the requirements of GDPR and only if the third country has been confirmed an adequate level of personal data protection by the European committee or if other appropriate level of security is presented (e.g. standard contractual clauses, approved according to GDPR or obligatory company rules).

    4. Duration of storage:

    After total repayment of the debt/s (via repayment, set-off etc.) or termination of the legal obligations with company on other basis, we will store our data for a period of 5 (five) years and after that, when we protect our legitimate and/or legal interest, until their protection is realised, unless we have legal right or obligation to store the data for a longer period. Personal data, for which there is no legal basis for storage for a longer period, will be deleted after fulfillment of the purposes for which the data have been collected and processed.

    5. Rights of the data subject:

    In accordance with Art. 15–22 of the GDPR, you have the following rights if the legal requirements are applicable:

    Right to access:

    As per Art. 15 GDPR you have right of access to your personal data processed by the Controller.

    We notify you that if you file a non-written request, we could ask you to provide an additional proof for your identity.

    Right to personal data rectification:

    As per Ar. 16 GDPR you have the right to require rectification of non-correct personal data or supplementation of your personal data storage by us.

    Right to erasure:

    As per Art. 17 GDPR you have the right to erasure (right to be forgotten) of personal data which have been processed unlawfully or on expired legal basis (expired period of storage, withdrawn consent, fulfilled purpose for which the data have been collected etc.)

    Right to restriction of processing:

    As per 18 GDPR you have the right to restriction of processing of your personal data in case the accuracy of the data is being disputed or the processing is unlawful, but you do not want erasure, or in case we do not need the data, but you require establishment, exercising or protection of legal claims or you have filed objection against processing as per Art. 21 GDPR.

    Right to data portability:

    As per Art. 20 GDPR you require to receive your personal data, which you have provided to us in a structured, commonly used and machine-readable format or their transfer to another controller.

    Consent withdrawal:

    As per Art. 7, para 3 GDPR you can withdraw your consent for personal data processing which you have previously given to us at any time. In such case we would not be able to continue personal data processing, based on your consent.

    Right to object:

    In cases in which processing is based on legitimate interest of the company or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller you have the right to object against processing meeting the requirements of Art. 21 GDPR.

    Right to file a complaint:

    Pursuant to Article 77 GDPR, you have the right to lodge a complaint before the competent court or a Data Protection Supervisory Authority, namely Commission for Personal Data Protection, address: 2 bul. Prof. Tzvetan Lazarov, Sofia, 1592, Republic of Bulgaria.

    Date of this Information: July 2020

  • Information in Accordance with Article 13/14 of the General Data Protection Regulation

    We are delighted that you are interested in EOS Matrix EOOD and that you have applied or are applying for a position in our company. We attach particular importance to the protection of your personal data. Your personal data will be processed in accordance with the current data protection regulations in accordance with the legal regulations in force from 25 May 2018, i.e. the General Data Protection Regulation. Below we would like to provide you the information for the processing of your personal data in connection with your application.

     

    Identity of the controller:

    EOS Matrix EOOD, company ID 131001375,

    Address: 6 Racho Petkov Kazandjiata, Str. Sofia, 1766, Bulgaria

     

    You can contact the Data Protection Officer via the above-mentioned postal address or by e-mail: DPO@eos-matrix.bg.

    Additional information about our company, details about the empowered representatives and additional contact options is available on our website: https://bg.eos-solutions.com

    1. Purposes of data processing and legal basis for the processing

    We process the data that you have sent us in connection with your application in order to check your suitability for the position (or other vacancies in our company, if necessary - if your consent is required by law, we will obtain it beforehand) and to carry out the application procedure for choosing appropriate candidates for vacant job positions in the company.

    If further data are processed in the context of the current application process, we will inform you about this separately.

    The legal basis for the processing of your personal data in this application procedure is primarily Article 6 (1) b GDPR – processing is need for initiating of steps for request of the data subject before the conclusion of the contract, as well as per Art. 6, para. 1 f) GDPR considering the legitimate interest of the company to choose employees, which meet the requirements for the respective job position and to enter into employment relationship with them.

    Should the data be necessary for legal/judicial prosecution after completion of the application procedure, data may be processed on the basis of the requirements of Art. 6  para. 1 f) GDPR - to fulfil legitimate interests of the controller. Our interest is then to protect our rights and interests by filing or defending against claims or other pretenses, including within administrative procedures.

    When the controller processes your personal data, you are not subject to automatic decisions, including profiling.

    2. Data categories and data sources:

    Within the application process for vacant positions in the company we process personal data provided by you in your CV and/or motivation letter, or during the job interview.

    We process the following categories of data -

    Personal master data (name, date of birth), address data, communication data and data for education and other qualifications and other data relative and necessary for the personnel selection process.

    Your data might be received by a company specialized in intermediary services for employment, in case you apply via such company and you have provided your personal data to it.

    1. Recipients

    Your application data will be reviewed by an employee from the Human Resources Department upon receipt of your application. Suitable applications are then forwarded internally to the department heads for the respective open position. In the company, only those persons have access to your data who need them for the proper handling of our application process on a need-to-know basis.

    We can provide data to personal data processors and their sub processors, who provide services connected to personnel selection by meeting the requirements of Art. 28 GDPR.

    Your data will be processed only within the EU. In case in the future the data is needed to be transferred to third countries or international organizations outside EU, this will be done by following the requirements of GDPR and only if the third country has been confirmed an adequate level of personal data protection by the European committee or if other appropriate level of security is presented (e.g. standard contractual clauses, approved according to GDPR or obligatory company rules).

    1. Duration of data storage

    In case of rejection data of the applicant will be deleted after 6 months.

    In the event that you have provided consent to further storage of your personal data, we will add your data to our applicant pool. There the data will be deleted after three years.

    The company has the right to storage personal data of applicants in personnel selection procedure, which data is contained in the internal documents of the company compiled by its employees, regarding the personnel selection process for the purposes provided as per Art. 52 from the Protection against discrimination act for a period of 3 years.

    If you have been approved for a respective job position during the personnel selection process and you sign an employment agreement with the company, your data will be processed on this legal ground.

    5. Rights of the data subject:

    In accordance with Art. 15–22 of the GDPR, you have the following rights if the legal requirements are met:

    Right to access

    As per Art. 15 GDPR you have right of access to your personal data processed by the Controller.

    We notify you that if you file a non-written request, we could ask you to provide an additional proof for your identity.

    Right to personal data rectification:

    As per Ar. 16 GDPR you have the right to require rectification of non-correct personal data or supplementation of your personal data storage by us.

    Right to erasure:

    As per Art. 17 GDPR you have the right to erasure (right to be forgotten) of personal data which have been processed unlawfully or on expired legal basis (expired period of storage, withdrawn consent, fulfilled purpose for which the data have been collected etc.)

    Right to restriction of processing:

    As per 18 GDPR you have the right to restriction of processing of your personal data in case the accuracy of the data is being disputed or the processing is unlawful, but you do not want erasure, or in case we do not need the data, but you require establishment, exercising or protection of legal claims or you have filed objection against processing as per Art. 21 GDPR.

    Right to data portability:

    As per Art. 20 GDPR you require to receive your personal data, which you have provided to us in a structured, commonly used and machine-readable format or their transfer to another controller.

    Consent withdrawal:

    As per Art. 7, para 3 GDPR you can withdraw your consent for personal data processing which you have previously given to us at any time. In such case we would not be able to continue personal data processing, based on your consent.

    Right to object:

    In cases in which processing is based on legitimate interest of the company or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller you have the right to object against processing meeting the requirements of Art. 21 GDPR.

    Right to file a complaint:

    Pursuant to Article 77 GDPR, you have the right to lodge a complaint before the competent court or a Data Protection Supervisory Authority, namely Commission for Personal Data Protection, address: 2 bul. Prof. Tzvetan Lazarov, Sofia, 1592, Republic of Bulgaria.

    Date of this Information: July 2020

  • Information in Accordance with Article 13/14 of the General Data Protection Regulation

    We are delighted that you are interested in EOS Services EOOD and that you have applied or are applying for a position in our company. We attach particular importance to the protection of your personal data. Your personal data will be processed in accordance with the current data protection regulations in accordance with the legal regulations in force from 25 May 2018, i.e. the General Data Protection Regulation. Below we would like to provide you the information for the processing of your personal data in connection with your application.

     

    Identity of the controller:

    EOS Services EOOD, company ID 202965400,

    Address: 6 Racho Petkov Kazandjiata, Str. Sofia, 1766, Bulgaria

     

    You can contact the Data Protection Officer via the above-mentioned postal address or by e-mail: DPO@eos-matrix.bg.

     

    Additional information about our company, details about the empowered representatives and additional contact options is available on our website: https://bg.eos-solutions.com

    1. Purposes of data processing and legal basis for the processing

    We process the data that you have sent us in connection with your application in order to check your suitability for the position (or other vacancies in our company, if necessary - if your consent is required by law, we will obtain it beforehand) and to carry out the application procedure for choosing appropriate candidates for vacant job positions in the company.

    If further data are processed in the context of the current application process, we will inform you about this separately.

    The legal basis for the processing of your personal data in this application procedure is primarily Article 6 (1) b GDPR – processing is need for initiating of steps for request of the data subject before the conclusion of the contract, as well as per Art. 6, para. 1 f) GDPR considering the legitimate interest of the company to choose employees, which meet the requirements for the respective job position and to enter into employment relationship with them.

    Should the data be necessary for legal/judicial prosecution after completion of the application procedure, data may be processed on the basis of the requirements of Art. 6  para. 1 f) GDPR - to fulfil legitimate interests of the controller. Our interest is then to protect our rights and interests by filing or defending against claims or other pretenses, including within administrative procedures.

    When the controller processes your personal data, you are not subject to automatic decisions, including profiling.

    2. Data categories and data sources:

    Within the application process for vacant positions in the company we process personal data provided by you in your CV and/or motivation letter, or during the job interview.

    We process the following categories of data -

    Personal master data (name, date of birth), address data, communication data and data for education and other qualifications and other data relative and necessary for the personnel selection process.

    Your data might be received by a company specialized in intermediary services for employment, in case you apply via such company and you have provided your personal data to it.

    1. Recipients

    Your application data will be reviewed by an employee from the Human Resources Department upon receipt of your application. Suitable applications are then forwarded internally to the department heads for the respective open position. In the company, only those persons have access to your data who need them for the proper handling of our application process on a need-to-know basis.

    We can provide data to personal data processors and their sub processors, who provide services connected to personnel selection by meeting the requirements of Art. 28 GDPR.

    Your data will be processed only within the EU. In case in the future the data is needed to be transferred to third countries or international organizations outside EU, this will be done by following the requirements of GDPR and only if the third country has been confirmed an adequate level of personal data protection by the European committee or if other appropriate level of security is presented (e.g. standard contractual clauses, approved according to GDPR or obligatory company rules).

    1. Duration of data storage

    In case of rejection data of the applicant will be deleted after 6 months.

    In the event that you have provided consent to further storage of your personal data, we will add your data to our applicant pool. There the data will be deleted after three years.

    The company has the right to storage personal data of applicants in personnel selection procedure, which data is contained in the internal documents of the company compiled by its employees, regarding the personnel selection process for the purposes provided as per Art. 52 from the Protection against discrimination act for a period of 3 years.

    If you have been approved for a respective job position during the personnel selection process and you sign an employment agreement with the company, your data will be processed on this legal ground.

    5. Rights of the data subject:

    In accordance with Art. 15–22 of the GDPR, you have the following rights if the legal requirements are met:

    Right to access

    As per Art. 15 GDPR you have right of access to your personal data processed by the Controller.

    We notify you that if you file a non-written request, we could ask you to provide an additional proof for your identity.

    Right to personal data rectification:

    As per Ar. 16 GDPR you have the right to require rectification of non-correct personal data or supplementation of your personal data storage by us.

    Right to erasure:

    As per Art. 17 GDPR you have the right to erasure (right to be forgotten) of personal data which have been processed unlawfully or on expired legal basis (expired period of storage, withdrawn consent, fulfilled purpose for which the data have been collected etc.)

    Right to restriction of processing:

    As per 18 GDPR you have the right to restriction of processing of your personal data in case the accuracy of the data is being disputed or the processing is unlawful, but you do not want erasure, or in case we do not need the data, but you require establishment, exercising or protection of legal claims or you have filed objection against processing as per Art. 21 GDPR.

    Right to data portability:

    As per Art. 20 GDPR you require to receive your personal data, which you have provided to us in a structured, commonly used and machine-readable format or their transfer to another controller.

    Consent withdrawal:

    As per Art. 7, para 3 GDPR you can withdraw your consent for personal data processing which you have previously given to us at any time. In such case we would not be able to continue personal data processing, based on your consent.

    Right to object:

    In cases in which processing is based on legitimate interest of the company or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller you have the right to object against processing meeting the requirements of Art. 21 GDPR.

    Right to file a complaint:

    Pursuant to Article 77 GDPR, you have the right to lodge a complaint before the competent court or a Data Protection Supervisory Authority, namely Commission for Personal Data Protection, address: 2 bul. Prof. Tzvetan Lazarov, Sofia, 1592, Republic of Bulgaria.

    Date of this Information: July 2020

  • Information in Accordance with Article 13/14 of the General Data Protection Regulation.

    Identity of the controller:

    EOS Matrix EOOD, company ID 131001375,

    Address: 6 Racho Petkov Kazandjiata, Str. Sofia, 1766, Bulgaria

     

    You can contact the Data Protection Officer via the above-mentioned postal address or by e-mail: DPO@eos-matrix.bg.

     

    Additional information about our company, details about the empowered representatives and additional contact options is available on our website: https://bg.eos-solutions.com

    1. Purposes for processing and legal basis:

    Data processing is carried out for the purposes of initiating a contract as well as the fulfilment of the contract in accordance with Art. 6, par. 1 (b) of the GDPR.

    For fulfillment of his legal obligations in accordance with Art. 6, par. 1. (c) of the GDPR (for example for applying anti money-laundering measures and measures against terrorism financing).

    In accordance with Art. 6, par. 1. (f) of the GDPR another purposes for data processing is for:

    • Maintaining contact and correspondence regarding concluded contracts, tenders, negotiations and exercising procedural rights.

     

    • Building and maintain business relationships/partnerships (e.g. by inviting you to our client events, sending you greeting cards and etc.).

    When the controller processes your personal data, you are not subject to automatic decisions, including profiling.

    2. Data categories and data sources:

    We process some or all of the following categories of data:

     Personal master data (name, PIN), address data, communication data and data for working place and employer. The data from these categories was either supplied to us by you, third parties – for example the contracting party or acquired from publicly available data sources (e.g. Commercial Register).

    3. Recipients:

    Regarding the business activities of the controller your personal your data will be processed by employees of the company, who have undertaken confidentiality obligations about the information they have acknowledged in connection to their occupational obligations and which have received such data in connection to their responsibilities in the company, on a need-to-know basis.

    We may disclose your data, if necessary and according the requirements of legislation applicable, to any of the following categories of recipients: competent administrative institutions when provided by law, courts, Ministry of Internal Affairs, State Agency National Security, prosecutor’s office, bailiffs, lawyers, company part of EOS Group, service suppliers, e.g. post office services, banks, companies for receivable management. Disclosing of data to third parties can be done after consideration of the necessity the basis for each case.

    We may provide data to personal data processors in case your data will be processed by data processor according to Art. 28 GDPR.

    Your data will be processed only within the EU. In case in the future it is needed the data to be transferred to third countries or international organizations outside EU, this will be done by following the requirements of GDPR and only if the third country has been confirmed an adequate level of personal data protection by the European committee or if other appropriate level of security is presented (e.g. standard contractual clauses, approved according to GDPR or obligatory company rules).

    4. Duration of storage:

    Your data will be stored for a period no longer than the period necessary for the respective purpose unless the legislation applicable provides a longer or shorter period or the storage is need for the preservation of the legal interests of the controller. Upon expiration of this period your personal data will be deleted from our data bases.

    If the erasure of data is requested, or permission to process the data is revoked, an assessment is performed regarding whether there is a lack of legal basis and what the purposes for storage are. If there is neither a legal basis nor legitimate purpose for storage, the data is erased immediately.

    5. Rights of the data subject:

    In accordance with Art. 15–22 of the GDPR, you have the following rights if the legal requirements are met:

    Right to access

    As per Art. 15 GDPR you have right of access to your personal data processed by the Controller.

    We notify you that if you file a non-written request, we could ask you to provide an additional proof for your identity.

    Right to personal data rectification:

    As per Ar. 16 GDPR you have the right to require rectification of non-correct personal data or supplementation of your personal data storage by us.

    Right to erasure

    As per Art. 17 GDPR you have the right to erasure (right to be forgotten) of personal data which have been processed unlawfully or on expired legal basis (expired period of storage, withdrawn consent, fulfilled purpose for which the data have been collected etc.)

    Right to restriction of processing:

    As per 18 GDPR you have the right to restriction of processing of your personal data in case the accuracy of the data is being disputed or the processing is unlawful, but you do not want erasure, or in case we do not need the data, but you require establishment, exercising or protection of legal claims or you have filed objection against processing as per Art. 21 GDPR.

    Right to data portability:

    As per Art. 20 GDPR you require to receive your personal data, which you have provided to us in a structured, commonly used and machine-readable format or their transfer to another controller.

    Consent withdrawal:

    As per Art. 7, para 3 GDPR you can withdraw your consent for personal data processing which you have previously given to us at any time. In such case we would not be able to continue personal data processing, based on your consent.

    Right to object:

    In cases in which processing is based on legitimate interest of the company or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller you have the right to object against processing meeting the requirements of Art. 21 GDPR.

    Right to file a complaint

    Pursuant to Article 77 GDPR, you have the right to lodge a complaint before the competent court or a Data Protection Supervisory Authority, namely Commission for Personal Data Protection, address: 2 bul. Prof. Tzvetan Lazarov, Sofia, 1592, Republic of Bulgaria.

    Date of this Information: July 2020

  • Information in Accordance with Article 13/14 of the General Data Protection Regulation.

    Identity of the controller:

    EOS Services EOOD, company ID 202965400,

    Address: 6 Racho Petkov Kazandjiata, Str. Sofia, 1766, Bulgaria

     

    You can contact the Data Protection Officer via the above-mentioned postal address or by e-mail: DPO@eos-matrix.bg.

    Additional information about our company, details about the empowered representatives and additional contact options is available on our website: https://bg.eos-solutions.com

    1. Purposes for processing and legal basis:

    Data processing is carried out for the purposes of initiating a contract as well as the fulfilment of the contract in accordance with Art. 6, par. 1 (b) of the GDPR.

    For fulfillment of his legal obligations in accordance with Art. 6, par. 1. (c) of the GDPR (for example for applying anti money-laundering measures and measures against terrorism financing).

    In accordance with Art. 6, par. 1. (f) of the GDPR another purposes for data processing is for:

    • Maintaining contact and correspondence regarding concluded contracts, tenders, negotiations and exercising procedural rights.

     

     

    • Building and maintain business relationships/partnerships (e.g. by inviting you to our client events, sending you greeting cards and etc.).

    When the controller processes your personal data, you are not subject to automatic decisions, including profiling.

    2. Data categories and data sources:

    We process some or all of the following categories of data:

     Personal master data (name, PIN), address data, communication data and data for working place and employer. The data from these categories was either supplied to us by you, third parties – for example the contracting party or acquired from publicly available data sources (e.g. Commercial Register).

    3. Recipients:

    Regarding the business activities of the controller your personal your data will be processed by employees of the company, who have undertaken confidentiality obligations about the information they have acknowledged in connection to their occupational obligations and which have received such data in connection to their responsibilities in the company, on a need-to-know basis.

    We may disclose your data, if necessary and according the requirements of legislation applicable, to any of the following categories of recipients: competent administrative institutions when provided by law, courts, Ministry of Internal Affairs, State Agency National Security, prosecutor’s office, bailiffs, lawyers, company part of EOS Group, service suppliers, e.g. post office services, banks, companies for receivable management. Disclosing of data to third parties can be done after consideration of the necessity the basis for each case.

    We may provide data to personal data processors in case your data will be processed by data processor according to Art. 28 GDPR.

    Your data will be processed only within the EU. In case in the future it is needed the data to be transferred to third countries or international organizations outside EU, this will be done by following the requirements of GDPR and only if the third country has been confirmed an adequate level of personal data protection by the European committee or if other appropriate level of security is presented (e.g. standard contractual clauses, approved according to GDPR or obligatory company rules).

    4. Duration of storage:

    Your data will be stored for a period no longer than the period necessary for the respective purpose unless the legislation applicable provides a longer or shorter period or the storage is need for the preservation of the legal interests of the controller. Upon expiration of this period your personal data will be deleted from our data bases.

    If the erasure of data is requested, or permission to process the data is revoked, an assessment is performed regarding whether there is a lack of legal basis and what the purposes for storage are. If there is neither a legal basis nor legitimate purpose for storage, the data is erased immediately.

    5. Rights of the data subject:

    In accordance with Art. 15–22 of the GDPR, you have the following rights if the legal requirements are met:

    Right to access

    As per Art. 15 GDPR you have right of access to your personal data processed by the Controller.

    We notify you that if you file a non-written request, we could ask you to provide an additional proof for your identity.

    Right to personal data rectification:

    As per Ar. 16 GDPR you have the right to require rectification of non-correct personal data or supplementation of your personal data storage by us.

    Right to erasure

    As per Art. 17 GDPR you have the right to erasure (right to be forgotten) of personal data which have been processed unlawfully or on expired legal basis (expired period of storage, withdrawn consent, fulfilled purpose for which the data have been collected etc.)

    Right to restriction of processing:

    As per 18 GDPR you have the right to restriction of processing of your personal data in case the accuracy of the data is being disputed or the processing is unlawful, but you do not want erasure, or in case we do not need the data, but you require establishment, exercising or protection of legal claims or you have filed objection against processing as per Art. 21 GDPR.

    Right to data portability:

    As per Art. 20 GDPR you require to receive your personal data, which you have provided to us in a structured, commonly used and machine-readable format or their transfer to another controller.

    Consent withdrawal:

    As per Art. 7, para 3 GDPR you can withdraw your consent for personal data processing which you have previously given to us at any time. In such case we would not be able to continue personal data processing, based on your consent.

    Right to object:

    In cases in which processing is based on legitimate interest of the company or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller you have the right to object against processing meeting the requirements of Art. 21 GDPR.

    Right to file a complaint

    Pursuant to Article 77 GDPR, you have the right to lodge a complaint before the competent court or a Data Protection Supervisory Authority, namely Commission for Personal Data Protection, address: 2 bul. Prof. Tzvetan Lazarov, Sofia, 1592, Republic of Bulgaria.

    Date of this Information: July 2020

1. Name and contact data of body responsible for processing (‘data controller’) and company data protection officer

The privacy policy applies to data processing by:

EOS Matrix EOOD / EOS Services EOOD

4–6, Racho Petkov Kazandzhiyata Str. 
Matrix Tower 
Sofia 1766 
Bulgaria 

Tel.: +359 2 9760800 
Fax: +359 2 4899468 

E-mail: infobg@eos-matrix.bg

Managing Directors 
Rayna Mitkova-Todorova 
Tihomir Valchev 

Commercial Register 

10016/2002

The data protection officer for the companies EOS Matrix EOOD / EOS Services EOOD can be contacted at the above address (please include the line ATTENTION: EOS Matrix EOOD / EOS Services EOOD – bg.eos-solutions.com or by email at DPO@eos-matrix.bg.

2. Scope

This privacy policy applies to the collection of personal data on our website and the subsequent processing of these data by us.

This privacy policy further serves towards provision of information pursuant to Articles 13 and 14 of the GDPR for data processing outside the scope of collection via this website. As such we will provide you with separate privacy policies for specific data processing activities on a case-by-case basis.

3. Privacy policies of the other companies of EOS Group

This privacy policy does not apply to data processed by the other companies of EOS Group. This is also the case if these other companies of EOS Group along with their contacts are named on our website and/or their services are shown on our website.

The other companies of EOS Group will provide you with separate privacy policies for specific data processing activities on a case-by-case basis.

4. Collection and storage of personal data and nature and purpose of their processing

a.    When you visit the website

When you retrieve our website bg.eos-solutions.com the browser used on your device automatically sends information to our website’s server. This information is temporarily saved in a log file. The following information is collected without your intervention and saved until it is is automatically deleted after three (3) days:

  • IP address of retrieving computer,
  • date and time of access,
  • name and URL of retrieved file,
  • website from which access occurred (referrer URL),
  • website retrieved from our website,
  • your computer’s browser and possibly operating system as well as name of your access provider.

The aforementioned data are processed by us for the following purposes:

  • to ensure trouble-free connection establishment to the website,
  • to ensure comfortable use of our website,
  • to analyse the system security and stability, and
  • for other administrative purposes.

The legal basis for processing of the data is Art. 6(1) Sent. 1 (f) of the GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about you.

Beyond that we use cookies and analysis services when you visit our website. More detailed information about this can be found in sections 4 and 5 of this privacy policy.

b.  When you contact us by email

You can contact us with questions of any kind via the provided email address(es).

If you do so the personal data transmitted via the email are saved. The legal basis for data processing for the purpose of making contact is Art. 6(1)(f) of the GDPR. If contact is made for the purpose of concluding a contract an additional legal basis for processing is Art. (6)(1)(b) of the GDPR.

We delete the personal data collected by us after processing your enquiry provided we are not legally entitled or obligated to process it further.

5. Passing on of data

We only pass your personal data on to other companies of EOS Group or other third parties (recipients) if:

  • you have provided your explicit consent for one or more specific purposes pursuant to Art. 6(1) Sent. 1 (a) of the GDPR,
  • disclosure pursuant to Art. 6(1) Sent. 1 (f) of the GDPR is necessary for the assertion, exercising or defence of legal claims and there is no reason to assume that you have a primary protection-worthy interest in not having your data disclosed,
  •  for the case that there is a legal obligation for disclosure pursuant to Art. 6(1) Sent. 1 (c) of the GDPR and
  • it is legally permissible and necessary for fulfilment of contractual obligations pursuant to Art. 6(1) Sent. 1 (b) of the GDPR.
  •  we have the data processed on our behalf in compliance with Art. 28 of the GDPR.

Transmission of your personal data for purposes other than those listed above does not occur.

​​​​​​​6. Cookies

Like most websites, we use cookies when you access and browse our website in order to make your visit as comfortable and effective as possible. Cookies are small files that are created by the website and are automatically stored in the browser of your device (laptop, tablet, smartphone, or similar). Cookies do not harm your device and do not contain any viruses, Trojans, or other malicious software. Information yielded in connection with the specific device used is stored in the cookie. However, this does not mean that we directly receive knowledge of your identity through this. 

Use of cookies serves, for one thing, to make use of our offering more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after you leave our website. Likewise, to optimize the user-friendliness, we also use temporary cookies, which are saved on your device for a specific defined period of time. If you visit our website again to use our services, it will automatically be recognized that you already visited us and the entries and settings you made will automatically be recognized so that you do not have to enter them again.

Cookies are divided up into the four categories of “Necessary,” “Statistics,” “Comfort,” and “Marketing.” 
Necessary cookies are required for the operation and the basic functions of our website. They enable the security-relevant functioning of this website. 

Statistical cookies are used for improving our offering and ensuring a needs-based design and the continuous optimization of our website. For this, we collect anonymized data for statistics and analytics, for example, to determine site traffic, page view statistics, user behavior, and to adapt and improve our content and the website experience. 

Comfort cookies are used for facilitating the use of our website. If you visit this website again to use our service, it will automatically be recognized that you were on our website and the entries and settings you made will automatically be recognized so that you do not have to enter them again. For example, through this, you will not have to reenter your user data every time, but rather you can access the data already entered when you visit the website again.

We use marketing cookies so that we can provide you with relevant and interest-based content when you visit our website.

The data processed through necessary cookies are for the stated purposes for safeguarding our legitimate interests pursuant to Article 6 para. 1 sent. 1 lit. f of the GDPR, such as the proper functioning of the site. 
The data collected and processed through comfort, statistical and marketing cookies is done under your given consent, in accordance with Article 6 para. 1 sent. 1 lit. a of the GDPR for the purposes of  serving personalized content, for statistical purposes that aim to improve the user experience and marketing purposes. For these you can change/withdraw your consent, by clicking on the Change Cookies settings on the bottom of the website.

Cookie Management

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a notification message always appears before a new cookie is placed. Each browser differs depending on how it manages cookie settings. This is described in the Help menu of each browser, which explains how to change your cookie settings. Follow the links below depending on the browser you are using:

Complete deactivation of cookies, however, may lead to you not being able to use all of the features of our website.

We use the following cookies:

necessary

Name Java Session Cookie
Provider Owner of this website
Purpose This cookie is used by the application server. It is essential for proper
working of the application software. It stores no personal data. 
Cookie Name jsessionid
Cookie Duration Session cookie - deleted after you quit your browser.

 

Name cookieconsent_status
Provider Owner of this website
Purpose Necessary cookie to save that the cookie banner was confirmed.
Cookie Name cookieconsent_status
Cookie Duration 30 days

comfort

Name VISITOR
Provider Owner of this website
Purpose We use this cookie to serve personalized content. 
Cookie Name VISITOR
Cookie Duration Session cookie - deleted after you quit your browser.

 

Name NEW_Visitor
Provider Owner of this website
Purpose We use this cookie to serve personalized content.
Cookie Name new_visitor
Cookie Duration 1 day

statistical

Name nmstat
Provider Siteimprove GmbH
Purpose This cookie is used to help record the visitor’s use of the website.
It is used to collect statistics about site usage such as when the visitor last visited the site.
This information is then used to improve the user experience on the website.
This Siteimprove Analytics cookie contains a randomly generated ID used to recognize the browser when a visitor reads a page. The cookie contains no personal information and is used only for web analytics.
Cookie Name nmstat
Cookie Duration Persistent – expires after 400 days

marketing

Name siteimproveses
Provider Siteimprove GmbH
Purpose This cookie is used purely to track the sequence of pages a visitor looks at during a visit to the site.
This information can be used to create User Journeys and enable visitors to find relevant information more quickly.
Cookie Name siteimproveses
Cookie Duration Session cookie - deleted after you quit your browser.

7. Analysis tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6(1) Sent. 1 (f) of the GDPR. We use these tracking measures to ensure that our website is designed according to requirements and optimised on an ongoing basis. We also use the tracking measures to collect statistics on the use of our website and analyse them for the purpose of optimising our offering for you. These interests are to be considered as being legitimate in the sense given in the aforementioned regulation.

The respective purposes for data processing and data categories can be found in the corresponding tracking tools in this section.

7. Siteimprove Analytics

Usage of Siteimprove Analytics

This website uses Siteimprove Analytics, a web analytics service provided by Siteimprove. Siteimprove Analytics uses „cookies“, which are text files placed on your computer, to help
EOS Matrix EOOD / EOS Services EOOD analyse how visitors use the site. The information generated by the cookies about the visitors’ use of the website will be stored and processed by Siteimprove on servers in Denmark.

IP addresses are anonymized irreversibly before data is made available in the Siteimprove Analytics or Intelligence Suite for EOS.

8. Social media and YouTube Videos

a) Social Share

We use  buttons from social networks Facebook, Twitter, Google+, LinkedIn, an  on our website. The buttons are simple HTML links. The procedure we use is within the framework of the Shariff solution. With the Shariff solution a script retrieves the number of times, e.g., the share button on a page has been clicked on: for this the script contacts the social network via the programming interfaces and retrieves the numbers. None of your personal data are transmitted in the process. Rather than your IP address, only our server address is transmitted to Facebook, Google and Twitter. You only become directly connected to Facebook, Google or Twitter if you perform an action. Before that the social networks cannot collect any data about you. As long as you do not click on a link to share content, you remain invisible to the networks. If you click on a link, the obligation to provide information about data collection and processing no longer rests with us, but rather with the operator of the social network.

b) YouTube Videos

Our website contains links to videos from YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. If you visit a website on our website that contains such a video, a direct connection is established between your browser and the YouTube server after you have activated the video. 

YouTube receives the information that you have visited our website with your IP address. If you click on the link to the video, your IP address will be forwarded to YouTube. We would like to point out that, as the provider of our website, we have no knowledge of the content of the transmitted data or of its use by YouTube. For more information, please see YouTube's privacy policy (https://www.youtube.com/)

​​​​​​​9. Data subject rights

You have the right:

pursuant to Art. 15 of the GDPR to request information about your personal data processed by us, in particular about the purposes for processing, the personal data category, the categories of the recipients to whom your data have been or will be disclosed, the planned retention duration, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if they were not collected by us and the existence of automated decision-making including profiling and if applicable meaningful information about their details;
 

  • pursuant to Art. 16 of the GDPR to demand the immediate rectification of incorrect or completion of the personal data saved by us about you;
     
  • pursuant to Art. 17 of the GDPR to demand the erasure of the personal data saved by us about you as long as processing is not necessary for exercising of the right to freedom of expression and information, for fulfilment of a legal obligation, for reasons of public interest or for assertion, exercising or defence of legal claims;
     
  • pursuant to Art. 18 of the GDPR to demand the restriction of processing of your personal data as long as the accuracy of the data is questioned by you and processing is unlawful, but you reject their erasure and we no longer need the data, but you require them for assertion, exercising or defence of legal claims or you have filed an objection to the processing in accordance with Art. 21 of the GDPR;
     
  • pursuant to Art. 20 of the GDPR to demand receipt in a structured, standard and machine-readable format of your personal data which you provided to us or transmission to another responsible party;
     
  • pursuant to Art. 7(3) of the GDPR to withdraw the consent you previously granted us at any time. This has the consequence that we may not continue the data processing upon which this consent was based in the future and
     
  • pursuant to Art. 77 of the GDPR to file a complaint with a supervisory authority. Usually you can contact the supervisory authority in your usual place of residence or workplace or our headquarters.

10. Right to object

If your personal data are processed on the basis of legitimate interests in accordance with Art. 6(1) Sent. 1 (f) of the GDPR you have the right pursuant to Art. 21 of the GDPR to object to the processing of your personal data as long as there are reasons arising from your particular situation for this or the objection is directed to direct advertising. In the latter case you have a general objection right which will be implemented by us without statement of any particular situation.

If you would like to make use of your right to withdraw or reject you only need to send an email to: DPO@eos-matrix.bg.

​​​​​​​11. Data security

Within the website visit we use the widespread SSL (secure socket layer) method in conjunction with the highest level of encryption supported by your browser. In general this is 256-bit encryption. If your browser does not support 256-bit encryption, we fall back on 128-bit v3 technology instead. You can recognise that an individual webpage in our internet presence is being transmitted in encrypted form by the closed key or padlock icon in the bottom status bar of your browser.

We also take suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are being improved continuously according to technological developments.

​​​​​​​12. Up-to-dateness and amendment of this privacy policy

This privacy policy is currently valid and was last updated in May 2018.

It may be necessary to change this privacy policy due to improvements in our website and the offerings via our website or due to changed legal or official requirements. The current privacy policy can be retrieved from our website at https://bg.eos-solutions.com and printed out at any time.

Cookie Settings

We use cookies on our website to enable you to have the best possible website visit. These include cookies that are necessary for the operation of the website, those that are only used for anonymous statistical purposes, cookies that are used for comfort settings and cookies that are used to provide you with personalized, interest-based content. You can decide yourself whether you want to allow the use of statistics, comfort, and marketing cookies. In addition, you can change/withdraw your consent at any time by clicking on the Change Cookies settings on the bottom of the website. Further information can be found in our Privacy Policy.

Necessary

We use necessary cookies. These cookies are necessary for the operation and the basic functions of the website. In particular, they enable the security-relevant functioning of our website.
You can read about which cookies we use here.

Comfort

If you allow comfort cookies, we can make use of our site easier for you. If you visit our website again to use our services, it will automatically be recognized that you already visited us and the entries and settings you made will automatically be recognized so that you do not have to enter them again. For example, through this, you will not have to reenter your user data every time, but rather you can access the data already entered when you visit the website again.
You can read about which cookies we use here

Statistics

We use statistical cookies to improve our offering and ensure a needs-based design and the continuous optimization of our website. 
For this, we collect anonymized data for statistics and analytics, for example, to determine site traffic and user behavior and to adapt and improve our content and the website experience. 
You can read about which cookies we use here

Marketing

We use marketing cookies so that we can provide you with relevant and interest-based content when you visit our website.  
You can read about which cookies we use here.