PERSONAL DATA PROTECTION POLICY
What is personal data?
Any information that identifies a person, company or other organization. For example: name, PIN, COMPANY ID number, address, ID card number and many others.
Goals
www.fancup.bg collects and uses the information for the purposes of:
- Normal functioning of our sites
This data is strictly necessary for the normal operation of our sites and mobile applications. Through them we can verify your identity as logged in users, show you better content, load the site faster, protect sites and you from intrusion.
Such data are, for example, the data from your session – information whether you are logged in, cached content and others.
This includes the data related to your identification in connection with the registration for the use of our service.
- To save and access information
This goal is ancillary to the fulfillment of other goals – through the use of various technical mechanisms, fancup.bg will be able to fulfill any of the other described goals.
Includes storing and accessing information stored on your device, e.g. device identifiers, user identifiers, ad identifiers, cookies and other technologies.
This goal is important and helpful – by using the technical mechanisms described in it, we will be able to fulfill any of the other goals described.
- For planning, reporting and statistics purposes
For the purposes of planning, reporting and statistics, means any operation for the collection and processing of personal data necessary for statistical surveys or for the production of statistical results, as well as for the preparation, implementation and verification of plans and their results.
- For Registration of the qualification teams in the FANCUP tournament
Rights of the users
Every user of the site uses all rights to protect personal data in accordance with Bulgarian law and the law of Europe. Every user has the right to:
- Getting information (in connection with the processing of my personal data by the administrator);
- Access to personal data;
- Copying (if the data is inaccurate);
- Deletion of personal data (right to be “forgotten”);
- Restrictions on the processing by the administrator or the processor of personal data;
- Privacy of personal data between individual administrators;
- Consideration of the processing of his personal data;
- The right to protection by court or administrative court, in case the rights of the data subject have been violated.
The user may request a deleting if one of the following conditions is available:
- Personal data is no longer necessary for the purposes for which it was collected or processed in any other way;
- The user withdraws his agreement, which is based on the processing of the data and there is no other legal basis for the processing;
- The data user has objections to the processing and there are no legal grounds for the processing to have an advantage;
- Personal data has been processed illegally;
- Personal data must be deleted for the purpose of complying with a legal obligation under the right of the Union or the right of a Member State, which is the case;
- Personal data has been collected in connection with the provision of services to the children’s information society and the data provided by the current parent.
The user has the right to restrict the processing of his personal data by the administrator, when:
- Request the accuracy of personal data. In this case, the restriction on processing is for the person who allows the administrator to trust;
- The processing is unlawful, but the User does not want the personal data to be deleted, and instead requires this restriction on use;
- The administrator does not need more than personal data for the purposes of the processing, but the user requires them for the establishment, implementation or protection of the legal claims;
- Observes that it is pending whether the legal basis of the administrator has precedence over the interests of the Government.
Please note:
The data subject has the right to receive the personal data which affect him and which he has submitted to the administrator, encrypted, widely used and suitable for machine-readable format and he has the right to transfer this data to another administrator without interference from the administrator, to whom the personal data is provided, when the processing is based on a contract or on a contractual obligation and the processing is carried out. When exercising the right to data transmission, the data subject has the right to receive and transfer personal data from a single administrator.
Right of objection:
Users have the right to object to the processing of their personal data before the administrator. The administrator of personal data is obliged to stop the processing, unless he does not prove that there are any legal provisions for the treatment, which have an advantage over the interests, rights and freedoms of the data site, or the establishment, exercise or protection of legal entities. In case of objection to the processing of personal data for the purposes of direct marketing, the processing should be carried out without delay.
Complaint to the supervisory body:
Every User has the right to lodge a complaint against the unlawful processing of my personal data with the Commission for the Protection of Personal Data or Data.
Obligations of the Personal Data Administrator:
The controller of personal data has the following obligations:
- Processing of the data in accordance with the principles for protection of personal data contained in the document, which is in a position to prove this;
- Provides data protection at the design and subscription stage;
- Notifies the supervisory authority and the data subject in the event of a violation of the security of personal data, as well as the documentation of any data, including the facts related to the writing, the consequences thereof, the actions taken to deal with the writing;
- Assess the impact on data protection;
- Applies appropriate technical and organizational measures to ensure data security, such as:
– Pseudonymization;
– Encryption;
– Guarantee of constant confidentiality, integrity, availability and resilience of systems and services for processing;
– Timely recovery of the availability and access to personal data in case of a physical or technical incident;
– Regular testing and evaluation of the effectiveness of technical and organizational measures;
– Cooperation with the supervisory authority for the protection of personal data in the performance of the obligations arising from the parliament.
- Prepares and applies internal procedures for receiving, reviewing and responding in a one-month period to the requirements of the consumer’s needs.
Maintenance of the register
www.fancup.bg supports the register of processing activities, for which is responsible. This directory contains all of the following information:
- the name and contact details of the administrator;
- the purpose of the treatment;
- description of the categories of data subjects and of the categories of personal data;
- the categories of recipients before whom the personal data, including the recipients in third countries or international organizations, will be collected;
- Whenever possible, the intended time for deleting different categories of data;
- if possible, a general description of the technical and organizational measures for safety,
Regulatory authorities
The authorities that regulate the activities of mydepot.bg are the Commission for Consumer Protection / KZΠ / and the Commission for Personal Data Protection (KZLD), as well as the following:
CCP:
Website: https://kzp.bg/kontakti
tel: 0700 111 22
email: info@kzp.bg
Adress: гp. Sofia, Slaveykov Square, A4A, fl. 3, 4 and 6
CPDP:
Website: https://www.cpdp.bg/
tel: 02 / 91-53-518
email: kzld@cpdp.bg
Address: Sofia 1592, bldg. „Πpof. Tsvetan Lazapov ”№ 2