General Data Protection Regulation (GDPR)

We from www.milenamaat.com (“Administrator”, “We”) we appreciate the importance of your privacy. The following Privacy Policy (“Policy”) contains information about the ways we use your personal information.

Personal data is any kind of information that is related to an identified person or person who can be identifiable.

Please read carefully the following Policy, it will allow you to understand how we collect, use, protect and process your personal data in accordance with applicable law, including the the General Data Protection Regulation (Regulation No. 2016/679 of the European Parliament and of the Council) (“GDPR“)

 

 

 How do we use your personal data?

We can collect personal data from You when you:

  • access or register in our website
  • do a purchase or send order
  • are subscribing for a marketing newsletter
  • answer on survey or marketing questions
  • interact with the services and functionality of our website

In the table below, we have showed the categories of the personal data we collect, for what purpose we collect them and what is the application law that allow use to process and store the data. And the time we are going to keep them.

 

Purpose Personal data Law Expiration time
Creating of user account.

·       Name and family

·       Email address

·       Physical Address

·       Mobile phone

Performing a contractual obligation, we have to you. Our legitimate interests. The Personal Data, that are needed for creation of your account will be kept until you  require their deletion.

Supplementing the user profile with optional data

 

·       Picture(Avatar );

·       Gender;

·       Data of Birth

Consent

The optional data you provide voluntarily will be stored until you request your account to be deleted,or until you remove them manually from your account.

 

Providing our services, including maintaining your profile and processing your orders and payments

 

·       Name and Family

·       Email address

·       Physical Address

·       Phone

·       Payment data

 

Performing a contractual obligation, we have to you. Our legitimate interests.

No longer than is necessary to achieve the purposes for which the data are collected.Transaction data can be stored for up to three years.

 

Customize your user experience, provide content, suggestions and offers from which you would be interested, and improve the quality of our services

 

·       Name and Family

·       Email address

·       IP address;

·       Geo Location;

·       Traffic data;

·       Cookies data.

Our legitimate interests.

No longer than is necessary to achieve the purposes for which the data are collected.Traffic data is stored for 6 months.Cookie data is stored for the duration of the cookie type.

 

To respond to your inquiries and alerts.

 

·       Name and Family

·       Email address

·       Phone

 

Performing a contractual obligation, we have to you. Our legitimate interests.

No longer than is necessary to achieve the purposes for which the data are collected.

 

To send you periodic notifications regarding your orders as well as about other products and services offered by Us and our partners.

 

·       Name and Family

·       Email address

·

Consent

 

The personal data required to send a communication will be processed until you withdraw your consent to receive such communication.

 

 

We will use your personal data only for the purposes for which it was originally collected unless we have a valid reason to use it for any other purpose that is compatible with the original one.

If we would like to use your data for another purpose that does not have a common purpose, we will contact you explicitly and let you know the legal basis that allows us to do so.  When we have to collect and process personal data in fulfillment of our legal obligation or contractual obligation we have with you, but you do not provide the requested data we may be prevented from providing our services to you. In such  case, we may have to stop providing  a particular service to you, for which you will be expressly informed. Also, we may be required to keep certain categories of personal data for a period specified by law.

 

How do we protect your personal information?

 

We are concerned about the protection of your personal data. To that end, we apply a variety of technical and organizational measures to protect your personal data against unauthorized access, processing, unforeseen loss, destruction, or damage.

Your personal data is stored on secure servers and is only available to a very limited number of individuals who have an explicit right of access to our systems and are bound by a duty of confidentiality. Additionally, your data is encrypted using special SSL technology, and some of your data can be nicknamed.

 

Where do we store and process your personal data?

We store your personal data in the European Economic Area (EEA). In cases where we transfer personal data to a non-EEA third party we require their full compliance with the General Data Protection Regulation (Regulation No. 2016/679 of the European Parliament and of the Council) (“GDPR“) In cases where we transfer personal data to a non-EEA third party that has not provided an adequate level of data protection, we will apply the necessary safeguards and security measures.

 

Do we use cookies?

Yes , we use cookies.  Cookies are small-sized files that a site or service provider stores in your device’s memory using the browser you are using

(if that is allowed by you). They allow the site or service provider to recognize your browser and save certain information. You can get more information about the types of cookies we use in the table below:

Cookies types Purpose
Functional cookies We use functional cookies to track and save certain actions you perform within our website. We use these cookies to collect visitor traffic data and your interaction with the website to provide a better user experience and more customized functionality in the future. We may use secure third-party service providers to follow this information on our behalf.

Analytical cookies

 

These cookies allow us to analyze your preferences based on your current or current website behavior in order to improve our services.

 

Third Party Cookies

 

Part of the content on the website may be from a third-party vendor (e.g., a video content or an ad). These third parties may also set cookies through the Website. These are third-party cookies. Third-party vendors are responsible for complying with applicable law and their own cookie policy.We may allow third parties, such as advertisers or analysts, to collect information using these technologies directly from our Website. The data they collect is subject to the applicable third-party privacy policy.

Our website uses Google Analytics marketing services, specifically the remarketing service. This service consists in redirecting ads and ads to users who have already visited the Website.

You can opt out of Google Analytics for Display and your exposure to ads and ads from the Google Display Network. For the purpose of it you should access Ads Preferences Manager (https://www.google.com/settings/ads/onweb/) and to install  Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout/).

The website uses remarketing for the purposes of online advertising, meaning that users who have not denied access to the Google Display Network in the above ways may be exposed to advertisements and ads from the Google Content Network Website. Third parties such as Google or Facebook may display ads and ads on the Website on sites in their content network (such as Google Analytics and DoubleClick cookies), which helps optimize ads based on information received from previous user visits to the Website .

 

You always have the ability to opt out of cookies by changing your browser options. To block cookies in a specific browser, learn more here:

Your personal data will not be transferred to third parties unless:

    –  You provide us with your explicit, informed and freely given consent;

    –  The third parties in question provide us support under a contract to provide our products or services;

    –  This is required by law or by virtue of a governmental act of a public body;

    –  There is a justified need to protect the rights, property or security of users of the Website or other public interest;

    –  This is required in connection with the sale of a business, our company or its assets that are subject to confidentiality.

Our employees and partners have access to your personal data for the purposes of maintaining the Website and the Services, but they are bound by the obligation of confidentiality regarding the data they have access to in connection with this activity.

Our employees and partners are properly informed about the importance of their obligation of confidentiality and are responsible for the fulfillment of this obligation.

We may share data that does not personally identify you with our trading partners (media, marketing agencies, and other business partners who have agreed to comply with this Policy) to provide your consent to product and service information as well as promotions and offers.

For any other purpose not expressly mentioned in this Policy, we will request your explicit consent by identifying our partners as well as the purposes for data transfer and sharing.

By virtue of a judgment or governmental act of a public authority, we may be required to disclose the identity of a User, especially in the case of investigating violations of third party rights or unauthorized acquisition of personal data. In the case of disclosure of a user’s personal data to a public authority in connection with an investigation or proceedings against him, we are not obliged to notify the user in question.

 

Links to third party websites

This Policy is applicable and only applicable to users of the services available through our website. This Policy does not apply to other websites, social networks, platforms or companies that we do not control but to which our website directly or indirectly links. You should be informed that all such websites, social networks, platforms or companies have their own privacy policy and that we are not responsible for them. You should familiarize yourself with the privacy policy of other websites, social networks, platforms or companies before submitting personal data to them.

 

Minimum age 

 

We do not collect and process personal data to persons under the age of 16 without the express written consent of their parents or their legal representatives. We will delete any information sent by or referring to users who are known to be under the age of 16 and have not obtained the consent of their parents or legal representatives to use the website, services and content.

 

Your Rights

By virtue of the applicable law, you have the legally recognized right without you owing anything at any time to object to the processing of your personal data by sending an explicit request via the contact form or to the following email address: [email protected]

You have the right to access the personal data we hold about you in a structured, widely used and machine-readable format by sending an explicit request through the contact form or at the following email address: [email protected]

You have the right to request the transfer of your personal data to another administrator by sending an explicit request via the contact form or to the following email address: [email protected]

In the event that some of the information we store you is incorrect or inaccurate, you may correct it by modifying the information contained in your account by sending an explicit request via the contact form or at the following email address: [email protected]

You have the right to request a deletion of your profile by sending an explicit request via the contact form or to the following email address: [email protected]

You also have the right to request limitation of the processing of your personal data to actions of collection, processing and sharing by sending an explicit request via the contact form or to the following email address: [email protected]

You have the right to require third parties who have access to your data to be informed about the restrictions, deletion or rejection of processing your data in order to remove from these third parties all links, copies or replicas of your personal data.

For personal data protection issues, the local supervisor shall be:                     

Commission for Personal Data Protection, address: Sofia , 1592, bul. “Tsvetan Lazarov” 2, Phone. +359 2 915 3580 Fax +359 2 915 3525, e-mail: [email protected], website: http://www.cpdp.bg/.

 

Questions?

 

In case you have any questions, signals or requests regarding your personal data stored by Us, do not hesitate to contact us at an email address: [email protected]

The Administrator of personal data

The Administrator of the personal data is: „Mahatma” Ltd, company registered according to the law of Republic of Bulgaria, with BULSTAT Unified Identification Code (UIC) … ,

 

It is possible to make periodic changes to this policy. You can find the latest current version of the policy in our website, HERE.

This Privacy Policy was last modified on 01/04/2019.