Personal Data Policy

About the protection of personal data processed at Meral Bulgaria AD

Dear Customers, we would like to assure you that our company is committed to storing and protecting form unauthorized access the personal data you provide to us in relation to the service performed by us. The company has developed and adopted a thorough policy for personal data protection pursuant to the requirements of the General Data Protection Regulation, the Personal Data Protection Act (PDPA) and ORDINANCE No. 1 of 30 January 2013 on the minimum level of technical and organizational measures and the admissible type of personal data protection.

What is personal data?

The term “personal data” refers to information about a specific person enabling their identification or establishing contact with them. It includes said person’s name and surname, e-mail, address for contact, telephone number, personal ID No., Foreigner’s personal ID No.

When does Meral Bulgaria AD collect personal data?

We collect personal data only if you provide it for us voluntarily. It is necessary to us in order to be able to perform the service requested by you.

How does Meral Bulgaria AD use the personal data?

Meral Bulgaria AD uses the personal data for:

  1. Performing the desired service

  2. Notifying you in the event of any problems occurred

  3. Answering to your enquiries or complaints in relation to an offer selected by you.

Meral Bulgaria AD renders personal data to third parties only when:

  1. that is required pursuant to a legally permitted request by a government authority.

  2. the company has obtained the relevant user’s explicit consent to that effect.

  3. that is necessary to perform the requested service.

How does Meral Bulgaria AD protect the personal data?

Meral Bulgaria AD uses secure means to protect the personal data it collects, stores and uses. We have established technological and organizational procedures in order to ensure the integrity, security and appropriate usage of your personal data. These procedures are suitable for the nature and form of the personal data we collect, store and use.

The personal data is deleted or corrected whenever it is found that it is inaccurate or not in compliance with the purposes it is processed for;

The personal data is maintained in a form enabling identification of the relevant natural persons for a period not longer than the period necessary for the purposes in relation to which such data is processed.

All remises in which personal data is stored and collected are with access control with the possible technical devices for access control.

The company premises are reliably secured with fire protection measures pursuant to Bulgarian legislation.

The company implements procedures for the processing of personal data, for regulating the access to such data, a procedure for destruction and deadlines for storage.

The multiplication and dissemination of documents or files containing personal data is performed solely by authorized employees only when necessitated.

Prior to occupying the relevant position, the persons performing protection and processing of the personal data:

  • undertake not to disclose the personal data they have access to;

  • get acquainted with the statutory basis, the internal rules and policies of the company regarding the personal data protection;

  • undergo training for reaction in case of events threatening the data security;

  • are instructed in relation to the hazards for the personal data processed by the company;

  • are obligated not to disclose critical information between themselves or with external parties except within the procedures established by virtue of these rules.

When starting work, all employees undergo training for reaction in case of events threatening the data security, as well as training in relation to the obligations of the company related to the processing of personal data and the data protection measures to be undertaken in the course of work. Periodically, subsequent training sessions of the staff take place in order to ensure knowledge of the statutory basis, the potential risks for the data security and the measures to minimize them. Only persons whose job duties or a specifically assigned task requires access to the operating system containing files with personal data have such access. Access takes place by means of a password.

The electronic databases are protected by logical protection devices such as an anti-virus program, which is automatically updated, firewalls, etc.

Backing-up of the personal data on a technical device is periodically performed with a view to storage of the information.

The protection of electronic data from unauthorized access, damage, loss or destruction performed intentionally by any person or in case of technical malfunctions, faults, accidents, disasters, etc., is ensured by means of:

  • introduction of passwords for the computers through which access to the personal data and the files containing personal data is granted;

  • antivirus programs, checking for illegally installed software;

  • periodic inspections of the database integrity and updating the system information, maintenance of the data access system;

  • periodic backing-up of the data on the technical devices, keeping the information on a hard copy (backup copies).

How can I see or correct my personal data?

In the event of changes occurred in your personal data or in case of unwillingness on your behalf to use our services, we provide you with a manner to correct, supplement or delete your personal data by which you can be identified, by contacting us at the e-mail specified in the Contacts section.

How can I contact Meral Bulgaria AD regarding the policy on personal data protection?

In case of questions related to the personal data protection policy, please do not hesitate to contact us. You will find the necessary information on the Contacts page.

Powered by