EU Regulation 2016/679
From the 25th of May 2018 for every citizen of the European Union, a new regulation for the protection of private data enters into power – EU 2016/679.
The current policy of Hydraulic Elements and Systems JSC for Personal Data Protection describes how we store, process and protect your personal information you provide to us in connection with the use of our services.
If you have any questions or comments on the current policy, on the page Contacts you can find information about how to contact us or you could directly get in touch with us through the contact form.
Please take a closer look at this Policy before using our services.
It is important to know that if:
• You do not agree with the way described in our Policy about how we treat your personal data, you should not provide us with it. Providing your Personal Data is voluntary regarding the usage of our services or connecting with them. Your eventual refusal of providing us with the required Personal Data for the usage of the services at our platform will mean that you refuse to use the above mentioned services and functionality.
• In certain cases your specific agreement for treating your Personal Data could not be required, if another legal basis is available, for example: compliance with the legal obligations of the Administrator; need for contract execution, etc.
• The authority regulator observing the protection of Personal Data is: The commission for personal data protection.
ORGANIZATION or ADMINISTRATOR: Hydraulic Elements and Systems PLC, UID 838168266, based in and HQ address: Yambol, Bulgaria, 1 Pirin Str.
PERSONAL DATA: Every information regarding the physical person which is identified or could be identified directly or indirectly through a personal identification number or through one or more indications.
PERSONAL DATA PROCESSING: This action or combination of actions which could be brought in regarding the Personal Data with automatic or other means like collecting, saving, organizing, adapting or changing, recovery, consultation, use, disclosure or transmission, dissemination, updating or combining, blocking, deleting or destroying data.
SUBJECT OF PERSONAL DATA: Every physical person whose Personal Data are being treated.
PLATFORM: Software or software modules working together, owned by the Organization, who treat the website www.hes.bg. The platform includes modules for:
II. PERSONAL DATA
1. Types of Personal Data Subjects, Categories of treated data, Targets of processing, Shelf life
Based on the way that the users who use our Platform and the services provided by it, they are divided in several divisions stated below. Based on them, the subjects’ data is treated in different registers for Personal Data, as with each of them the processing could include different categories of data, targets and purposes, shelf life, protection methods etc.
The same person could be simultaneously in both divisions. For example each user-client is also just a visitor.
• Visitor is each person who visits through a browser software the page that is part of the Platform, or visits different sections and pages (not depending if he entered the address in the browser or he was forwarded by another website or resource).
• Categories of data which could be treated : Online identifiers, stored in local cookies in the users’ device/browser; Location data, provided by the user; Country/city/town data, based on the IP address of the users’ device, inseparable part of the data received by each web site; Data about the users’ action in the Platform; Subjects’ preferences about specific aspects or settings for the functionality of the Platform; Information about the used browser/device.
• Targets for the processing : Assuring the main and auxiliary functions, required for the correct and full functioning of the Platform; Counting the visits of the Platform; Assuring the required conditions for providing services to marketing platforms.
• Shelf life: Until the expiration of each cookie (up to 1 year from the moment of its creation), carrier of the relevant information or deletion by the user in whose device / browser it is stored.
• Legal notion for the processing: Agreement with the cookies Policy.
3. E-mail subscriber
• E-mail subscriber is each User, who made a subscription for the Platforms’ automatic e-mail newsletter, for receiving e-mails, containing marketing promotions etc. The automatic e-mail newsletter is being sent directly by the Administrator, without usage of outside broker services .
• Categories of data, which could be treated: Names, E-mail address, Location data, phone number, subscriptions (e-mail newsletters), for which the users subscribe – for receiving an e-mail from a different kind of information from the Platform, marketing offerings etc.
• Shelf life: Up to 6 month after the subscription cancelation from the user or the Administrator.
• Legal notice for the processing: Agreement for inclusion into the list of recipients (subscription for e-mail newsletter).
• User-buyer is each User, who through the Platforms technical means agrees (or claims to agree) to the Purchase-Sale Agreement with a Vendor-Seller for the purpose of purchasing from a distance a service/item on the Platform (or a similar action).
• > Categories of data, which could be treated : Names. Address, Phone number, E-mail address, IP address, Information about made purchases, Information about actions performed by the user in the Platform.
• Targets of the treatment: Providing the opportunity to make purchases through the Platform, by agreeing to a contract from distance with Vendor-Sellers; Providing the said Vendor-Sellers data for the purchases and the buyers, required to execute the signed contracts and delivering the bought services.
• Shelf life: 2 years after the last made purchase by the user-buyer.
• Legal notice for the treatment: Execution of a contract with the vendor-seller, agreed upon through the Platform.
IV. Your rights
If we process your Personal data, you have the following rights, which you can express by sending a letter to the address of the Organization stated above, or by email: email@example.com, or through the page Contacts:
• Right of access to your Personal Data : You have the right to receive a confirmation from us if we process your Data and if this is the case, you have a right to access your Personal Data and Information.
• Rights for correcting the Persona Data: If you find that the Personal Data which we process for you is incorrect, you have the right to require that we correct this Personal Data.
• Rights for deletion of Personal Data (right to be forgotten): Under different circumstances like, for example, if your personal data has been processed unlawfully or you no longer agree with the policy (if the processing is based on agreement) and there isn’t a notion for the continuation of the processing, you have the right to require that we delete your personal data.
• Rights of process limitation : Under certain circumstances, for example, if you have doubts about the correctness of your Person data or you have you have objected to our legitimate purpose of processing your personal data, you may request that we limit the processing of your personal data until a solution is found.
• Right to object against processing : Under certain circumstances, such as if you have doubts in our legitimate interest in processing your personal data, you have the right to object, for reasons of your specific situation, to such processing.
• Right to data portability: If your personal data is processed by automatic means with your consent or in order to fulfill our contractual relations, you may request that we provide you with your personal data in a machine readable format for transferring to another data controller.
• Right to lodge a complaint with a controlling authority: You have the right to complain about the processing of your personal data by us to the relevant control body – Commission for Personal Data Protection, or to the court.
IN ALL THESE CASE YOU MAY MAKE THESE RIGHTS AS YOU COMPLETE THE CONTACT US FORM
V. Provision of Personal Data to third parties
The Organization does not provide data to third parties, except in the following cases:
a The provision described in the previous article, which is necessary for the purpose of concluding a contract between a User-Buyer and a Vendor-Seller
b. If we have a legal obligation to disclose or share data;
c. If we have received consent from the relevant Data subject;
е. If a user-buyer has made a payment and subsequently this payment is being investigated by a bank or payment institution or by a legal authority due to suspicion of a fraudulent or unrecognized payment or an investigation of misuse, the Administrator may provide the User-buyers’ data to the relevant bank or payment institution or legal authority.
VI. Data protection
For our part, we have taken the necessary technical and organizational measures to ensure the protection of your Personal Data against unauthorized access or disclosure, accidental or unlawful destruction or modification.
Information in electronic form is stored in protected data centers within the territory of the European Union. Data transfer between servers and the client / browser is encrypted via HTTPS.
When the Company stores IP addresses of data subjects, this is done in order to provide adequate assistance to users in different circumstances (for example, inappropriate purchases, purchase status reports, etc.). IP addresses are stored for up to 1 year (this period is consistent with the behavior of part of the platform's audience in terms of purchase frequency and other actions). IP addresses are not available to third parties under any circumstances other than the exceptions described.
EXPLANATION OF CERTAIN PROCESSES AND TECHNICAL STEPS
The website uses the following cookies:
__cfduid – key for the online website chat
__zlcmid – key for the online website chat
wplc_chat_status – key for the online website chat
_gat – analytic key for google analytics
_gid – analytic key for google analytics
_ga analytic key for google analytics
fr – key from facebook likebox.
laravel_session – contains only a reference to a session stored on the web server. The user's browser does not store information and this cookie can only be used in the current session.
1. Any possible future changes to this Policy will be posted on this page.