Mindromeda

Privacy Policy

1. PREAMBLE

1.1. MINDROMEDA Ltd., entered in the Commercial Register at the Registry Agency with UIC 206452021, with seat and registered address: 3 Okolovrasten put Blv., Manastirski livadi, Vitosha District, city of Sofia, 1618, Bulgaria, hereinafter referred to as the Company / We, is the administrator of personal data and is responsible for compliance with the provisions of the General Data Protection Regulation 2016/679 (GDPR).

1.2. This Privacy Policy aims to inform the Users of the Mindromeda.com (the platform) what personal data the Company processes and for what purposes, to whom it provides them, what are the rights of the Users in relation to their processed personal data and how they can exercise them.

2. CATEGORIES OF PERSONS WHOSE PERSONAL DATA ARE PROCESSED THROUGH THE PLATFORM AND INTERNET PROFILES IN THE COMPANY'S SOCIAL NETWORKS

2.1. In connection with the management and maintenance of the platform and the commercial activity carried out through it, as well as with the provision of information resources in the corporate profiles/pages in social networks and with the implementation of communication with anyone who comes into contact with the Company, we may process personal data of the following categories of individuals:

Visitors;
Clients;
Specialists;
Individuals sending inquiries, requests and signals to us or carrying out other correspondence with us, regardless of the communication channel used;
Third parties, information about which is contained in an inquiry, request, signal or other correspondence addressed to us regardless of the communication channel used;
Individuals interacting with our corporate social media profiles/pages.

3. PERSONAL DATA AND CATEGORIES OF PERSONAL DATA PROCESSED ON THE PLATFORM

Data automatically collected or generated in connection with the use of the platform
3.1. Each time you visit the platform, we receive information in the form of an information protocol, which may have the following content:
Website that referred you to us;

IP address;
Date and duration of access;
Information about the browser and operating system you use;
Geo location;
Logs into the platform.

Necessary data for the creation and maintenance of a profile for the use of the platform's functionalities
3.2. Personal data of clients that are processed for the purposes of creating and using a profile, including of employers, their representatives and employees:

First name and last name;
E-mail address;
Company’s name;
Password (encrypted);
Username;
Position;
Scheduled meetings and history of held meetings with specialists;
Balance of payment points on the platform, as well as payment history.

3.3. Any visitor who has a Google account can use this account to create an automatic registration on the platform by extracting the necessary data.

3.4. Processed personal data of specialists, for the purposes of creating and managing a profile:

First name and last name;
E-mail address;
Company’s name;
Speciality;
Biography;
Video presentation;
Photo;
Schedule;
Areas of practice;
Password (encrypted);
Clients;
Clients meeting history.

Data of individuals that are processed when sending inquiries, requests and alerts or carrying out other correspondence with us
3.5. When you contact us, we may process the following types of personal data relating to you:

First name and last name;
E-mail address;
Phone number (optional);
Other information contained in the message, which is personal data, including and to third parties when this information is necessary to fulfill the respective purposes.

Data of individuals interacting with our corporate profiles on social networks
3.6. In order to promote our activity and the services we provide, we may maintain corporate profiles/pages in various social networks (i.e. Facebook, Instagram, YouTube, etc.)

3.7. Social networks are not managed by us and their processing of personal data is not under our control. The persons who maintain the relevant social networks have their own terms and conditions and policies for the protection of personal data, which we encourage you to familiarize yourself with.

Cookies and similar technologies
3.8. In connection with the management and maintenance of the Platform, we may use cookies and other similar technologies to ensure its proper functioning and to analyse its use. You can get detailed information about the use of different types of cookies from the Cookie Policy published on the platform.

4. FOR WHAT PURPOSES AND ON WHAT BASIS DO WE PROCESS YOUR PERSONAL INFORMATION

4.1. The company processes personal data for purposes necessary to fulfill legal obligations:
a) providing information to the competent administrative and judicial authorities, or providing assistance where applicable;
b) answering and fulfilling clients inquiries and requests;
c) accounting of commercial operations.

4.2. The company processes the necessary personal data for concluding a contract under general conditions and for using the services of the platform.

4.3. The company processes personal data for purposes related to its legitimate interest:
a) managing the platform and analysing how it is used;
b) ensuring the normal functioning of the platform and preventing cyber-attacks and other malicious activities;
c) ensuring the possibility of communication through various channels (including email correspondence, etc.);
d) establishing relationships with the Company's corporate profiles in social networks, including and communication through them;
e) exercise and protection of legal rights and interests before administrative and judicial authorities, when applicable;
f) sending information messages about new content, services and functionalities of the platform.

5. DISCLOSURE OF PERSONAL INFORMATION

Disclosure of personal data to Personal Data Processors
5.1. In certain cases, the Company may disclose certain personal data to strategic partners - subcontractors who work for it by providing services it needs in carrying out its commercial activity. The personal data that the Company provides to its partners is in a volume that is necessary to perform the assigned work.

Disclosure of personal data to other Personal Data Controllers
5.2. In certain cases, it is possible for the Company to provide personal data to other personal data controllers. In these cases, the Company always requires other controllers to strictly comply with the provisions of Bulgarian and European legislation in the field of personal data protection.

Disclosure of personal data to competent administrative and judicial authorities
5.3. Disclosure of personal data is also possible when this is necessary to fulfill a legal obligation of the Company or to protect its legal interests or the interests of third parties. Normally, such disclosure of personal data is carried out before the competent administrative and judicial authorities.

6. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

6.1. The personal data that is collected through the platform is stored on servers in the territory of the European Union.

6.2. In certain cases, it is possible for the Company to provide access to part of the personal data stored on the platform to persons who are physically located outside the European Union (EU) and the European Economic Area (EEA). For example, if the Company uses the services of a specialist outside the EU/EEA, he/she will be able to access the necessary personal data of the client of the platform from a country outside the EU/EEA, which do not provide the same level of protection as that guaranteed by the applicable European legislation.

6.3. In the cases under Art. 6.2., the provision of access to data is carried out in accordance with the applicable legislation on the basis of a decision of the European Commission (EC) regarding the adequate level of data protection in the third country or, in the absence of such a decision, on the basis of standard contract clauses of the EU, according to decisions of the EC. You may obtain a copy of these standard contractual clauses by making an inquiry to the Company using the contact details provided.

7. PROTECTION OF PERSONAL DATA

7.1. The Company takes precautions, including physical, personal and documentary protection, to protect your personal data from loss, theft and misuse, as well as from unauthorized access, disclosure, alteration or destruction.

7.2. All employees of the Company are obliged to protect the confidentiality of your personal data, as well as to observe the applicable organizational and technical measures for their protection. The Company's employees' access to your data is limited to the extent necessary to perform their duties.

8. STORAGE PERIOD OF PERSONAL DATA

8.1. The Company processes your personal data for a period that is necessary to fulfill the purposes set out in this Policy, unless it is required to process it for a longer period. According to the type, data and the purposes for which they were collected, a storage period is determined, after which the information is permanently deleted.

Storage of personal data in order to comply with legal obligations
8.2. Personal data related to and/or contained in documents for which there are legally regulated storage periods will be stored for the periods provided for in the current legislation, unless a longer storage period is provided for in this Policy.

Storage of the necessary personal data when concluding and executing contracts
8.3. The personal data necessary for the conclusion and performance of contracts are stored throughout the period of validity of a contract and up to 5 years, counting from its termination or performance, unless a longer storage period is provided by law.

Storage of personal data contained in correspondence with the Company
8.4. In cases where there is no statutory period for storing personal data contained in correspondence conducted with the Company, personal data are stored for a period of up to 5 years, counted from the end of correspondence and related relations.

Storage of cookies
8.5. You can get detailed information about the storage periods of the various cookies used by the Company from the Cookie Policy, which is published on the website.

Other terms for processing personal data
8.6. In the event of a legal dispute or proceeding requiring the retention of data, and/or in the event of a corresponding request from a competent state authority, it is possible to retain data for a period longer than the above-mentioned periods, until the final completion of the arising dispute or proceedings before all instances and for a period of up to 5 years after its final conclusion.

9. YOUR RIGHTS

9.1. If you have provided your personal data to the Company, you have the following rights, which you can exercise at any time:

Right to be informed - You have the right to receive information about your personal data processed by the Company. This Policy aims to provide you with detailed information regarding the processing of your personal data when you use the platform.
Right of access - if you are a registered user, you have the opportunity to check in your user profile what your personal data is collected and stored on the platform. Regardless of whether you are a registered user or not, you have the right to request from the Company and receive information regarding what personal data of yours is being processed, as well as to obtain access to such data.
Right to rectification – You have the right to request rectification (change or addition) of your provided personal data.
Right to deletion - You have the right to request the deletion of your personal data when the conditions for this provided for in the Regulation are met.
Right to limited processing - You have the right to request a restriction of the processing of your personal data, in case any of the hypotheses provided for in the Regulation are present.
Right to data portability in a structured, widely used and machine-readable format – You have the right to receive your personal data processed by the Company in a structured, widely used and machine-readable format. Also, you have the right to request the transfer of your personal data from the Company to another controller, if this is technically feasible.
Right not to be subject to a decision based solely on automated processing, including profiling.
Right to object - You have the right to object at any time to the processing of your personal data. In the event that you make such an objection, the Company will consider it and terminate the processing if the objection is justified. In the event that the objection is unfounded, the Company will inform you of this fact.
Right to complain to the supervisory authority - You have the right to lodge a complaint with the supervisory authority if you believe that your rights to the protection of personal data have been violated.

9.2. If you wish to exercise your rights in relation to the protection of your personal data, you may contact the Company by completing the Request Form from an Individual here and/or by sending an email to the following email address:
data@mindromeda.com

9.3. You can exercise your rights mentioned above completely free of charge. In the event that your requests are manifestly unfounded or excessive, the Company may charge a reasonable fee or refuse to act on the request.

10. SUPERVISOR

10.1. The Commission for Personal Data Protection (CPDP) is the independent state body that carries out the protection of individuals in the processing of their personal data and in the implementation of access to this data, as well as the control of compliance with the Law on the Protection of Personal Data in the territory of the Republic Bulgaria.

10.2. In case of doubt that your rights related to the protection of your personal data have been violated, you can submit a report to the CPDP at:

Address: Sofia 1592, Prof. Blvd. Tsvetan Lazarov" No. 2
E-mail: kzld@cpdp.bg
Website: www.cpdp.bg

11. COMPANY CONTACT INFORMATION

11.1. If you have any questions or ambiguities regarding the processing of your personal data or wish to exercise any of your rights, you can contact the Company at the specified contact details: data@mindromeda.com

12. VALIDITY AND UPDATE OF THE PRIVACY POLICY

12.1. The Company reserves the right to change and update its Policy. In the event of a change to this Policy, a notice will be published on the platform, as well as the updated "Privacy Policy".

This Policy is effective from 2nd June 2023.