I. INTRODUCTION
The security and proper use of personal dataare of utmost importance to our customers, as well as to J POINT GROUP LTD andits employees, partners, subcontractors, and owners. Therefore, it is importantfor us that all parties involved understand why and how we process theirpersonal information.
This Personal Data Policy is inextricablylinked to the General Terms and Conditions of J POINT GROUP LTD, but is notpart of them. It does not regulate rights and obligations, but aims to explainto customers, employees, partners, subcontractors, and owners of J POINT GROUPLTD. what personal data we process in connection with the provision of ourservices and goods (e.g., printing of advertising visuals, media, businesscards, flyers, brands, boards, etc.), why and how we process them, includingwhen it is necessary to disclose personal data to third parties, as well as inconnection with the implementation of the company's overall commercial andbusiness activities. It also provides information about the rights that allaffected parties have in relation to the processing of personal data by J POINTGROUP LTD.
This Privacy Policy applies to personal datathat J POINT GROUP LTD collects and processes in connection with the productsand services provided by the company. It also applies when customers visit JPOINT GROUP LTD websites or use the company's various social media pages. Inthese cases, the collection and processing of personal data is carried out inaccordance with the personal data policy (and/or cookie policy) for therespective social network or application, which the company administering andowning the rights has adopted and implemented.
For greater clarity and convenience forcustomers, many places in this Privacy Policy provide examples that illustratewhy and/or how J POINT GROUP LTD processes personal data. These examples arenot part of this Privacy Policy, but are only illustrative and not exhaustive.Their sole purpose is to clarify and assist all parties in understanding ourprivacy policy.
II. DEFINITIONS
1. PERSONAL DATA
In practice, this is any information thatidentifies a specific natural person or that relates to a natural person whocan be identified directly or indirectly. The types of personal data covered bythis Policy are: basic data; data on website usage; location data when IP isused for analysis of usage on the company's websites; data provided whenentering into a contract; contract data; obligation data; payment data;customer communication data.
2. BASIC DATA
Full name; address; gender; age; telephonenumber; email address; data on sessions on the company's website, including IPaddresses, type of connection (email, etc.), start and end of the session,volume of downloaded and uploaded data, connection speed, etc.
2. Data provided upon conclusion of acontract. Personal data that our customers need to provide to J POINT GROUP LTD.in order to conclude contracts for the provision of services. The provision ofsuch data is voluntary, but without it, J POINT GROUP LTD cannot conclude thecontract and fulfill its obligations under it.
Such data for concluding a contract are: namesof the customer, natural person; unified civil number (for Bulgarian citizens);personal number (for foreign persons); address (the customer may provide,voluntarily and at their discretion, an address for receiving invoices, ifdifferent); data from an identity document (this data is not stored by J POINTGROUP LTD, but is used to verify the validity of the document and the identityof the person concerned); data on the representative (if the contract isconcluded by a representative) and on their power of attorney.
Contract data – type of contract (e.g.,manufacturing contract, additional agreement, leasing contract, rentalcontract, credit contract, etc.); contract number and date of conclusion; dateof entry into force and term of the contract; term; customer number; email addressfor the @invoice service (electronic invoice, if provided by the customer);telephone numbers provided; goods provided – type, brand, model, unique number;contract price and terms; date selected by the customer for issuing invoices;amount of monthly/rental lease payments (for lease/rental contracts); repaymentplan (for lease/credit contracts); rights and obligations of the parties;information about the commercial premises where the goods are installed or theservices are provided or delivered, etc.
Data on obligations – this is data on theobligations of customers in connection with contracts concluded with J POINTGROUP LTD. and services provided. Such data includes: information on issuedinvoices – date, number, due date, amounts due, etc.; information aboutprevious and current obligations; information about accrued penalties;information about warning messages or letters sent in connection with customerobligations; information about deferral or rescheduling of customerobligations; information about termination of contracts due to non-payment ofliabilities; information about actions taken for out-of-court or judicialcollection of customer liabilities, etc.; information about transfer(assignment) of amounts due.
3. PAYMENT DATA
This is data aboutcustomer payments related to contracts with J POINT GROUP LTD. This dataincludes: type of payment (e.g., payment of an invoice; date of payment; placeof payment (e.g., a location other than the registered office of J POINT GROUPLTD., a partner's location, etc.); amount paid and obligation to which thepayment relates; method of payment (e.g., cash, debit or credit card, directdebit, etc.); debit/credit card information, bank account number, or otherbanking/payment information (for cashless payments).
Data processed inconnection with communication between J POINT GROUP LTD and its customers inthe form of inquiries, complaints, applications, requests, or customercomplaints, when conducting satisfaction surveys, during calls/messages relatedto the services used, etc. Such data includes: customer data; customer contactinformation (e.g., email address, phone number, address, etc.); type ofcommunication (written inquiry, application, complaint, letter, inquiry viaonline form or mobile application, email, phone call, short text message,etc.); date of sending or receiving communication (e.g., date of receipt ofinquiry, complaint, claim, or message, date of sending message, letter, etc.);information contained in the relevant communication (e.g., content of acustomer inquiry/complaint, attached documents, content of the response orreference prepared by J POINT GROUP LTD), etc.
4. PROCESSING OF PERSONAL DATA
Processing of personal data means any use ofpersonal data. Personal data processing includes the following actions:collection; recording; storage; review; verification; modification; retrieval;disclosure; restriction; erasure; destruction, etc.
5.CONTACT WITH J POINT GROUP LTD
J POINT GROUP LTD, UIC 131145678, withregistered office and address of management in the Republic of Bulgaria, cityof Sofia, Sofia region (capital), municipality of Sofia, Poduyane district,Hadji Dimitar residential area, 14 Ivan Marinov Yonchev Street. In thisPersonal Data Policy, the use of the pronouns “We,” “Us,” or “Our” will alsorefer to J POINT GROUP LTD.
In this Privacy Policy, the use of thepronouns “We,” “Us,” or “Our” will also refer to J POINT GROUP LTD.
6.CUSTOMER, NATURAL PERSON
A natural person who: is entitled to receiveservices from us on the basis of an individual contract, or in the form of anorder or request for the manufacture of goods or products from the company'sproduct list; has purchased goods from us;
7. ANONYMIZATION OF PERSONAL DATA
Anonymization is an operation that is analternative to the deletion or destruction of personal data. It permanently andirrevocably removes all elements that directly or indirectly identify a person.Anonymized data does not constitute personal data. (Example: If the personaldata we have for a given customer is as follows: Name: Ivan Ivanov; Age 43;Address: City of Sofia, 117th Street, Block 555, Apartment 233, afteranonymization, it may look like this: Name ****; Age 40-60; Address: Sofia)
8. RESTRICTION OF PERSONAL DATA PROCESSING
When restricting processing, J POINT GROUP LTDmay only store the relevant personal data, unless: (a) the customer has giventheir consent; or (b) data processing is necessary for the establishment,exercise, or defense of legal claims; (c) the processing is necessary toprotect the rights of another natural person; or (d) there are importantreasons of public interest for the Republic of Bulgaria or the EU.
GENERAL TERMS
The general terms are the General Terms of JPOINT GROUP LTD, which are published on the company's website.
III. BASIC PRINCIPLES OF DATA PROCESSING
We process personal data in good faith and ina transparent manner; We process personal data for specific, explicitly statedand legitimate purposes, in accordance with applicable law; We process personaldata in order to provide our customers with better products and services thatare tailored to their needs; We take the necessary measures to ensure thesecurity of the personal data we process; We process personal data inaccordance with applicable law; We inform the customer what personal data wecollect, as well as why and how we do so; We process personal data only forlegitimate purposes; The processing of personal data will not exceed the periodnecessary to achieve these purposes, unless we are required to store it inaccordance with applicable law; We respect the rights that customers have underpersonal data protection legislation, including the right to access personaldata, the right to correct personal data, etc.; We implement the necessarytechnical and organizational measures to protect our customers' personal datafrom accidental or unlawful destruction, accidental loss, unauthorized access,alteration, or dissemination, as well as other unlawful forms of processing.
IV. WHAT PERSONAL DATA OF CUSTOMERS, NATURALPERSONS DO WE PROCESS
We process different types of personal data,depending on the type of services provided to customers. Such data includescustomer identification data, information about what services a customer isentitled to use, how the customer uses the services, information about paymentsmade, invoices issued, current obligations, and others. We process thefollowing categories of personal data for our customers: basic data; locationdata; data provided when concluding a contract; contract data; liability data;payment data; communication data.
V. HOW WE COLLECTPERSONAL DATA ABOUT OUR CUSTOMERS, INDIVIDUALS
We collect personaldata about our customers in various ways. In most cases, we receive informationdirectly from customers when concluding and executing contracts with them.Certain data is generated automatically when customers use our services throughour website, and sometimes the data is provided to J POINT GROUP LTD by thirdparties or obtained from other sources, such as public registers.
We collect personaldata directly from our customers: in pre-contractual relations with them (whena customer expresses a desire to enter into a contract with us or to registeron our website to place an order); when concluding an individual contract; whenconcluding a contract for leasing/rental or for the purchase of goods; whenconcluding other contracts with us; when or in connection with the performance,amendment, supplementation, or termination of a contract concluded between usand our customers (when fulfilling requests/orders, when providing customerservice in response to a complaint or grievance, when paying a debt, whenhandling claims, etc.).
We collect personaldata about customers from third parties: in connection with the provision ofthe service, when the order is placed by an advertising agency or a client whoplaces orders on behalf of other third parties who are its customers. In suchcases, the data is provided by our client's customers; upon receipt ofelectronic messages or data generated by other providers' networks, such associal networks, for example, and terminated on our website or directly to usand our customer system. In such cases, the data is provided by social networkswhen our customers access us; during or on the occasion of checks carried outby competent state or municipal authorities. In such cases, the data isprovided by the relevant authorities; upon receipt of a request for theprovision of data for a given customer(s) made by a competent authority inaccordance with the duly established procedure; during and in connection withthe process of collecting customer debts. In such cases, the data may beobtained from public registers or publicly available sources, from/through thecourts or from/through the enforcement authorities.
VI. HOW WE PROCESS THEPERSONAL DATA OF CUSTOMERS WHO ARE NATURAL PERSONS
Processing of datanecessary for the preparation of proposals/offers and for the conclusion ofcontracts:
In order to conclude acontract with us, the customer must provide their personal data. The provisionof this data allows us to identify the customer as a party to the contract andas the holder of the rights/obligations under it. Such data includes:
The customer's fullname, personal identification number, and address are part of the minimumcontent of each contract. If a customer refuses to provide them, we will not beable to conclude a contract.
During the contractconclusion process, data about the customer's identity document is alsoprocessed in order to verify its validity, with the aim of preventing anyattempts at fraud and/or misuse of personal data.
Processing of datanecessary for the performance of concluded contracts
In order to be able toperform the contracts concluded with customers, we need to process theirpersonal data. Otherwise, it will be impossible for us to fulfill ourcontractual obligations.
We process customerdata to ensure that the goods and/or services provided comply with theprovisions of their contracts.
In order to fulfillour obligations under a contract concluded with a customer, we need to processtheir personal data. It is thanks to this data that we identify the customer asthe contract holder. Example:
•if we do not knowthat a customer wishes to receive paper invoices, it is possible that they willnot be sent to him/her;
•in order to send aninvoice to the relevant customer, we need to process data about his/heraddress.
Data processingnecessary to comply with regulatory obligations
In certain cases,applicable national and European legislation requires us to process personaldata about our customers for specific purposes, in a specific manner, and/orfor a specific period of time. Below are the main cases in which we processpersonal data in order to comply with our regulatory obligations.
We process personaldata when we are required by applicable law to provide information to competentauthorities.
The legislation of theRepublic of Bulgaria requires us to store certain personal data about customersfor a specific period of time. Where there are legal grounds, this personaldata processed by us must be provided to the competent authorities. Example
We process personaldata of customers when, under applicable law, we are obliged to assistcompetent state and/or municipal authorities in carrying out inspections bythem.
We process personaldata because, under applicable law, we are obliged to ensure the security ofinformation systems (including the personal data of our customers).
In order to prevent,identify, investigate and/or resolve: (a) vulnerabilities and/or securitybreaches; or (b) breaches of personal data security, it is necessary in certaincases to process personal data of customers.
We process personaldata to provide warranty support for our products, in accordance with generallegislation.
When a customerpurchases a product from us, under consumer protection legislation, J POINTGROUP LTD must process the customer's basic data (which establishes the rightto file a complaint), as well as the data for the relevant contract (whichestablishes whether the relevant product is under warranty).
We process personaldata to fulfill obligations arising from accounting and tax legislation.
Tax and accountinglegislation in the Republic of Bulgaria requires us to compile certainaccounting and commercial information, including storing this information for acertain period, as well as any other information and documents relevant totaxation.
In fulfilling thisobligation, the relevant information and documents, which also contain personaldata of customers, are stored by us for periods provided for in the relevantlaws. These periods are of long duration (for example, invoices, which aredocuments for tax and social security control, should be stored for a period offive years, and in some cases even longer).
Data processingnecessary to protect legitimate interests of J POINT GROUP LTD.
We process personaldata when conducting internal analyses in order to improve our products andservices, as well as to develop new ones.
In order to understandthe needs of our customers, to improve and further develop our products andservices, as well as to increase the quality of customer service, we processpersonal data.
We process personaldata in aggregate form and to establish the results of campaigns, which allowsus to assess their effectiveness, the performance of a campaign, including theset commercial goals, as well as to properly plan our future activities.
We process personaldata of our customers also for the purpose of assessing the performance of ouremployees and those of our partners.
We process personaldata of customers for the purpose of studying their satisfaction with ourproducts and services.
In order to improveour products and customer service, we sometimes seek their opinion throughsurveys that we send via short electronic messages (e-mail), via telephonecalls (if the customer has provided an e-mail address).
When processing theresults of these surveys, we process the following personal data of ourcustomers: basic data; contract data; obligation data; aggregated consumptiondata; payment data; customer communication data. With their consent, whenconducting satisfaction surveys with our products and services, we may alsoprocess their location data.
We process personaldata of customers in order to prepare appropriate offers for them.
J POINT GROUP LTDvalues the time of its customers and strives for the company's products andservices to be increasingly better and more appropriate. Therefore, we processthe personal data specified below in order to be able to offer this product orservice that is most in line with the needs and/or preferences of ourcustomers.
In order to prepare orselect offers for our products or services that would be most suitable for ourcustomers, we process the following personal data: basic data; contract data;obligation data; payment data; communication data with our customers. Theseoffers are non-binding for our customers and do not create any commitments forthem.
The standard offers ofJ POINT GROUP LTD, as well as those that are prepared or selected for a givencustomer, can be obtained from us or at our location from our partner network.The offers can also be sent in the form of direct marketing, unless therelevant customer has opted out of receiving marketing messages, notificationsor calls, as provided for in this Privacy Policy.
In order to make ouroffers even more suitable, with the consent of our customers, we also processlocation data.
We process personaldata of customers when conducting direct marketing.
J POINT GROUP LTDprocesses customer data to inform them of suitable offers for products and servicesvia short electronic messages (e-mail), via telephone calls or vianotifications from our website https://shop.jpoint.bg (for customers who useit).
Customers may at anytime opt out of receiving:
telephone calls orelectronic messages (e-mail) – by submitting a written application to us;
We process personaldata of customers when transferring receivables (assignments).
In accordance with thelegislation of the Republic of Bulgaria, J POINT GROUP LTD has the right totransfer its receivables from customers to third parties (such receivables are,for example, those arising from issued but unpaid invoices), without the needfor their consent. For this purpose, a receivables transfer agreement(“assignment agreement”) is concluded with the relevant third party.
Upon concluding anassignment agreement, J POINT GROUP LTD ceases to be the holder of the relevantreceivable, which is transferred to the third party (new creditor). One of theobligations of J POINT GROUP LTD under the assignment agreements is to providethe new creditor with all documents establishing the transferred receivables.In fulfilling this obligation, J POINT GROUP LTD provides the new creditor withpersonal data about the clients, the receivables against which are the subjectof the assignment agreement.
When concludingassignment agreements, our respective clients, individuals, will be dulynotified of this on behalf of J POINT GROUP LTD.
We process personaldata when this is necessary for the settlement of legal disputes.
Sometimes, in order toexercise its rights or legitimate interests, J POINT GROUP LTD may need toprocess personal data of certain clients in order to make an out-of-court claimor to file a lawsuit against:
third parties fromwhom J POINT GROUP LTD has received personal data about the relevant clients inaccordance with this Privacy Policy; or
third parties to whom JPOINT GROUP LTD has disclosed personal data about the relevant clients inaccordance with this Privacy Policy,
respectively, it ispossible that the above-mentioned persons, as well as the clients themselves,may make an out-of-court claim or file a lawsuit against us. In such cases, itmay be necessary for J POINT GROUP LTD to process personal data of certain clientsin order to organize and conduct the defense of the relevant claim or lawsuit(in this way, J POINT GROUP LTD aims to protect itself from unlawful attacks onits property and/or reputation).
The type and volume ofpersonal data processed depend on the nature of the out-of-court claims made orthe lawsuits filed.
See example:
A customer claims incourt that the amounts charged in his/her invoice are not due. This requires usto conduct an internal investigation into the case in order to establish thevalidity of the customer's claim, as well as to present the necessary evidenceto the court (e.g. contracts, invoices, etc.);
A competent authorityto which we have refused to provide data about a customer sanctions us and wechallenge the imposed sanction in court, which requires the processing ofpersonal data about the respective customer and the provision of evidence tothe respective court.
Data processing basedon consent given by a customer.
We may processpersonal data of customers for other purposes, upon receipt of their consent.The consent given may be withdrawn by customers at any time, completely free ofcharge, in any of the following ways: by submitting a written application tous;
The withdrawal ofconsent does not affect: the lawfulness of the processing of personal databased on the withdrawn consent before its withdrawal; and the processing ofpersonal data for purposes for which consent is not required as provided for inthis Privacy Policy.
With the consent ofcustomers, we process their location data in order to prepare even moresuitable products and services. With the consent of customers, we process theirlocation data when conducting surveys on satisfaction with products andservices;
In the event that acustomer has refused to receive messages or calls for direct marketing, withhis/her subsequent consent, J POINT GROUP LTD may resume the processing ofpersonal data for the purpose of sending such messages or calls;
With the consent of acustomer, J POINT GROUP LTD processes their personal data (including personalidentification number data) for the purpose of performing a credit assessmentwhen customers wish to receive a good or service on installment payment or onlease, as well as for rent. Providing such consent is voluntary. In the eventthat a client refuses to have a credit assessment prepared for him/her, he/shewill be able to purchase the desired service/product according to the pricelist approved by us;
With the consent of aclient, we process data about their Personal Identification Number (PIN),providing them to third parties for the purposes of extrajudicial collection ofdebts to us;
VII. PROFILING
What is profiling: oneof the ways of processing personal data, in which analysis and assessment ofspecific aspects (e.g. credit score) or prediction of potential preferences andinterests of a given individual are performed. Profiling uses automated means –information systems for data processing.
In which cases, JPOINT GROUP LTD. performs profiling:
To prepare a marketingassessment and analysis for potential or existing clients. This is an automatedanalysis for a natural person in view of his/her potential opportunities tobenefit from our services and products. Its purpose is to show us how likely itis that a given person will benefit from our products or services.
To prepare appropriateoffers to clients. The preparation and selection of appropriate offers toclients is carried out through automated and non-automated analysis of his/herdata (e.g. for a current contract, data on consumption of products or services,etc.) and is based on summarized statistical information about other current orformer clients of the company. The purpose of this analysis is to determinewhich product or service we believe would be most suitable for the customer.
Example: if acustomer's aggregated consumption of products or services shows a high volumeof consumption, it is possible to offer him/her an individual offer, proposalor individual package of products.
For internal analyses.When performing internal analyses, customers are grouped based on their basicdata, contract data and their aggregated consumption of products and servicesin order to establish a possible connection between their data and the use ofcertain products or services, as well as to establish the reasons for refusalsof products or services, and for switching from one type of product or serviceto another, or for continuing to use the relevant service or product. Based onthis information, J POINT GROUP LTD develops its product portfolio and customerservice, evaluates the company's performance and plans its future activities.
For the prevention,detection and investigation of abuse. For the purposes of preventing, detectingand investigating abuse. J POINT GROUP LTD carries out automated analysis ofits customers' data. Based on this, cases of atypical behavior are identified,which are then individually reviewed by our employees to verify whether it isactually abuse or not.
VIII. CATEGORIES OFPERSONS TO WHOM WE DISCLOSE PERSONAL DATA OF OUR CLIENTS, NATURAL INDIVIDUALS
Processors of personaldata. Processors of personal data are persons who process personal data onbehalf of and on behalf of J POINT GROUP LTD or its clients, who entrust uswith the execution of a product or service, based on a written or informalagreement/contract. They are not entitled to process the personal data providedto them for purposes other than the performance of the work entrusted to themby us or by our clients-clients. Processors are obliged to comply with allinstructions of J POINT GROUP LTD or our clients-clients, who entrust us withthe processing of personal data of their clients, third parties.
J POINT GROUP LTDtakes the necessary measures to ensure that the engaged processors strictlycomply with the legislation on personal data protection and the instructions ofthe administrator, as well as that they have taken appropriate technical andorganizational measures to protect personal data.
Examples of personaldata processors: persons in whose commercial establishments may: (a) contractsbe concluded with us; and/or; and/or (b) obligations to us be paid; and/or (c)part or all of our range of products be performed as manufacturing. Suchpersons are our distributors, sales representatives and others; Persons whoprovide us with invoice printing services, etc.; Suppliers who provide us withservices for the production of media, visions, design, advertising products,etc. from our production range; Courier service providers; Providers of servicesfor the implementation and/or maintenance of information systems, whichsometimes need to access personal data processed in the relevant systems forthe purposes of providing the services; Out-of-court debt collection companiesthat process personal data of clients on behalf of J POINT GROUP LTD; Providersof services for organizing, storing and maintaining archives of client data, aswell as services for the destruction of such archives; Providers of electroniccertification services, in the case of using an electronic signature to signdocuments related to our products and services; Law firms, attorneys,accounting firms or other providers of consulting services; third parties whoacquire receivables from us to our clients; our partners (In order to providecertain services to its clients, J POINT GROUP LTD enters into contracts withthird parties (partners). In connection with the provision of the relevantservices, it is sometimes necessary for the relevant partners to providepersonal data of the clients; Banks and payment institutions (In connectionwith servicing payments to our clients made by bank transfer or through apayment institution, it is necessary to exchange data between us and therelevant bank or payment institution.); Competent authorities; Third parties inconnection with a transformation (e.g. merger or acquisition) or transfer of acompany (In the event of a transformation of J POINT GROUP LTD, as well as inthe event of a transfer of assets in accordance with applicable legislation, itis possible that the personal data of our clients, administered by us, may beprovided to a third party - a legal successor);
ІX. PROCESSING OFPERSONAL DATA OUTSIDE THE TERRITORY OF BULGARIA
As a rule, J POINTGROUP LTD. strives not to send personal data of our clients outside theterritory of the European Union (EU) and the European Economic Area (EEA).However, in certain cases, in order for us to be able to provide our productsand services, it is necessary for certain data to be sent to persons outsidethe EU/EEA (e.g. in order to provide a service or product), in compliance withthe requirements of the applicable legislation and as described in thisPersonal Data Protection Policy.
In the event that itis necessary for personal data of a client or an individual to be sent by us toa country outside the EU or EEA, this will be done in compliance with thisPolicy and in the presence of one of the following conditions:
When there is adecision of the CPDP or the European Commission, according to which therelevant country ensures an adequate level of personal data protection;
When an agreement hasbeen concluded with the organization to which personal data are sent,containing the standard data protection clauses approved by the EuropeanCommission with Decision No. 2010/87/EU:
(https://www.cpdp.bg/userfiles/file/Transfers/BCR_Commission_decision_2010-87_Bg.pdf)
When the transfer ofdata is necessary to perform a contract with the relevant client, individual,or individual in relation to our client;
When it is necessaryto transfer data to an organization in the USA, the transfer is carried out tothe extent that the relevant organization participates in the Privacy Shield,adopted by decision of the European Commission on 26.07.2016 (https://ec.europa.eu/info/strategy/justice-and-fundamental-rights/data-protection_en)
X. HOW LONG DO WE KEEPCUSTOMERS' PERSONAL DATA C
J POINT GROUP LTD.stores the personal data of its customers for as long as necessary to achievethe goals set out in this Privacy Policy or to comply with legal requirements.In order to fulfill our obligations arising from tax and accountinglegislation, data about a given customer is stored for a period of five yearsor more, starting from the termination of his/her last contract, as long as thecustomer has no unpaid debts to us. After the expiry of the terms forprocessing personal data, they are anonymized or deleted/destroyed, unless:
• they are necessaryfor pending legal, arbitration, administrative or enforcement proceedings, orin the event of a complaint from the respective customer, which should beconsidered by us, or
• the respectivecustomer has exercised his/her right to request restriction of the processingof personal data concerning him/her;
J POINT GROUP LTDmakes efforts to ensure that the personal data processed about customers isupdated (and, if necessary, corrected), and that no data is stored that is notnecessary to achieve the purposes described above.
XI. WHAT RIGHTS DOINDIVIDUALS HAVE IN RELATION TO THE PROCESSING OF PERSONAL DATA
General information onthe rights of individuals
J POINT GROUP LTDtakes action at the request of an individual to exercise a right under thissection only if it is able to identify the relevant individual.
Only an individual whocan be identified by us has the opportunity to exercise their rights under thissection. If the purposes for which J POINT GROUP LTD processes personal data donot require or no longer require the identification of a given individual, weare not obliged to maintain, obtain or process additional information toidentify the individual for the sole purpose of taking action based on thatindividual's request.
J POINT GROUP LTDshall notify individuals of the actions taken within one month of receipt of arequest under this Section, and in certain cases this period may be extended byup to two months.
J POINT GROUP LTDshall provide individuals with information about the actions taken inconnection with their requests to exercise rights under this Section withoutundue delay and in any case within one month of receipt of the request. Ifnecessary, this period may be extended by a further two months, taking intoaccount the complexity and number of requests. J POINT GROUP LTD shall informthe relevant individual of any such extension within one month of receipt ofthe request, indicating the reasons for the delay.
In the event of arefusal to comply with a request, J POINT GROUP LTD shall inform the relevantindividuals of their rights.
If J POINT GROUP LTDdoes not take action on the request of a natural person, J POINT GROUP LTDshall notify him without delay and at the latest within one month of receivingthe request of the reasons for not taking action, as well as of the possibilityof filing a complaint with the Commission for Personal Data Protection andseeking judicial protection.
In certain cases, JPOINT GROUP LTD may request additional information to confirm the identity ofthe natural person.
In the event that JPOINT GROUP LTD has reasonable concerns regarding the identity of the naturalperson submitting a request under this section, J POINT GROUP LTD may requestthe provision of additional information necessary to confirm the identity of theperson.
The actions taken by JPOINT GROUP LTD upon and in connection with requests submitted to exerciserights under this section are completely free of charge for the persons, unlesstheir requests are manifestly unfounded or excessive.
The actions that JPOINT GROUP LTD takes in connection with and in connection with the exercise ofthe rights of individuals are completely free of charge. When the request of agiven individual is clearly unfounded or excessive (for example, due to its repetition),J POINT GROUP LTD has the right, at its discretion: to request the payment of areasonable fee, determined on the basis of the administrative costs necessaryto provide the requested information or to take the requested actions.
Clients, individualshave the right to access the personal data concerning them.
Clients, individualshave the right to obtain from us information whether personal data concerningthem is being processed. If this is the case, they have the right to access therelevant data.
Our clients,individuals, have the right to request the correction of personal dataconcerning them, when they are inaccurate or outdated.
In the event that thepersonal data processed by us are inaccurate or outdated, individuals have theright to request that we correct them.
EXAMPLE: The customerhas changed his/her address and wishes the information about the new address tobe updated in our database; The customer has found that when concluding acontract with us, an error was made in his/her names and submits a request forthe error to be corrected.
In certain cases,customers have the right to request the deletion of personal data relating tothem.
Customers,individuals, have the right to request from us the deletion of personal datarelating to them in the following cases: the personal data are no longernecessary for the purposes for which they were collected or processed; thecustomer, an individual, has withdrawn his/her consent on which the processingof personal data is based and there is no other legal basis for the processingof the same; the customer, an individual, has objected to the processing ofpersonal data, which is based on the legitimate interest of J POINT GROUP LTD,unless there are other legitimate grounds for the processing which override theinterests, rights and freedoms of the customer, or the processing of data isnecessary for the establishment, exercise or defence of legal claims; thecustomer has objected to the processing of personal data for direct marketingpurposes and there are no other legitimate grounds for the processing of thesedata; the personal data relating to the customer concerned have been processedunlawfully; the personal data must be deleted by us in order to comply with alegal obligation arising from the law of the Republic of Bulgaria or from thelaw of the European Union.
In certain cases, ourcustomers have the right to request the restriction of the processing ofpersonal data relating to them.
As of 25.05.2018, ourcustomers have the right to request J POINT GROUP LTD to restrict theprocessing of personal data relating to them in the following cases:
the accuracy of thepersonal data is contested by the individual, for a period that allows J POINTGROUP LTD to verify the accuracy of the personal data;
the processing isunlawful, but the customer does not want the personal data to be deleted, butinstead requests the restriction of their use;
J POINT GROUP LTD nolonger needs the personal data for the purposes of the processing, but thecustomer requires them for the establishment, exercise or defense of legalclaims;
the customer hasobjected to the processing of personal data based on the legitimate interest ofJ POINT GROUP LTD, pending verification of whether our legitimate groundsoverride our interests.
In certain cases, ourcustomers have the right to the portability of personal data concerning them.
As of 25.05.2018, ourcustomers have the right to receive from us the personal data that they haveprovided (for example, data that is provided when concluding a contract) in astructured, commonly used and machine-readable format, and to transfer thesedata to another controller without hindrance from us, insofar as: we processthese data for the purposes of concluding or performing a contract with thecustomer, or on the basis of a consent given by the latter and the processingof the relevant data is carried out by automated means.
Customers have theright to request that we transfer their personal data directly to anothercontroller, where this is technically feasible.
In certain cases, ourcustomers have the right to object to the processing of personal dataconcerning them.
The customer, anindividual, has the right, at any time and on grounds relating to theirparticular situation, to object to the processing of personal data concerningthem, where J POINT GROUP LTD processes their data for the protection of itslegitimate interests.
In certain cases, thisright is unconditional and we will always suspend the processing of data uponan objection by a customer. These are the cases in which J POINT GROUP LTDprocesses personal data for the purposes of direct marketing.
In other cases,depending on the nature of the objection and the circumstances presented by therespective customer, an individual, J POINT GROUP LTD will conduct an internalinvestigation into the objection and will decide on it in accordance with thissection, by: (a) informing the customer that it will suspend the processing ofhis/her personal data; or (b) refusing to suspend the processing of his/herpersonal data, if there is a legal basis for this.
EXAMPLE: If a clientobjects to the processing of his/her personal data in connection with aconcluded assignment agreement, arguing that he/she did not consent to theprovision of his/her data to a third party, J POINT GROUP LTD will reject theobjection, since according to the Obligations and Contracts Act, the debtor'sconsent is not required for the conclusion and performance of assignment agreements.
The client, anindividual, has the right to file a complaint with a supervisory authority forpersonal data protection.
The client has theright to file complaints or reports with the Commission for Personal DataProtection (CPDP), if in their opinion we are violating the legislation onpersonal data protection. Instructions for filing complaints are published onthe CPDP website: https://www.cpdp.bg
After 25.05.2018,clients may also file complaints with other supervisory authorities within the EuropeanUnion, as provided for in Regulation (EU) 2016/679 of the European Parliamentand of the Council of 27 April 2016 (on the protection of individuals withregard to the processing of personal data and on the free movement of suchdata, and repealing Directive 95/46/EC).
XII. HOW WE PROTECTTHE PERSONAL DATA OF OUR CLIENTS, INDIVIDUALS
Building andmaintaining trust between us and our clients is a key strategic priority forus. Therefore, the protection of our systems and personal data is of paramountimportance, both for our clients and for us. Our main goal is for our clientsand the individuals related to them to feel in “safe hands” when use ourproducts and services. In accordance with the requirements of currentlegislation and good practices, we take the necessary technical andorganizational measures to ensure that the personal data of individuals issafe.
To ensure theprotection of the personal data of our clients, J POINT GROUP LTD. uses moderntechnologies, combined with uncompromising management of security controls. Inorder to ensure maximum data protection, J POINT GROUP LTD. has adoptednumerous policies that regulate data processing. Various mechanisms(encryption, anonymization, pseudonymization, etc.) are also applied both inrelation to “data in transit” (data in transit) and “data at rest” (data atrest).
XIII. CONTACTINFORMATION FOR J POINT GROUP LTD
J POINT GROUP LTD, UIC131145678, with its registered office and registered office in the Republic ofBulgaria, Sofia, Sofia District (Capital), Stolichna Municipality, PoduyaneDistrict, Hadzhi Dimitar Residential Complex, 14 Ivan Marinov Yonchev Street,is the administrator of personal data processed in this Personal DataProtection Policy.
For questions andinquiries regarding the processing of personal data and their protection, youcan contact us directly at the specified contact details.
XIV. ENTRY INTO FORCEAND UPDATE OF THIS PERSONAL DATA POLICY
This Personal DataPolicy is current as of 25.05.2018.
This Personal DataPolicy may be amended or supplemented due to changes in applicable legislation,at the initiative of J POINT GROUP LTD, the clients or a competent authority(e.g. the Personal Data Protection Commission).
J POINT GROUP LTDinforms clients of amendments or supplements to this Personal Data ProtectionPolicy no less than 30 (thirty) days before their entry into force, by:
publishing the updatedPersonal Data Protection Policy on its website; and sending short text messages(e-mail) to its clients containing a link to the website where the updatedversion of this Personal Data Protection Policy is published;
It is recommended thatour clients periodically check the most current version of this Personal DataProtection Policy on our website.
This Cookie Policy was last updated on23.06.2022 and applies to citizens and legal permanent residents of theEuropean Economic Area and Switzerland
1. Introduction
Our website, https://shop.jpoint.bg(hereinafter: the “website”) uses cookies and other related technologies (forconvenience, all technologies are referred to as “cookies”). Cookies are alsoplaced by third parties that we have engaged. In the document below, we informyou about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sentalong with the pages of this website and is stored by your browser on the harddrive of your computer or other device. The information stored in it can bereturned to our servers or to the servers of the relevant third parties duringa subsequent visit.
3. What are scripts?
A script is a piece of programming code thatis used to make our website function properly and interactively. This code isexecuted on our server or on your device.
4. What is a web beacon?
A web beacon (or pixel tag) is a small,invisible piece of text or image on a website that is used to monitor websitetraffic. To do this, various data about you is stored using web beacons.
5. Cookies
5.1 Technical or functional cookies
Some cookies ensure that certain parts of thewebsite work properly and that your user preferences remain known. By placingfunctional cookies, we make it easier for you to visit our website. This way,you do not have to enter the same information repeatedly when you visit our websiteand, for example, items remain in your shopping cart until you have paid. Wemay place these cookies without your consent.
5.2 Statistical cookies
We use statistical cookies to optimize thewebsite experience for our users. With these statistical cookies we obtaininformation about the use of our website. We ask for your permission to setstatistical cookies.
5.3 Advertising cookies
We use advertising cookies on this website,which allows us to personalize advertisements for you, and we (and third parties)gain insight into the results of the campaign. This happens based on a profilethat we create based on your clicking and browsing on and offhttps://shop.jpoint.bg. With these cookies, you as a visitor to the website arelinked to a unique identifier, so you do not see the same advertisement morethan once, for example.
5.4 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or anyother form of local storage used to create user profiles to display advertisingor to track the user on this website or across multiple websites for similarmarketing purposes.
Since these cookies are marked as trackingcookies, we ask for your permission to place them.
5.5 Social Media Buttons
On our website, we have included buttons forpromoting web pages (e.g. "like", "pin") or sharing (e.g."tweet") on social networks such as . These buttons work using piecesof code coming from themselves. This code sets cookies. These social mediabuttons may also store and process certain information so that personalized advertisingcan be shown to you.
Please read the privacy policy of these socialnetworks (which may change regularly) to read what they do with your (personal)data that they process using these cookies. The data that is retrieved isanonymized as far as possible. are located in the United States.
6. Consent
When you visit our website for the first time,we will show you a pop-up window with an explanation about cookies. As soon asyou click on "Manage Preferences", you agree to our use of thecategories of cookies and plug-ins that you have selected in the pop-up window,as described in this Cookie Policy. You can disable the use of cookies via yourbrowser, but please note that our website may no longer function properly.
Functional
Technical storage or access is strictlynecessary to enable the use of a specific service explicitly requested by thesubscriber or user, or for the sole purpose of carrying out a communicationover an electronic communications network.
Statistics
Technical storage or access used forstatistical purposes.
Marketing
Technical storage or access is necessary tocreate user profiles, send advertising or track the user on a website or acrossseveral websites for marketing purposes.
7. Your rights regarding personal data
You have the following rights regarding yourpersonal data:
You have the right to know why your personaldata is needed, what will happen to it and how long it will be stored.
Right of access: You have the right to accessyour personal data that we know about you.
Right of rectification: You have the right tosupplement, correct, erase or block your personal data at any time.
If you have given us your consent to processyour data, you have the right to withdraw this consent and have your personaldata erased.
Right to data portability: You have the rightto request all your personal data from the controller and to transfer it in itsentirety to another controller.
Right to object: You can object to theprocessing of your data. We comply with this unless there are compellinggrounds for the processing.
To exercise these rights, please contact us.Please see the contact details at the bottom of this Cookie Policy. If you havea complaint about how we process your data, we would like to hear from you, butyou also have the right to lodge a complaint with the supervisory authority(Data Protection Authority).
8. Enabling/disabling and deleting cookies
You can use your internet browser toautomatically or manually delete cookies. You can also specify that certaincookies may not be placed. Alternatively, you can change your internet browsersettings so that you receive a message each time a cookie is placed. For moreinformation about these options, please refer to the instructions in the Helpsection of your browser.
Please note that our website may not functionproperly if all cookies are disabled. If you delete the cookies in yourbrowser, they will be placed again after your consent when you visit ourwebsites again.
9. Contact details
For questions and/or comments regarding ourCookie Policy and this statement, please contact us using the following contactdetails:
J Point
Bulgaria, Sofia, ul. Ivan M. Yonchev 14
Tel: 02/9521006
Email: office@j-point.net