ARTICLE 13 OF THE 2016/679 (EU) REGULATION (“GDPR”)
84 Al. Stamboliyski blvd., fl.6 1303 Sofia, Bulgaria
Теl: +359 882 591 009, mail: firstname.lastname@example.org (“Wyser”)
DATA PROTECTION OFFICER
Piazza IV Novembre 5, 20124 Milan for the attention of the “Data Protection Officer”
e-mail address: email@example.com
WHY ARE YOUR PERSONAL DATA PROCESSED AND
WHAT IS THE CONDITION THAT MAKES THE PROCESSING LAWFUL?
FOR HOW LONG DO WE KEEP YOUR PERSONAL DATA?
The processing of personal data is carried out to process requests for information on the services offered by Wyser or by the companies of the Group.
In particular, if the request for information concerns services offered by other Group companies, Wyser may find it by indicating the contact details or may forward it directly to the company concerned for the purpose of a suitable and timely reply by the same.
For the time necessary to process requests for information.
The legal basis applicable to the processing of personal data is the execution of the contract with the data subject or the execution of pre-contractual measures adopted at the request of the same, according to art. 6 paragraph (1) let. b) of GDPR.
Once the conservation periods indicated above have elapsed, the personal data will be destroyed, deleted or made anonymous, compatible with the technical deletion and back-up procedures.
MANDATORY PROVISION OF PERSONAL DATA
The provision of personal data highlighted with an asterisk in the data collection form is mandatory. Refusal to provide such personal data does not allow Wyser to process requests for information.
RECIPIENTS OF THE DATA
Personal data may only be processed by employees of the companies departments authorised to process such data, as they are responsible for pursuing the above-mentioned purposes. These employees have received adequate operating instructions in this respect.
The personal data may be communicated to the following subjects or categories of subject acting as sole Controller:
• Companies of the Group in Bulgaria or abroad, even outside the European Union, if the request for information refers to services offered by other companies of the Group.
Personal data may also be processed, on behalf of Wyser, by subjects appointed as Processors, who are given adequate operating instructions. These subjects are included in the following categories:
• companies that provide IT services;
• Site management and maintenance companies.
The list of data recipients is constantly updated and can be found easily and free of charge by sending a written communication to the Controller or an e-mail to firstname.lastname@example.org
TRANSFER OF THE DATA OUTSIDE THE EU
The data may be transferred abroad to countries that do not belong to the European Union, and in particular to
a. Argentina and Switzerland, where the level of protection of the data has been considered adequate by the European Commission according to article 45 of the GDPR
b. Brazil, China, Columbia, Hong Kong, India, Montenegro, Russia, Serbia and Turkey following the signing by Wyser with the importer of the data of the standard contractual clauses adopted/approved by the European Commission according to article 46, 2, letters c) and d) of the GDPR
The adequacy decisions can be consulted at the following links:
A copy of the standard contractual clauses signed by Wyser can be obtained by sending a written communication to the Controller or an e-mail to email@example.com
DATA SUBJECTS RIGHTS
You may ask the Controller for access to the personal data that refers to you, for it to be corrected or deleted, for the addition of incomplete personal data or for the use to be limited in the cases referred to in the GPDR, as well as to object to its processing in instances of legitimate interest of the Controller.
Furthermore, in cases where the processing is based on consent or on the contract and is carried out using automated tools, you have the right to data portability, in other words to receive the data in a structured, commonly-used and machine-readable format and, where technically feasible, to transmit those data to another controller without any hindrance.
At any time, you may submit a complaint to the Data Protection Authority, as well as pursue recourse to other means of protection provided for by the applicable laws.
These rights may be exercised by sending a communication in writing to the Controller at the address indicated above or by e-mail to firstname.lastname@example.org