Data Privacy and Cookies Policy
Introduction
Your privacy is important to us. This Data Privacy and Cookies Policy (”Policy”) aims to explain how we collect, store, use and disclose your personal information whenever you use our website (transfer.softgroup.eu), our products and services, or interact with us for different purposes. This Policy describes the type of information we may collect from you or that you may provide us and our practices for collecting, using, maintaining, protecting and disclosing that information. We at SoftGroup respect your privacy and are committed to protecting it through our compliance with this Policy. We are processing your personal information on the basis of the essential principles of transparency and fairness, legitimacy, minimization and privacy. Please read this Policy carefully to understand our policies and practices regarding your personal information and how we will treat it. If you do not agree with them, your choice is not to use our website, our products and services, or interact with us.
Who we are
The data controller (“we” or “us”) is SoftGroup AD, a company registered in the Bulgarian Commercial Registry with the Registration Agency of the Republic of Bulgaria under identification No. 204547054, having its seat and address of management at 49, Bulgaria Blvd., 8th floor, Sofia, Bulgaria (“SoftGroup”). What Data we Collect and How Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as: “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”. SoftGroup collects limited scope of your personal data:
- identification and contact information, such as your names, telephone/mobile number, email address, job position and organization, IP Address, as necessary for the specific purpose;
- your voice recording when you call our technical support team;
- your voice and/or image if you participate in our events, if recorded.
We collect your personal data either directly from you (e.g., when you purchase a service or online application, make an inquiry, subscribe for an event or our newsletter)), or passively (e.g., when using tracking tools like browser cookies). We may also collect information about you indirectly from third parties (e.g., our business partners or social media platforms). “Usage Information” or “Usage Data” is information about an individual’s online activity that, by itself, does not identify the individual, such as browser type, operating system, top viewed and visited pages and links on our website, top entry and exit points, number of form completions, time spent on pages, top downloads, top keywords used offsite to lead customers to our website, information collected via cookies, and other device event information such as system activity, crashes, and hardware settings. We automatically collect Usage Data when you interact with our website. Whenever you use the website or the services, we use the location information from your mobile device or browser to tailor the services and website experience to your location. Generally, we do not consider Usage Data as personal data because Usage Data by itself usually does not identify an individual. Personal data and Usage Data may be linked together. Different types of Usage Information also may be linked together and once linked, may identify an individual, whereby the principles for personal data processing will apply.
How Your Information is Used and on What Legal Ground
Information on the purposes for which we use your personal information, the legal grounds therefore, and the relevant retention periods is presented below.
Operation of our Website
As you navigate through and interact with our website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, such as: details of your visits to our website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the website; information about your computer and internet connection, including your IP address, operating system, and browser type. We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). (for more information, please refer to the section Cookies Policy of this Policy). Your personal information processing for the operation of our website is based on Art. 6, section 1, item ‘f’ of the GDPR, whereby our underlying legitimate interest is to operate, improve and personalize the website and services, including to better understand how users access and use the website and services; deliver customer service and respond to user preferences, including language and location customization; provide personalized help and instructions; customize our marketing; detect, prevent and mitigate fraudulent or illegal activities.
Personal Information Processed for Contacting You
You have the option of contacting us by way of a contact form on our website, by email or by telephone, or by our chatbot. If you do so, the information you enter in the contact form, your email address and/or your telephone number are disclosed to and processed by us. The legal basis for processing your contact details ensues from Art. 6, section 1, item ‘f’ of the GDPR, whereby we have legitimate interests in processing your request and in continued communication. If you have contacted us is to establish a business relationship with SoftGroup, the legal basis for processing your contact details follows from per Art. 6, section 1, item ‘b’ of the GDPR (for more details please refer to Section Personal Data Processed Within a Business Relationship of this Policy). We will retain your contact details until processing your request and further communication has been discontinued. This does apply if you have contacted us to establish and enter into a business relationship or to exercise your right as a data subject. In this case the personal information will be further processed on a new legal ground and deleted as soon as the processing purpose is fulfilled, and the legal retention periods are expired.
Personal Information Processed for Marketing Purposes
We may use your information to contact you by post, email, or other means with information or SoftGroup’s content about our business, services and events, special offers and other information which we think you will find valuable, or to send you marketing communications or newsletters relating to our business. It is in our legitimate business interests (as per Art. 6, section 1, item ‘f’ of the GDPR) to provide you with these communications which we have determined are relevant to your interests. Our website offers free of charge possibility to subscribe to newsletters and to download or access certain content on current topics from our business areas. To subscribe to a newsletter, you need to register with your names and email. Access to certain content of the website may require you to fill in a registration form by providing personal information such as names, email and telephone, job position and organization. In any event, when registering, your consent will be obtained and saved using an opt-in option and your data will be stored in our customer database. When subscribing for newsletters or accessing our webpage content, we may analyse your client profile and preferences, and perform multichannel marketing campaigns via automated tools, contact you via email, or send you brochures or other advertising or promotional materials. Your personal information is stored during the subscription of the newsletter. If you withdraw your consent, your data will no longer be used for this processing purpose. We collect and process your personal information when you register for events organized by us. We use this information for the purposes of your participation in the event and follow-up with event materials, statistics of the visitors and subsequent advertising. In this situation, the processing is based on Art. 6, section 1, item ‘f’ of the GDPR, whereby customer care and customer acquisition are our underlying legitimate interests. We point that some of our events may be recorded with images and sound and be circulated to the participants, published or made accessible on our webpage after registration, or made available in our social media channels. In addition to the photo and video recordings, metadata such as the location and time of the recording are automatically stored in the digital cameras. The legal ground for the preparation and storage of photo and video recordings is Art. 6, section 1, item ‘f’ of the GDPR where our legitimate interest is keeping track of and promoting the event. If you do not agree with the above processing of your personal information, you may choose not to register for the event. The data collected at an event can also be processed for advertising purposes. This processing is based on our legitimate interest (as per Art. 6, section 1, item ‘f’ of the GDPR) for starting a possible business relationship with the event participants. If upon registration for the event, you have given your consent for using your telephone and/or e-mail for advertising contacts, then Art. 6, section 1, item ‘a’ of the GDPR will apply. Unless there is a legally prescribed retention period, we will delete your information processed for marketing purposes when it is no longer needed for its intended purpose. If the information is required for other legally permitted purposes, it will not be deleted but its processing for marketing reasons will be restricted.
Personal Data Processed Within a Business Relationship
Within conducting a business relationship, we use personal data for the purposes of:
- pursuing, establishing and conducting a business relationship with customers, partners or interested parties;
- performing our contractual obligations with customers, partners or interested parties;
- handling and billing business transactions;
- advertising and marketing activities;
- product support and maintenance and error diagnostics and elimination;
- transmission of data to third parties or service providers within the framework of managing our business processes,
whereby Art. 6, section 1, item ‘b’ of the GDPR serves our company as the underlying legal basis for this. Within a business relationship, we may process your data also pursuant to as per Art. 6, section 1, item ‘F of the GDPR, whereby our legitimate interest is to promote our sales and conduct our business to the satisfaction of our customers and interested parties or based on your explicit consent (as per Art. 6, section 1, item ‘a’ of the GDPR). We will delete your personal information processed within a business relationship when it is no longer required for its intended purpose or your consent is withdrawn unless keeping the information is required by legal retention requirements.
Processing of Personal Data by the Technical Support Department
SoftGroup processes the personal data that you provide us upon your contact and communication with our Technical Support Department either by telephone, email or our ticketing system. Such data include your name, telephone, email and eventually position within your organization. If you have contacted our Technical Support Department by telephone, there would be a voice recording of your call, of which you will be prewarned. Your personal data is processed based on our legitimate interests (as per Art. 6, section 1, item ‘f’ of the GDPR) for the purposes of improving our client’s servicing and satisfaction and provision of technical support for our products for which you have contacted us. Your personal data in the form of voice recordings is stored for a period of up to 3 months of its submission and then is automatically deleted. The personal data provided by email or our ticketing system is kept for the duration of the contractual relationship between your organization and SoftGroup and for a period of 3 years after its termination.
Disclosure of Information
It is our aim to limit our sharing of your personal information that we collect, or you provide us as described in this Policy. However, we occasionally need to use partners or processors to provide you with the requested services and a better experience, for the purposes described above, or have another legitimate reason to disclose your personal information. We may disclose personal information:
- to contractors, service providers, and other third parties we use to support our business and to achieve the purposes for which the information is disclosed and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them;
- if necessary to fulfill the purpose for which you provide the information;
- with your consent, including to unaffiliated marketing partners;
- where needed to enforce our rights, protect our property, or protect the rights, property or safety of others, or as needed to support external auditing, compliance and corporate governance functions;
- in connection with a merger, sale, acquisition or other change of ownership or control by or of SoftGroup. When one of these events occurs, we will use reasonable efforts to notify you before your information is transferred or becomes subject to a different privacy policy;
- when required to do so by law, such as in response to a subpoena, regulation, binding order of a data protection authority, enforcement agency or courts; in the course of the legal or regulatory process.
Note that we may use and disclose personal information about you that is not personally identifiable, i.e. personal information in an aggregated form that no longer identifies you, without restriction.
Am I required to provide Personal Data?
As a general principle, your granting of any consent and your provision of any personal data hereunder is entirely voluntary; there are generally no detrimental effects on you if you choose not to consent or to provide personal data. However, there are circumstances in which we cannot take action without certain personal data, for example, because this personal data is required to process your inquiries, your orders or provide you with access to an offering, newsletter or event. In these cases, without the relevant personal information, unfortunately, it will not be possible for SoftGroup to provide you with what you requested.
Where We Store Your Personal Data
The data we collect from you will be transferred to and stored within the European Union. SoftGroup will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy. All information you provide to SoftGroup is stored on secure servers. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted through electronic communication channels; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
Personal Data Transfer to Third Countries
Occasionally, we might transfer personal data to recipients located outside the EEA into so-called third countries. If such transfer becomes necessary, we will ensure that either the data recipient provides an appropriate level of data protection (e.g. due to a decision of adequacy by the European Commission for the respective country or due to the agreement based on so-called EU model clauses with the recipient) or that you have consented to the transfer.
Automated Decision Making and Profiling
Your personal data is not subject to automated decision-making, including profiling.
What are Your Data Protection Rights
Subject to the applicable Bulgarian and European law, you have the following rights in relation to your personal data, processed by us:
- you may request access to the personal information we keep about you. If you make such a request, we will provide you with all the information on the purposes of the processing, categories of data processed, categories of recipients, data retention periods, your rights to rectify, delete or restrict the data accessed if applicable. Where possible, we will provide remote access to a secure system that would provide you with direct access to your personal data;
- you have a right to correct (rectify) the record of your personal data maintained by SoftGroup if it is inaccurate;
- you may ask SoftGroup to supplement or update your personal data;
- you may withdraw your consent for the processing of personal data at any time, without affecting the lawfulness of the processing prior to withdrawal;
- you may also request that SoftGroup cease using your data for direct marketing purposes;
- you can request a restriction in the data processing (i) for a period enabling us to verify the accuracy of your personal data in the event you contest the accuracy of your personal information; (ii) if the processing is unlawful and you wish to restrict your personal information rather than deleting it; (iii) if you wish SoftGroup to keep your personal information because you need it for your defense in the context of legal claims; or (iv) if you have objected to the processing but we need to check whether it has legitimate grounds for such processing which may override your own rights;
- you can request the deletion of your personal information if (i) your personal information is no longer necessary for the purpose of the data processing; (ii) you have withdrawn your consent for data processing based exclusively on such consent; (iii) you objected to the data processing; or (iv) the personal information must be erased to comply with a legal obligation applicable to SoftGroup. We will take reasonable steps to inform entities which might be involved in the data processing of such erasure;
- you have a right to lodge a complaint with the competent data protection authority if you have concerns about how SoftGroup processes your personal data;
- when technically feasible, SoftGroup will, at your request, provide your personal data to you or transmit it directly to another controller. You have the right to receive your personal information in a structured and standard format.
Upon your request for access to your personal data, SoftGroup will take all necessary action to provide you with the appropriate information about processing free of charge. If the request is unreasonable or excessive, especially due to its repeatability, SoftGroup may charge a reasonable fee by taking into account the administrative costs arising as a result of providing information or communication, or taking any other actions based on the request, and may justifiably refuse to take action.
Questions and Complaints
If you have any questions about this Policy, the processing of your personal information or you wish to exercise your privacy rights, please contact us by email: office@softgroup.eu. In the event of doubt that your data protection rights are infringed, you may lodge a complaint to the competent data protection authority of the Republic of Bulgaria – the Commission for Personal Data Protection (CPDP) (in Bulgarian „Комисия за защита на личните данни“, КЗЛД). The CPDP is responsible for the protection of personal data both in the public and private sectors. Contact with the CPDP: Address: Sofia 1592, 2 Prof. Tsvetan Lazarov blvd E-mail: kzld@cpdp.bg Website: www.cpdp.bg
Cookies Policy
Automatic Data Collection Technologies
Navigational data refers to information about your computer and your visits to the website such as your IP address, geographical location, browser type, referral source, length of visit and pages viewed. We use navigational data to operate and improve our website and to provide you with a better experience when you interact with SoftGroup. We may also use navigational data alone or in combination with personal data to provide you with personalized information about SoftGroup. Navigational data, such as IP address, is used to approximate your location. For example, we may use your approximate location to provide content that has been translated or send emails at certain times using your local time zone. You may disable the collection and use of your location data through the browser, operating system or device-level settings. Consent concerning location data may be withdrawn at any time. Cookies, as one of the automatic data collection technologies, can be controlled through browser settings. Be aware that setting the cookies controls to be too restrictive, or declining cookies, may affect your ability to use certain features of SoftGroup’s website. Please refer to your browser Help instructions to learn more about cookies and other technologies and how to manage their use. If you elect to refuse or delete cookies, you will need to repeat this process if you use another computer or change browsers. The information we collect automatically is statistical data and does not include personal information, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our website and to deliver a better and more personalized service by enabling us to:
- estimate our audience size and usage patterns;
- store information about your preferences, allowing us to customize our Website according to your individual interests;
- speed up your searches;
- recognize you when you return to our website.
The technologies we use for this automatic data collection may include:
- Cookies (or browser cookies): A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our website.
- Flash Cookies: Certain features of our website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our website. Flash cookies are not managed by the same browser settings as are used for browser cookies;
- Web Beacons: Pages of our Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity);
- Performance and functionality cookies: These cookies are used to enhance the performance and functionality of our website but are non-essential to its use. However, without these cookies, certain functionality may become unavailable;
- Analytics and customization cookies: These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website for you;
- Advertising cookies: These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests;
- Social networking cookies: These cookies are used to enable you to share pages and content that you find interesting on our website through third-party social networking and other websites. These cookies may also be used for advertising purposes too.
We do not collect personal information automatically, but we may tie this information to personal information about you that we collect from other sources, or you provide to us.
Change of this Data Privacy Policy
This Policy may change from time to time to reflect changes in the way we process your personal information. However, these changes will remain fully compliant with applicable law. We encourage you to periodically review this page for the latest information on our privacy practices. We will notify you of any substantial changes in this Policy as required by law.