USER PRIVACY NOTICE
This Site is owned by “Dilon” Ltd, UIC 203244428
phone number: +359 886 537 710
- There is concluded contract between you and us with the purpose to execute our contractual obligations;
- We received explicit consent from you – the purpose is being specified for each case;
- There is legal obligation for us to process the personal data;
- The legitimate interest of the Controller
We process personal data to execute our contractual and precontractual obligations.
- The purpose of the processing is as follows:
– To Identify the data subject
– To provide our services and products
– Prepare offers
– Send you invoices/ bills for the services you are using
– To provide you full support
– To receive payments from you
– To maintain correspondence with you
Category of data subjects
On this legal basis we processe data of our clients. A client is any individual or representative of a company who has a contractual or pre-contractual relationship with us and wishes to use the provided Services.
We provide seller and operator of the e-shop pamaura.com
On this ground, we process information regarding the type and content of the contract as well as any other information related to the contracted, including:
– client service communication;
– phone number.
In order to execute our contractual obligations, we need the above informаtion or the execution would be impossible without it. Such personal data shall be marked in a specific way with a “*” or another sign. All other personal data is collected voluntarily.
Transfer of personal data to third parties
We transfer data to third parties with the purpose to improve the quality of our services and offer you full support. We only transfer personal data to third parties, who have proved to us they have applied or required organizational and technical security measures. In this case, we are responsible for the privacy and security of your data.
We transfer personal data to the following categories of third parties
– postal and shipment service providers;
– consulting service providers, such as lawyers, accountants, tax advisors and others.
We delete personal data processed on this ground after 5 years after the contract has expired regardless of the reason for the expiration. We chose this time period, because this is the expiration period for the claims from a contract.
We delete personal data collected during pre contractual relations after 12 months.
We do not use automated algorithms for processing personal data.
- Sometimes there is a legal obligation for us to process personal data. In these cases we are obliged to process personal data. Such cases are:
– Obligations under Measures against money laundry act (MAMLA);
– Obligations under Consumer protection act (CPA)
– Obligations to provide personal data to Consumer protection commission and third parties under CPA;
– Obligations to provide personal data information to Personal data protection commission
– Obligations under Accounting act and Tax-Insurance Procedure Code (TIPC)
– Obligations to provide information to the court or third parties under the applicable procedure laws;
– Obligation to certify the age of the data subject
- Data deletion
Personal data processed on this ground is being deleted after the obligation has been fulfilled or has expired.
For example under the Accounting act we must store the personal data 11 years.
Transfer of personal data to third parties
In case of legal obligation for us we could transfer personal data to third parties such as public authorities.
We collect and analyze data on the grounds of our legitimate interest. This data is collected in order to improve our services and client support. On this ground, we collect information regarding the behaviour of our customers and analyze this data. Such data could be: an anonymized IP address that shows only a general location, behaviour on the website of the organization; non-anonymized IP address, Facebook profile data, location
In case the collected data goes beyond our legitimate interest we would ask for your explicit consent.
Your data could be anonymized. Anonymisation is an alternative to data deletion. When the data is anonymized you could no longer be identified.
We process personal data on this ground only after your explicit consent. The consent is given in compliance with Art. 7 from Regulation 679/ 2016 (GDPR).
We do not foresee any negative consequences for you in case you decide not to share your personal data.
The consent is a separate ground for the processing of personal data and the purpose of the processing is specified for each case.
- Processed data
On this ground we process only the data for which we have received your explicit consent. However, in most cases this data includes:
Transfer to third parties
On this ground we could transfer personal data to third parties, specified with the consent.
Withdrawal of the consent
The consent could be withdrawn at any time. The withdrawal does not in any way affect any contracts or other relations between you and us. The withdrawal does not affect the processing before the withdrawal was given.
To withdraw your consent you just have to use our website or write us an email.
We delete the data processed on this ground after receiving demand from you or 18 months from the initial processing.
In case you sign up to receive emails from us, you will receive messages with up-to-date information about our services, the services of our partners or other useful information. You can unsubscribe from the email newsletter by clicking the button in the email labeled “unsubscribe” or other similar text. You can also unsubscribe using our contact information provided in this Policy.
We process data for statistical purposes, which includes analyses in which the results are just general and thus the data is anonymous. It is impossible to identify a person from this data.
Your data could also be anonymized, which is an alternative of the data deletion. In this case all personal data elements, which allow the identification of a person will be permanently deleted. The anonymized data is not a personal data.
To ensure the protection of personal data of the company and the clients we apply all required organizational and technical measures under Data protection act and GDPR, as well as the best international practices.
We have adopted Rules for data processing in the company. To ensure maximum security we could apply additional protection measures such as pseudonymisation, encrypting and other.