Notification, regarding personal data processing of Clients of DV Design architectural studio
The current notification contains information regarding collection, retention and processing of personal data of clients of DV Design architectural studio (hereinafter DV Design). Additionally, the notification contains information about your rights in relation to your personal data processing, as well as the legal order to lodge a complaint if you consider that your data is processed unduly.
This privacy notice has been developed by DV Design and contains information on:
Who bears responsibility for your data processing?
Responsibility for your personal data processing is borne by “DV Design” EOOD, UIC: 131522008, with seat and address of management at: Sofia 1000, “Sredets” district, No. 5 Slavyanska Str., floor 6, office 33-34, Republic of Bulgaria, web page: http://www.dv-design.biz.
In case you request more information, regarding your personal data processing or if you wish to exercise any of your rights as well as if you suspect that your data is used unduly, you may send us a letter to our mailing address or via e-mail at firstname.lastname@example.org.
Why do we collect your personal data?
DV Design processes your data:
1. to identify you or the represented by your Company as a client of DV Design and to communicate with you or with the represented by you Company regarding the conclusion and performance of the contracts for our services;
2. to meet the obligations arising for DV Design under the law with regards to collecting and processing data for its clients;
3. in the process of carrying video surveillance in the offices of DV Design for the protection of the Company’s employees and its property;
4. to protect the interests of the Company in the event of legal disputes with regards to non-fulfillment of the agreements for our services;
What kind of data do we collect?
DV Design processes the following categories of personal data: names and other data, that may identify you, including signature, contact details (email, address, telephone), bank account details; data that the DV Design is obliged to collect by law, data related to the protection of the rights and interests of the clients, including special categories of data, as well as image, insofar as the DV Design offices are provided with video surveillance, which shall be marked with the relevant information marks and signs.
What are the legal grounds on which we process your data?
In accordance with the GDPR DV Design processes your personal data only on valid legal grounds. Namely, DV Design processes your data on the following legal grounds:
What measures for the security of the collected data we apply?
The protection and security of your data is important to us. In order to prevent loss, misuse or unauthorized access to your data, we apply all reasonable measures and remedies, including the obligation for the confidentiality of all employees and contractors of DV Design, implementation of technical measures to protect computers and systems by which personal data are processed, the video surveillance is carried out in the premises where the personal data documents for the Clients are stored, as well as trainings for data protection amongst our employees. If you have any doubts about an infringement, please contact us immediately through the contact details mentioned above.
What are the periods for storing your personal data?
Personal data processed for the purposes of concluding and executing of contracts shall be stored for a period of 5 years (the limitation period according to the Bulgarian legislation) starting from the calendar year following the year of termination of the relevant agreement..Personal data related to accounting documents shall be stored for the following periods according to Art. 12, para 1 of the AA: for accounting registers and financial statements, including documents for tax control, audit and subsequent financial inspections - 10 years; for any other carriers of accounting information - 3 years. Video recordings of the cameras shall be stored for 30 days after which they shall be automatically deleted.
What rights do you have in relation to your data processing?
GDPR provides the following opportunities for the protection of individuals regarding the processing of their data:
How do we share your personal data with third parties?
We can disclose to third parties your personal as follows:
In any case, your data will not be shared with entities located outside the EEA (EU, Norway, Iceland and Liechtenstein) unless explicitly permitted by local law and adequate measures for data protection are in place.
How to contact the competent data supervising authority?
Notwithstanding the foregoing, in case of any complaints you have the right to contact the Commission for Personal Data Protection (CPDP):