ILTEX EOOD applies the EU legislation to the requirements of Regulation (EU) 2016/679 of 27.04.2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and to repeal Directive 95 / 46 / EC (General Regulation on Data Protection, GDPR), This policy is intended to regulate the relations between ILTEX EOOD, village of Slanchevo, PI 127005, UIC 103790433 – Personal data administrator, hereinafter referred to as the SERVICE PROVIDER , and the users, hereinafter referred to as the RECIPIENT.
The order submitted by the Recipient to the Supplier is accepted as a contract of sale.
I. Use of users’ personal data
The Recipient’s personal data is required for the purpose of a sales contract between the Supplier and the Recipient in order for the Supplier to correctly fulfill its contract by delivering products ordered by the Recipient. The personal data that the Provider collects are: name, surname, address and, where applicable, telephone and email. The recipient provides them voluntarily by signing the documents under item IV.
Provision of personal data to third parties The received personal data of the Recipient are provided only to a courier company, which is also a Personal Data Administrator, in order to satisfy an order placed with the Provider. The courier company, for its part, is obliged to undertake and observe rotation company policies for the processing of the Personal Data of the Person.
In the site www.iltex.bg, in the contacts section, contacts are provided for contact with the experts of ILTEX EOOD. Each Recipient has the right to use them, as the personal data provided by him / by phone call or e-mail / are processed for the purpose of satisfying his request.
II. Data security
Technical and organizational security measures have been taken to protect the Recipient’s data as comprehensively as possible. The site has an SSL Certificate.
III. Period of storage of personal data
The period for storage of the Recipient’s personal data is determined by the internal rules of the company. It is 5 years from the last order.
The R&D unit does not stop developing products that meet consumer demand. In this regard, the Provider reserves the right to send the Recipient information in the form of a mailing / newsletter, in order to get acquainted with new products, based on the purchasing behavior of the Recipient. The personal data used for advertising purposes are the name, surname and email of the Recipient. In case the Recipient does not wish to receive information from the Provider, he can request it by e-mail: email@example.com.
V. Rights of the Recipient
Right to information – at any time the Recipient has the right to request from the Provider information concerning the manner of storage of personal data;
Right of correction – the Recipient has the right to correct the information, which he has filled in in the application form of the Provider;
Right of deletion (To be forgotten) – The Recipient has the right to request the deletion of the personal data related to him, and the Provider has the obligation to delete them without undue delay, when any of the following reasons exist: – The data lines are no longer necessary for the purposes for which they were collected or processed; – The recipient withdraws his consent on which the data processing is based; – The personal data of the Recipient have been used illegally; or – the Recipient’s personal data is deleted in order to comply with a legal obligation under EU law, the law of a Member State or the law of another country;
Right to object – The recipient has the right at any time on grounds related to his specific situation to object to the processing of personal data concerning him. If the objection is justified, the Provider will terminate the processing of personal data regarding the objection, unless the Provider proves that there are no convincing legal grounds for the processing, which take precedence over the interests of the Recipient.
The Recipient, when a natural person, voluntarily provides his / her personal data by signing a Declaration of Consent for his / her personal data to be processed by the Provider by virtue of a Personal Data Administrator. The representatives of the legal entities shall sign a Notice regarding the processing of personal data, which contains such consent.
This policy was last updated in March 2021.