PRIVACY POLICY

This Personal Data Protection Policy is an integral part of the General Terms and Conditions of CET AHR Ltd. and covers issues related to personal data, incl. what information we collect as a data controller, how we use it and what rights users have

PRIVACY POLICY

This Privacy Policy is an integral part of the General Terms and Conditions of CET AHR Ltd. and covers issues related to personal data, including what information we collect as a personal data controller, how we use it and what rights users have in this regard.

“SET ACH AR” Ltd, UIC 207079657 with address. No. No. 44 Stoyno Baciiski has the capacity of a personal data controller, pursuant to Regulation (EU) 2016/679 (hereinafter referred to as “Regulation“).

Information about the official:

Names: Pavlina Ivanova

Email: dataprotection@set-hr.com

Phone: +359 887 835 211

“SET ACH AR Ltd. treats as personal data any information that identifies a specific natural person or that relates to a natural person through which the same can be identified. Processing of personal data is an act or set of acts which may be performed upon personal data, whether or not by automatic means.

  • How do we collect information about you?
  1. We collect personal data for the purposes of our services. When you register on our website, by phone, email or use one of our forms, you voluntarily provide us with certain information which we process and store. This information includes: three names, e-mail address, telephone number; date of birth; nationality; work permit (if applicable), details of education and qualifications, employment history, language skills, references, gender, pins, comments and any other information you provide. You may choose to share location data or photos with us. We may choose to reduce the amount of data that we store and process according to the purposes of the processing.

2. We receive information about personal data through public information platforms for job seekers (e.g.: jobs.bg, zaplata.bg, rabota.bg, etc.), social networking channels (e.g. Facebook and LinkedIn, etc.).

3. In the case of contractual relationships, for the purpose of contract performance, we necessarily obtain the following personal data: three names, e-mail address, telephone number; date of birth; nationality; work permit (if applicable), details of education and qualifications, employment history, language skills, references, gender, pins, comments and any other information you provide.

4. When you link your profile to your Facebook or Google account or other third-party services, we also receive the information from these profiles (e.g. friends or contacts). The information we receive from these services depends on settings and privacy statements, so each person should check what these are.

5. Also, we receive technical information when you use our site. Every time you use the website, mobile app or other internet service, the system creates and saves certain information automatically. Here are some of the categories of information we collect:

a/ Data in log files. When you use the Site, our servers record information (“log data” or “log data”), including information that your browser automatically sends when you visit a website or your mobile app automatically sends when you use it. This log data includes your Internet Protocol address, the address and activity of the websites you visit, searches, browser type and settings, date and time of your request, how you used the site, cookie data and device data. If you would like more details about the information we collect – contact us via the contact form.

b/ Cookie data. We also use cookies (small text files sent from your computer each time you visit our website) or similar data capture technologies. When we use cookies or similar technologies, we use session cookies (which last until you close your browser) or persistent cookies (which last until you or your browser delete them). For example, we use cookies to store your language preferences or other settings so you don’t have to set them every time you visit the site. Some of the cookies we use are linked to your account (including information about you, such as the email address you have given us) and other cookies are not. For more detailed information on how we use cookies, please review our cookie policy.

c/ Device information. In addition to log data, we collect information about the device you use our website on, including device type, operating system, settings, unique device identifiers, and crash data to help us understand when something is broken. Whether we collect some or all of the information often depends on the type of device you are using and its settings. For example, there are different types of information depending on whether you use a Mac or a PC or an iPhone or an Android phone. To learn more about what aqua information makes your device available to us, please also check the device manufacturer’s or software provider’s policies.

What do we do with the information we collect? Purposes and duration of processing.

  • Objectives

“CET AR Ltd. processes and stores the personal data mentioned above solely for the purpose of fulfilling its contractual obligations and, more precisely, processing the requests of its users, as well as for the following purposes:

a/ On the basis of Article 6(1)(b) of the Regulation – for pre-contractual relations;

b/ On the basis of Article 6(1)(b) of the Regulation – for the performance of contractual obligations already incurred.

c/ On the basis of Art. 1(a) and Article 7 of the Regulation – for non-personalised advertising;

d/ On the basis of Art. 1(a) and Article 7 of the Regulation – for personalised advertising;

1(a) and Article 7 of the Regulation – to carry out a personalised assessment of information;

f/ On the basis of Art. 1(f) – for marketing purposes.

g/ On the basis of Art. 1, letter “f” of the Regulation – CET EACH AR Ltd. is a company registered with the Employment Agency for carrying out intermediary activities in Bulgaria and abroad and as a licensed intermediary offers intermediary services within the meaning of Article 26 of the Employment Promotion Act.

  • Deadline

The data is stored and processed by us and we destroy it according to a certain procedure within the statutory time limits, if there is no such time limit, as long as we need it to provide our services. In the event that the person makes the relevant request, the information shall be destroyed immediately.

Rights you may exercise in relation to your personal data.

All rights shall be exercised, and relevant requests and notifications regarding the rights of data subjects shall be submitted, by e-mail to dataprotection@set-hr.com or by post to the management address indicated above. Requests shall be made in such a way as to identify the applicant. For some rights, technical options for exercising them may be applicable, for example an unsubscribe button. In any case, the administrator shall respond to the request or make a decision regarding the declared right on the provided e-mail, within one month of its receipt.

Under the General Data Protection Regulation, the data subject has the right to:

  • Awareness (in relation to the controller’s processing of his or her personal data); Where there is a risk of a breach of the security of your personal data, the controller must inform you of the nature of the breach and what measures have been taken to remedy it, and whether the supervisory authority has been notified of the breach.
  • Access to your own personal data and the right to withdraw consent to processing. As a data subject, you have the right to request confirmation of whether your personal data is being processed and, if so, to obtain access to your data and the following information: for what purpose the data is being processed, what personal data, the recipients of the data, the duration of the processing. Requests for access must be made in writing/electronically and addressed to the administrator. You also have the right to withdraw your consent to the processing of your personal data at any time.
  • Correction. As a data subject, you have the right to request correction of your personal data that is inaccurate/outdated. You must submit a separate request for this purpose. Your request will be responded to by the administrator as follows – in writing, to the e-mail address provided.
  • Erasure of personal data (right “to be forgotten”). As a data subject, you have the right to “be forgotten”, i.e. to request that your personal data be erased without undue delay i.e. that the controller erases your personal data from all systems and records where it is stored, including notifying any third parties/processors to whom it has provided the data. A request for erasure may be made on the grounds set out in the Regulation, including where one of the following grounds applies: where the personal data are no longer necessary for the purposes for which they were collected; where you have withdrawn your consent; where you have objected to processing where the processing is unlawful; where the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject; where the personal data were collected in connection with an offer of The controller may refuse to erase personal data on the grounds set out in the Regulation – where the processing of the personal data is for the purposes of: the exercise of the right to freedom of expression and information; the performance of a legal obligation or a task carried out in the public interest or in the exercise of official authority; public health purposes; archiving for public interest purposes, scientific historical research or statistical purposes; or the establishment, exercise or defence of legal claims.
  • Restriction of processing by the controller or processor. As a data subject, you have the right to request the controller of your personal data to restrict the processing of your personal data. Restriction is allowed in the following cases: – where you consider that your personal data are not accurate, in which case the restriction is for a period necessary for the controller to verify the accuracy; – where the processing of your personal data is unlawful, but you do not want them to be deleted, but only want their use to be restricted; – where the controller no longer needs your personal data for the purposes of processing, but you, as the data subject, require them for the establishment, exercise or defence of legal claims; – where you are opposed to the processing of your personal data by the controller; – where you are opposed to the use of your personal data by the controller. For this purpose, in the presence of any of the above conditions, you should submit a request.
  • Portability of personal data, including between individual administrators. The data subject shall have the right to data portability – to receive the personal data concerning him or her which he or she has provided to a controller in a structured, commonly used and machine-readable format and shall have the right to transfer those data to another controller without hindrance from the controller to whom the personal data have been provided, where the processing is based on consent or a contractual obligation and the processing is carried out by automated means. When exercising his or her right to data portability, the data subject shall also have the right to obtain a direct transfer of personal data from one controller to another, where technically feasible.
  • Objection to processing of his personal data. As a data subject, you have the right to object to the processing of your personal data at any time, including for direct marketing purposes. The administrator should give reasons as to whether he accepts the objection or not. why it continues to process the personal data if it rejects the objection.
  • The data subject shall have the right and not to be the subject of a decision based solely on automated processinginvolving profiling which produces legal effects concerning the data subject or similarly significantly affects the data subject. The data subject shall have the right to challenge the automated decision at any time.

Right to protection in a judicial or administrative procedure, in case the data subject’s rights have been violated. As a personal data subject, you have the right to complain against the processing of your personal data or non-compliance with your rights in relation to the protection of personal data to the competent supervisory authority – the Commission for Personal Data Protection, address. Your personal data protection authority, the Data Protection Authority, responsible for your personal data protection. “1595, Proff. Tsvetan Lazarov” № 2 (www.cpdp.bg). A person who has suffered material or non-material damage as a result of a breach of this Regulation shall also be entitled to obtain compensation from the controller or processor for the damage suffered.

Security

We have taken numerous technical, legal and organisational measures to protect the privacy of each individual. In order to avoid unauthorized access, we implement encryption procedures in some areas. Also, we use SSL protocols to prevent the possibility of misuse of the data by third parties. We do not share data with third parties, except when we need to make a delivery of ordered goods.

We may use the services of third parties who act as processors for the above processing purposes. These persons process personal data on our behalf and are obliged to comply with the applicable data protection regulations. These individuals are carefully selected by us and only have access to data that is necessary for them to provide the services they are engaged to provide and within the scope of their consent to us. In the event that these entities are outside the EU and do not meet the necessary requirements of the GDPR, based on its statutory status, we will ensure the protection of personal data through contractual or other legal instruments. It is also possible that personal data may be provided to state or municipal authorities that exercise different types of control within the law.

Advertisement

By confirming the account registration request, the user gives his explicit consent to the processing and transfer of his personal data for one or more of the following purposes:

a/ Incorporating consumer evaluation and opinion into marketing research using electronic methods .

b/ Receive electronic messages about products, services and other advertising messages on all owned devices.

c/ Receive personalized advertising that is tailored to the user’s preferences. The personalization is done based on the evaluation of the user behavior data;

d/ Receive personalised commercial offers tailored to the user’s behaviour and relevant to their preferences by email, post or otherwise. To this end, data on the user’s consumption based on their purchasing behaviour, their participation in promotional campaigns, and their use of the site can be the subject of analysis and forecasting of the user’s interests.

e/ Receiving non-personalised advertising. Users will also receive information about current products, services, initiatives and other promotional messages.

Declaration

In the process of processing personal data, CET AHR Ltd. complies with the principles of European and national legislation related to the protection of personal data of individuals. By implementing a package of organisational, technical and legal measures, we aim to ensure a high level of security of personal data, protecting against unauthorised processing, destruction or damage.



lite in this regard.

“SET ACH AR” Ltd, UIC 207079657 with address. No. No. 44 Stoyno Baciiski has the capacity of a personal data controller, pursuant to Regulation (EU) 2016/679 (hereinafter referred to as “Regulation“).

Information about the official:

Name: Pavlina Ivanova

Email: dataprotection@set-hr.com

Phone: +359 887 835 211

“SET EACH AR Ltd. treats as personal data any information that identifies a specific natural person or that relates to a natural person, through which the same can be Id. The processing of personal data is an act or set of acts which may be performed upon personal data by automatic or other means.

  • How do we collect information about you?
  1. We collect personal data after the explicit consent of the person to whom it relates. When you register on our website or use one of our forms, you voluntarily provide us with certain information, which we process and store. This information includes: first name, last name, email address, phone number, birth date, pins, comments and any other information you provide to us. You may choose to share location data or photos with us. We may choose to reduce the amount of data that we store and process according to the purposes of the processing.

In the case of contractual relationships, we necessarily receive the following personal data in order to perform the contract: first name, last name, email, address, telephone number and gender.

  1. When you link your profile to your Facebook or Google account or other third-party services, we also receive the information from these profiles (e.g. friends or contacts). The information we receive from these services depends on settings and privacy statements, so each person should check what these are.
  1. Also, we receive technical information when you use our site. Every time you use the website, mobile app or other internet service, the system creates and saves certain information automatically. Here are some of the categories of information we collect:

a/ Data in log files. When you use the Site, our servers record information (“log data” or “log data”), including information that your browser automatically sends when you visit a website or your mobile app automatically sends when you use it. This log data includes your Internet Protocol address, the address and activity of the websites you visit, searches, browser type and settings, date and time of your request, how you used the site, cookie data and device data. If you would like more details about the information we collect – contact us via the contact form.

b/ Cookie data. We also use cookies (small text files sent from your computer each time you visit our website) or similar data capture technologies. When we use cookies or similar technologies, we use session cookies (which last until you close your browser) or persistent cookies (which last until you or your browser delete them). For example, we use cookies to store your language preferences or other settings so you don’t have to set them every time you visit the site. Some of the cookies we use are linked to your account (including information about you, such as the email address you have given us) and other cookies are not. For more detailed information on how we use cookies, please review our cookie policy.

c/ Device information. In addition to log data, we collect information about the device you use our website on, including device type, operating system, settings, unique device identifiers, and crash data to help us understand when something is broken. Whether we collect some or all of the information often depends on the type of device you are using and its settings. For example, there are different types of information depending on whether you use a Mac or a PC or an iPhone or an Android phone. To learn more about what aqua information makes your device available to us, please also check the device manufacturer’s or software provider’s policies.

What do we do with the information we collect? Purposes and duration of processing.

  • Objectives

“CET AR Ltd. processes and stores the personal data mentioned above solely for the purpose of fulfilling its contractual obligations and, more precisely, processing the requests of its users, as well as for the following purposes:

a/ On the basis of Article 6(1)(b) of the Regulation – for pre-contractual relations;

b/ On the basis of Article 6(1)(b) of the Regulation – for the performance of contractual obligations already incurred.

c/ On the basis of Art. 1(a) and Article 7 of the Regulation – for non-personalised advertising;

d/ On the basis of Art. 1(a) and Article 7 of the Regulation – for personalised advertising;

1(a) and Article 7 of the Regulation – to carry out a personalised assessment of information;

f/ On the basis of Art. 1(f) – for marketing purposes.

g/ On the basis of Art. 1(f) of the Regulation – for retargeting in connection with marketing, remarketing or optimisation purposes;

  • Deadline

The data is stored and processed as long as the user’s account is active and 1 year after deactivation or deletion, and as long as there is a need for it to provide our services. In the event that the person makes the relevant request, the information shall be destroyed immediately.

Rights you may exercise in relation to your personal data.

All rights shall be exercised, and relevant requests and notifications regarding the rights of data subjects shall be submitted, by e-mail to dataprotection@set-hr.com or by post to the management address indicated above. Requests shall be made in such a way as to identify the applicant. For some rights, technical options for exercising them may be applicable, for example an unsubscribe button. In any case, the administrator shall respond to the request or make a decision regarding the declared right on the provided e-mail, within one month of its receipt.

Under the General Data Protection Regulation, the data subject has the right to:

  • Awareness (in relation to the controller’s processing of his or her personal data); Where there is a risk of a breach of the security of your personal data, the controller must inform you of the nature of the breach and what measures have been taken to remedy it, and whether the supervisory authority has been notified of the breach.
  • Access to your own personal data and the right to withdraw consent to processing. As a data subject, you have the right to request confirmation of whether your personal data is being processed and, if so, to obtain access to your data and the following information: for what purpose the data is being processed, what personal data, the recipients of the data, the duration of the processing. Requests for access must be made in writing/electronically and addressed to the administrator. You also have the right to withdraw your consent to the processing of your personal data at any time.
  • Correction. As a data subject, you have the right to request correction of your personal data that is inaccurate/outdated. You must submit a separate request for this purpose. Your request will be responded to by the administrator as follows – in writing, to the e-mail address provided.
  • Erasure of personal data (right to be forgotten). As a data subject, you have the right to “be forgotten”, i.e. to have your personal data erased without undue delay.delay, i.e. that the controller erases your personal data from all systems and records where it is stored, including notifying any third parties/processors to whom it has provided the data. A request for erasure may be made on the grounds set out in the Regulation, including where one of the following grounds applies: where the personal data are no longer necessary for the purposes for which they were collected; where you have withdrawn your consent; where you have objected to processing where the processing is unlawful; where the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject; where the personal data were collected in connection with an offer of The controller may refuse to erase personal data on the grounds set out in the Regulation – where the processing of the personal data is for the purposes of: the exercise of the right to freedom of expression and information; the performance of a legal obligation or a task carried out in the public interest or in the exercise of official authority; public health purposes; archiving for public interest purposes, scientific historical research or statistical purposes; or the establishment, exercise or defence of legal claims.
  • Restriction of processing by the controller or processor. As a data subject, you have the right to request the controller of your personal data to restrict the processing of your personal data. Restriction is allowed in the following cases: – where you consider that your personal data are not accurate, in which case the restriction is for a period necessary for the controller to verify the accuracy; – where the processing of your personal data is unlawful, but you do not want them to be deleted, but only want their use to be restricted; – where the controller no longer needs your personal data for the purposes of the processing, but you, as the data subject, require them for the establishment, exercise or defence of legal claims; – where you have objected to the processing of your personal data; – where you have objected to the use of your personal data for the purposes of the processing of your personal data. For this purpose, in the presence of any of the above conditions, you should submit a request.
  • Portability of personal data, including between controllers. The data subject shall have the right to data portability – to receive the personal data concerning him or her which he or she has provided to a controller in a structured, commonly used and machine-readable format and shall have the right to transfer those data to another controller without hindrance from the controller to whom the personal data have been provided, where the processing is based on consent or a contractual obligation and the processing is carried out by automated means. When exercising his or her right to data portability, the data subject shall also have the right to obtain a direct transfer of personal data from one controller to another, where technically feasible.
  • Objection to processing of his personal data. As a data subject, you have the right to object to the processing of your personal data at any time, including for direct marketing purposes. The administrator should give reasons as to whether he accepts the objection or not. why it continues to process the personal data if it rejects the objection.
  • The data subject shall have the right and not to be the subject of a decision based solely on automated processinginvolving profiling which produces legal effects concerning the data subject or similarly significantly affects the data subject. The data subject shall have the right to challenge the automated decision at any time.

Right to protection in a judicial or administrative procedure, in case the data subject’s rights have been violated. As a data subject, you have the right to lodge a complaint against the processing of your personal data or non-compliance with your rights in relation to the protection of personal data with the competent supervisory authority – the Commission for Personal Data Protection, address. Your personal data protection authority, the Data Protection Authority, responsible for your personal data protection. “1595, Proff. Tsvetan Lazarov” № 2 (www.cpdp.bg). A person who has suffered material or non-material damage as a result of a breach of this Regulation shall also be entitled to obtain compensation from the controller or processor for the damage suffered.

Security

We have taken numerous technical, legal and organisational measures to protect the privacy of each individual. In order to avoid unauthorized access, we implement encryption procedures in some areas. Also, we use SSL protocols to prevent the possibility of misuse of the data by third parties. We do not share data with third parties, except when we need to make a delivery of ordered goods.

We may use the services of third parties who act as processors for the above processing purposes. These persons process personal data on our behalf and are obliged to comply with the applicable data protection regulations. These individuals are carefully selected by us and only have access to data that is necessary for them to provide the services they are engaged to provide and within the scope of their consent to us. In the event that these entities are outside the EU and do not meet the necessary requirements of the GDPR, based on its statutory status, we will ensure the protection of personal data through contractual or other legal instruments. It is also possible that personal data may be provided to state or municipal authorities that exercise different types of control within the law.

Advertisement

By confirming the account registration request, the user gives his explicit consent to the processing and transfer of his personal data for one or more of the following purposes:

a/ Incorporating consumer evaluation and opinion into marketing research using electronic methods .

b/ Receive electronic messages about products, services and other advertising messages on all owned devices.

c/ Receive personalized advertising that is tailored to the user’s preferences. The personalization is done based on the evaluation of the user behavior data;

d/ Receive personalised commercial offers tailored to the user’s behaviour and relevant to their preferences by email, post or otherwise. To this end, data on the user’s consumption based on their purchasing behaviour, their participation in promotional campaigns, and their use of the site can be the subject of analysis and forecasting of the user’s interests.

e/ Receiving non-personalised advertising. Users will also receive information about current products, services, initiatives and other promotional messages.

Declaration

In the process of processing personal data, CET AHR Ltd. complies with the principles of European and national legislation related to the protection of personal data of individuals. By implementing a package of organisational, technical and legal measures, we aim to ensure a high level of security of personal data, protecting against unauthorised processing, destruction or damage.



//set-hr.com/wp-content/uploads/2022/10/Transparent-Logo.png

SET HR has an individual approach to its clients. We contribute to the success of the business and the professional development of the candidates.

Newsletter

Enter your email address here and we will send you our latest offers matching your professional profile.



I have read and agree to the Privacy Policy.

Нашият уебсайт използва „бисквитки“, които гарантират възможно най-оптимална работа със сайта. View more
Разбрах