Types of Data Collected
Among the Personal Data collected from this site, either autonomously or through third parties, are: name, surname, telephone number, address, province, email, zip code, city, Cookie and Usage Data.
Full details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the collection of data.
Personal Data may be freely provided by the User or, in the case of Usage Data, automatically collected during the use of this site.
Unless otherwise specified, all Data requested by this site are mandatory. If the User refuses to communicate them, it may be impossible for this site to provide the Service. In cases where this site indicates certain Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or its operation.
Users who may have doubts as to which Data is mandatory are encouraged to contact the Data Controller.
Any use of Cookies – or other tracking tools – by this site or the owners of third party services used by this site, unless otherwise specified, has the purpose of providing the Service requested by the User, in addition to the additional purposes described in this document and in the Cookie Policy, if available.
The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this site and guarantees that he/she has the right to communicate or disseminate them, releasing the Owner from any liability towards third parties.
Modality and place of treatment of collected Data
Treatment modalities
The Owner adopts appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The treatment is carried out through computer and/or telematic instruments, with organizational methods and logics strictly related to the indicated purposes. In addition to the Data Controller, in some cases, other subjects involved in the organization of this site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller, may have access to the Data. The updated list of Data Processors can always be requested from the Data Controller.
Legal basis of the treatment
The Data Controller processes Personal Data relating to the User in the event that one of the following conditions exists:
the User has given consent for one or more specific purposes; Note: in some jurisdictions, the Data Controller may be authorized to process Personal Data without the need for the User’s consent or another of the legal bases specified below, until the User objects (“opts-out”) to such processing. However, this does not apply where the processing of Personal Data is governed by European legislation on the protection of Personal Data;
the processing is necessary for the performance of a contract with the User and/or the execution of pre-contractual measures;
the processing is necessary for the performance of a legal obligation to which the Data Controller is subject;
the processing is necessary for the performance of a task of public interest or for the exercise of public powers vested in the Data Controller;
the processing is necessary for the pursuit of the legitimate interest of the Data Controller or of third parties.
However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each processing and in particular to specify whether the processing is based on law, provided for by a contract or necessary to conclude a contract.
Place
The Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For more information, please contact the Data Controller.
Your Personal Data may be transferred to a country other than the one in which you are located. You may refer to the section on details of the processing of Personal Data for further information on the location of processing.
The User has the right to obtain information on the legal basis for the transfer of Data outside the European Union or to an international organization under public international law or formed by two or more countries, such as the UN, as well as on the security measures adopted by the Controller to protect the Data.
Should one of the transfers just described take place, the User may refer to the respective sections of this document or request information from the Data Controller by contacting it at the contact details given at the beginning.
Period of conservation
The Data are processed and stored for the time required by the purposes for which they were collected. Therefore:
Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the performance of such contract is completed.
Personal Data collected for purposes related to the legitimate interest of the Controller will be retained until such interest is satisfied. You may obtain further information regarding the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.
When the processing is based on the User’s consent, the Controller may keep the Personal Data longer until such consent is revoked. In addition, the Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period the Personal Data will be deleted. Therefore, at the end of this period the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
Legal references
This Privacy Policy is drafted on the basis of multiple legislative orders, including Articles 13 and 14 of Regulation (EU) 2016/679.
Unless otherwise specified, this privacy policy relates exclusively to this site.
Purposes of Data Collection
The User’s Data is collected to enable the Owner to provide its Services, as well as for the following purposes: Contacting the User, Commenting on content, Managing contacts and sending messages, Managing payments, Remarketing and behavioral targeting, Statistics and Advertising.
To obtain further detailed information on the purposes of the processing and the Personal Data concretely relevant for each purpose, the User may refer to the relevant sections of this document.
Further information on Personal Data
Legal defense
The User’s Personal Data may be used by the Data Controller in legal proceedings or in the preparatory phases of such proceedings in order to defend the User against abuses in the use of this site or related Services.
The User declares to be aware that the Data Controller may be obliged to disclose the Data by order of public authorities.
Specific information
At the request of the User, in addition to the information contained in this privacy policy, this site may provide the User with additional and contextual information regarding specific services, or the collection and processing of Personal Data.
System logs and maintenance
For operational and maintenance purposes, this site and any third party services used by it may collect system logs, i.e. files that record interactions and may also contain Personal Data, such as the User’s IP address.
Information not contained in this policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
Sale of goods and services online
The Personal Data collected is used to provide services to the User or to sell products, including payment and delivery. The Personal Data collected to finalize the payment may be that related to the credit card, bank account used for the transfer or other payment instruments provided. The Payment Data collected by this site depends on the payment system used.
Responding to “Do Not Track” Requests
This site does not support “Do Not Track” requests.
To find out if any third party services used support them, the User is encouraged to consult their respective privacy policies.
Personal Data (or Data)
Personal Data is any information that, directly or indirectly, even in connection with any other information, including a personal identification number, makes a natural person identified or identifiable.
Usage Data
This is the information collected automatically through this site (including by third party applications integrated into this site), including: IP addresses or domain names of computers used by the user who connects with this site, URI (Uniform Resource Identifier), the time of the request, the method used to forward the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.. ) the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (e.g. the time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters relating to the operating system and the User’s IT environment.
User
The individual who uses this site which, unless otherwise specified, coincides with the Data Subject.
Data Subject
The natural person to whom the Personal Data refers.
Data Processor (or Manager)
The natural person, legal entity, public administration and any other entity that processes personal data on behalf of the Data Controller, as set out in this privacy policy.
Data Controller (or Owner)
The natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data and the instruments adopted, including the security measures relating to the operation and use of this site. The Data Controller, unless otherwise specified, is the owner of this site.
This site
The hardware or software tool by which Users’ Personal Data are collected and processed.
Service
The Service provided by this site as defined in the relevant terms (if any) on this site/application.
European Union (or EU)
Unless otherwise specified, any reference to the European Union in this document shall be deemed to extend to all current member states of the European Union and the European Economic Area.
Cookie
A small piece of data stored on the User’s device.
User Rights
Users may exercise certain rights with reference to the Data processed by the Data Controller.
In particular, the User has the right to:
revoke consent at any time. The User may revoke the consent to the processing of its Personal Data previously expressed.
oppose the processing of their Data. The User may object to the processing of their Data when it is done on a legal basis other than consent. Further details on the right to object are set out in the section below.
access your Data. The User has the right to obtain information about the Data processed by the Data Controller, certain aspects of the processing and to receive a copy of the Data processed.
verify and request rectification. The User may verify the correctness of its own Data and request its update or correction.
obtain the limitation of the treatment. When certain conditions are met, the User may request the limitation of the processing of its Data. In this case, the Data Controller will not process the Data for any purpose other than its preservation.
obtain the cancellation or removal of their Personal Data. When certain conditions are met, the User may request the deletion of their Data by the Data Controller.
receive their Data or have it transferred to another owner. The User has the right to receive his or her Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred without hindrance to another owner. This provision is applicable when the Data is processed by automated means and the processing is based on the User’s consent, a contract to which the User is a party or contractual measures related thereto.
propose complaint. The User may lodge a complaint with the competent data protection supervisory authority or take legal action.
Details of the right to object
When Personal Data are processed in the public interest, in the exercise of public powers vested in the Data Controller or to pursue a legitimate interest of the Data Controller, Users have the right to object to the processing for reasons related to their particular situation.
Users should note that if their Data were processed for direct marketing purposes, they may object to the processing without providing any reasons. To find out whether the Data Controller processes data for direct marketing purposes, Users may refer to the respective sections of this document.
How to exercise rights
In order to exercise the User’s rights, Users may address a request to the contact details of the Controller set out in this document. Requests are filed free of charge and processed by the Owner (“info@f-society.bg”) as soon as possible, in any case within one month.
Changes to this Privacy Policy
The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page and, if possible, on this site and, if technically and legally feasible, by sending a notification to Users through one of the contact details in the possession of the Data Controller. Therefore, please consult this page regularly, referring to the date of last modification indicated at the bottom.
If the changes affect processing whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.
CCPA Privacy
This privacy notice section for California residents supplements the information contained in Our Privacy Policy and it applies solely to all visitors, users, and others who reside in the State of California.
Categories of Personal Information Collected
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Consumer or Device. The following is a list of categories of personal information which we may collect or may have been collected from California residents within the last twelve (12) months.
Please note that the categories and examples provided in the list below are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact collected by Us, but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been collected. For example, certain categories of personal information would only be collected if You provided such personal information directly to Us.
Category A: Identifiers.Examples: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, driver's license number, passport number, or other similar identifiers.Collected: Yes.
Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.Collected: Yes.
Category C: Protected classification characteristics under California or federal law.Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).Collected: No.
Category D: Commercial information.Examples: Records and history of products or services purchased or considered.Collected: No.
Category E: Biometric information.Examples: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.Collected: No.
Category F: Internet or other similar network activity.Examples: Interaction with our Service or advertisement.Collected: Yes.
Category G: Geolocation data.Examples: Approximate physical location.Collected: No.
Category H: Sensory data.Examples: Audio, electronic, visual, thermal, olfactory, or similar information.Collected: No.
Category I: Professional or employment-related information.Examples: Current or past job history or performance evaluations.Collected: No.
Category J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.Collected: No.
Category K: Inferences drawn from other personal information.Examples: Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.Collected: No.
Under CCPA, personal information does not include:
Publicly available information from government records
Deidentified or aggregated consumer information
Information excluded from the CCPA's scope, such as:Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial dataPersonal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994
Sources of Personal Information
We obtain the categories of personal information listed above from the following categories of sources:
Directly from You. For example, from the forms You complete on our Service, preferences You express or provide through our Service.
Indirectly from You. For example, from observing Your activity on our Service.
Automatically from You. For example, through cookies We or our Service Providers set on Your Device as You navigate through our Service.
From Service Providers. For example, third-party vendors to monitor and analyze the use of our Service, third-party vendors to deliver targeted advertising to You, or other third-party vendors that We use to provide the Service to You.
Use of Personal Information for Business Purposes or Commercial Purposes
We may use or disclose personal information We collect for "business purposes" or "commercial purposes" (as defined under the CCPA), which may include the following examples:
To operate our Service and provide You with our Service.
To provide You with support and to respond to Your inquiries, including to investigate and address Your concerns and monitor and improve our Service.
To fulfill or meet the reason You provided the information. For example, if You share Your contact information to ask a question about our Service, We will use that personal information to respond to Your inquiry.
To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
As described to You when collecting Your personal information or as otherwise set forth in the CCPA.
For internal administrative and auditing purposes.
To detect security incidents and protect against malicious, deceptive, fraudulent or illegal activity, including, when necessary, to prosecute those responsible for such activities.
Please note that the examples provided above are illustrative and not intended to be exhaustive. For more details on how we use this information, please refer to the "Use of Your Personal Data" section.
If We decide to collect additional categories of personal information or use the personal information We collected for materially different, unrelated, or incompatible purposes We will update this Privacy Policy.
Disclosure of Personal Information for Business Purposes or Commercial Purposes
We may use or disclose and may have used or disclosed in the last twelve (12) months the following categories of personal information for business or commercial purposes:
Category A: Identifiers
Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Category F: Internet or other similar network activity
Please note that the categories listed above are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact disclosed, but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been disclosed.
When We disclose personal information for a business purpose or a commercial purpose, We enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
Sale of Personal Information
As defined in the CCPA, "sell" and "sale" mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer's personal information by the business to a third party for valuable consideration. This means that We may have received some kind of benefit in return for sharing personal information, but not necessarily a monetary benefit.
Please note that the categories listed below are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact sold, but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been shared for value in return.
We may sell and may have sold in the last twelve (12) months the following categories of personal information:
Category A: Identifiers
Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Category F: Internet or other similar network activity
Share of Personal Information
We may share Your personal information identified in the above categories with the following categories of third parties:
Service Providers
Our affiliates
Our business partners
Third party vendors to whom You or Your agents authorize Us to disclose Your personal information in connection with products or services We provide to You
Sale of Personal Information of Minors Under 16 Years of Age
We do not knowingly collect personal information from minors under the age of 16 through our Service, although certain third party websites that we link to may do so. These third-party websites have their own terms of use and privacy policies and we encourage parents and legal guardians to monitor their children's Internet usage and instruct their children to never provide information on other websites without their permission.
We do not sell the personal information of Consumers We actually know are less than 16 years of age, unless We receive affirmative authorization (the "right to opt-in") from either the Consumer who is between 13 and 16 years of age, or the parent or guardian of a Consumer less than 13 years of age. Consumers who opt-in to the sale of personal information may opt-out of future sales at any time. To exercise the right to opt-out, You (or Your authorized representative) may submit a request to Us by contacting Us.
If You have reason to believe that a child under the age of 13 (or 16) has provided Us with personal information, please contact Us with sufficient detail to enable Us to delete that information.
Your Rights under the CCPA
The CCPA provides California residents with specific rights regarding their personal information. If You are a resident of California, You have the following rights:
The right to notice. You have the right to be notified which categories of Personal Data are being collected and the purposes for which the Personal Data is being used.
The right to request. Under CCPA, You have the right to request that We disclose information to You about Our collection, use, sale, disclosure for business purposes and share of personal information. Once We receive and confirm Your request, We will disclose to You:The categories of personal information We collected about YouThe categories of sources for the personal information We collected about YouOur business or commercial purpose for collecting or selling that personal informationThe categories of third parties with whom We share that personal informationThe specific pieces of personal information We collected about YouIf we sold Your personal information or disclosed Your personal information for a business purpose, We will disclose to You:The categories of personal information categories soldThe categories of personal information categories disclosed
The right to say no to the sale of Personal Data (opt-out). You have the right to direct Us to not sell Your personal information. To submit an opt-out request please contact Us.
The right to delete Personal Data. You have the right to request the deletion of Your Personal Data, subject to certain exceptions. Once We receive and confirm Your request, We will delete (and direct Our Service Providers to delete) Your personal information from our records, unless an exception applies. We may deny Your deletion request if retaining the information is necessary for Us or Our Service Providers to:Complete the transaction for which We collected the personal information, provide a good or service that You requested, take actions reasonably anticipated within the context of our ongoing business relationship with You, or otherwise perform our contract with You.Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.Debug products to identify and repair errors that impair existing intended functionality.Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if You previously provided informed consent.Enable solely internal uses that are reasonably aligned with consumer expectations based on Your relationship with Us.Comply with a legal obligation.Make other internal and lawful uses of that information that are compatible with the context in which You provided it.
The right not to be discriminated against. You have the right not to be discriminated against for exercising any of Your consumer's rights, including by:Denying goods or services to YouCharging different prices or rates for goods or services, including the use of discounts or other benefits or imposing penaltiesProviding a different level or quality of goods or services to YouSuggesting that You will receive a different price or rate for goods or services or a different level or quality of goods or services
Exercising Your CCPA Data Protection Rights
In order to exercise any of Your rights under the CCPA, and if You are a California resident, You can contact Us:
By email: info@f-society.bg
Only You, or a person registered with the California Secretary of State that You authorize to act on Your behalf, may make a verifiable request related to Your personal information.
Your request to Us must:
Provide sufficient information that allows Us to reasonably verify You are the person about whom We collected personal information or an authorized representative
Describe Your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it
We cannot respond to Your request or provide You with the required information if we cannot:
Verify Your identity or authority to make the request
And confirm that the personal information relates to You
We will disclose and deliver the required information free of charge within 45 days of receiving Your verifiable request. The time period to provide the required information may be extended once by an additional 45 days when reasonable necessary and with prior notice.
Any disclosures We provide will only cover the 12-month period preceding the verifiable request's receipt.
For data portability requests, We will select a format to provide Your personal information that is readily useable and should allow You to transmit the information from one entity to another entity without hindrance.
Do Not Sell My Personal Information
You have the right to opt-out of the sale of Your personal information. Once We receive and confirm a verifiable consumer request from You, we will stop selling Your personal information. To exercise Your right to opt-out, please contact Us.
The Service Providers we partner with (for example, our analytics or advertising partners) may use technology on the Service that sells personal information as defined by the CCPA law. If you wish to opt out of the use of Your personal information for interest-based advertising purposes and these potential sales as defined under CCPA law, you may do so by following the instructions below.
Please note that any opt out is specific to the browser You use. You may need to opt out on every browser that You use.
Website
You can opt out of receiving ads that are personalized as served by our Service Providers by following our instructions presented on the Service:
The NAI's opt-out platform: http://www.networkadvertising.org/choices/
The EDAA's opt-out platform http://www.youronlinechoices.com/
The DAA's opt-out platform: http://optout.aboutads.info/?c=2&lang=EN
The opt out will place a cookie on Your computer that is unique to the browser You use to opt out. If you change browsers or delete the cookies saved by your browser, You will need to opt out again.
Mobile Devices
Your mobile device may give You the ability to opt out of the use of information about the apps You use in order to serve You ads that are targeted to Your interests:
"Opt out of Interest-Based Ads" or "Opt out of Ads Personalization" on Android devices
"Limit Ad Tracking" on iOS devices
You can also stop the collection of location information from Your mobile device by changing the preferences on Your mobile device.
Children's Privacy
Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.
If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent's consent before We collect and use that information.
Links to Other Websites
Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Changes to this Privacy Policy
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.
We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
Contact Us
If you have any questions about this Privacy Policy, You can contact us:
By email: info@f-society.bg
