Privacy Policy and Personal Data Protection
The website www.LightHouseSofia.bg (the “Website”) and its associated services are available to visitors and users (or, for brevity, “You”) in accordance with the policy for management and protection of personal data, as described in this document.
The Website is owned by “Lighthouse Kindergarten” Ltd., UIC 207237623, registered in the Commercial Register with headquarters and management address at: Sofia, “Kliment Ohridski” Blvd. № 25, floor 1, ap. 2. Your personal data is collected and processed by the same company (“the Company” or, for brevity, “We”).
As a data controller, the Company and its employees comply with all requirements of Bulgarian and applicable European legislation related to personal data protection. The Company guarantees the confidentiality of non-public information and personal data of all visitors and users of the website www.LightHouseSofia.bg.
Please review this Privacy and Data Protection Policy (“Policy”) to understand how we collect, process, store, and use your personal data in our activities. This Policy is only valid for the Website and applies to the processing of personal data carried out by the Company or third parties to whom the Company has delegated this responsibility.
The Policy contains information about access to and protection of personal data, the purposes, grounds and means of processing personal data, and other information that may be of interest to you as a data subject. You can find this information below in this Policy or by contacting us at office@LightHouseSofia.bg. Please read the Policy before deciding to use or register as a user of our Website.
PURPOSES
The Company respects the right to privacy and private life and is committed to implementing a comprehensive policy to protect against unauthorized access and/or processing of personal data of Website users, by complying with this Policy.
The purpose of this Policy is to inform Website users about the purposes of processing their personal data, the recipients or categories of recipients to whom the data may be disclosed, the basic principles of collecting and processing personal data, including the voluntary provision of such data, the strict compliance with users’ rights and the fulfillment of the Company’s obligations as a data controller.
To comply with applicable national and European data protection legislation, this Policy is subject to periodic updates, changes, and additions when required by law or regulatory practice. The most current version of this Policy is published on the Website.
This Policy applies to the information we collect through the Website (including advertisements, services, and applications) and through email, text, and other electronic communications between you and the Website.
TERMS
For the purposes of this Policy:
• “Personal data” means any information relating to an identified or identifiable natural person or a natural person who can be identified, directly or indirectly, by various identifiers such as name, identification number, location data, online identifier or by other specific characteristics related to physical, economic, cultural or social identity, etc.;
• “Processing of personal data” means any operation or set of operations performed on personal data, whether by automated means or not, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, use and other ways in which data becomes accessible;
• “Data controller” means a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
COLLECTION OF INFORMATION AND DATA PROVIDED BY YOU
The company collects information that you voluntarily provide to us or through your use of the website, including when you interact with website features, when you register as a user, for example, to learn about the services offered by the website, when you subscribe to a newsletter, when you register to participate in events and initiatives offered through the website, and others. The company also reserves the right to store and process personal data of users in order to comply with Bulgarian and applicable European legislation.
The information we collect and process depends on how you use and access the website.
When non-registered users (browsers) visit the website, the provision of personal data is not required.
When registered users use the website, we collect information and personal data from you when you make a request to contact you in connection with providing information or services on our part, contact us for assistance or information, otherwise provide personal data, including in connection with our news and events, updating information or other services. For the purposes of registering on the website, you enter the information specified on the website, including your name, email, contact phone, any text addressed to us, and other required information. You also enter similar information when you make comments or submit requests or complaints to us.
The provision of personal data by the user is necessary for the provision of the services and features offered by the website, such as website registration and subscription to newsletters, news, current information about events or other initiatives offered through the website or promotions. Refusal to provide personal data by the user leads to the impossibility of the user to register on the website or use services or other initiatives offered through the website.
Each user is responsible for the accuracy and correctness of the personal data provided by them. Any losses or damages caused to the website, the company or any third party due to the provision of incorrect, inaccurate, or incomplete information will be the sole responsibility of the user.
AUTOMATIC DATA COLLECTION
We may perform automated data collection, including profiling, while you browse or use the website, such as data regarding the number of visits to the website, your location, the information you use on the website, your IP address, operating system, and browser type.
COOKIES
Like many other websites, we also use “cookies,” which are small files stored on your computer’s hard drive. We use cookies to personalize the Website (presenting different pages to different users), track individual users’ access to the Website, evaluate visitor patterns, evaluate user-generated content on the Website, and in general, to improve the Website. Through cookies, our Website can “recognize” and “remember” visitors and their individual preferences, settings, and actions taken.
Almost every browser can allow you to delete cookies at any time or to completely prohibit their use through appropriate settings. Please refer to the Help menu of your browser, where you will find explanations on how to stop accepting new cookies from your browser, how to change its settings to receive a warning when a new cookie appears, or how to reject all cookies. Please note that restricting or refusing cookies may limit your access or make it impossible to use certain features of the Website.
IP ADDRESS
An IP address (Internet Protocol) is a number that uniquely identifies a computer or other hardware device connected to the internet, and connects it with other devices when sending information over the internet or local network. The IP address itself cannot identify a specific individual. We store your IP address and data from it to ensure the security of our systems and prevent abuse of information and data.
We use automatically collected information to improve the website and user experience by creating and analyzing user models, personalizing access and use of the website based on your preferences and interests, and facilitating your searches based on the statistical data collected. We will store this information for a period of 3 years.
The automatically collected information is statistical and does not contain personal data, but in combination with other additional information that we store or receive, it may be possible to identify the identity of a data subject, in which case this information will be processed, stored, and used in accordance with the rules of this Policy.
ONLINE SURVEYS, SOCIAL NETWORKS, LINKS TO OTHER WEBSITES
Through the Website, we may conduct online surveys created by the Website team or partners of the Company for the purpose of researching user attitudes and desires. If you participate in an online survey, we may ask for specific information such as your age, gender, education, interests, email address and/or mailing address. This type of information contains personal data and is treated in accordance with this Policy.
The Website may contain links to other websites, such as the Website’s page on Facebook, Google Maps, and others. Please note that this Policy does not apply to information collected through other websites. We recommend that you read the privacy policies of all internet pages you visit. If you have accessed the Website through a link from any of our advertising, marketing and other partners, the pages may be directed to those partners. However, the information you provide will be collected by us, and the provisions of this Policy will apply to the use of this information.
GOOGLE ANALYTICS
It is possible for us to track the pages visited by users and the time spent on the Website through the Google Analytics tool while users are visiting and browsing the Website. You can object to the collection and processing of your data in this way by downloading and installing a browser add-on from the following link: http://tools.google.com/dlpage/gaoptout?hl=en
MANAGEMENT AND SUPPORT OF THE WEBSITE
The management and technical support of the Website are carried out by external content and service providers. These content and services may include the distribution of marketing and advertising materials, website evaluation, data research and analysis, fraud protection and risk mitigation, data cleansing, and others. We provide personal data to these external providers by allowing them to use them only for the relevant services and provided that they undertake a contractual obligation to take the necessary measures to comply with applicable data protection laws.
PURPOSES FOR WHICH THE INFORMATION AND PERSONAL DATA COLLECTED BY US IS USED
We use this information and data to:
• providing the services offered by the Website;
• improving the Website, personalization and facilitating access and searches in it;
• marketing and advertising purposes;
• online research, analysis, processing and storage of information, including for statistical purposes;
• sending you information about news, upcoming events, promotions, services and other activities (if you have consented to receive such information) and other communication with you;
• collecting and storing complaints, opinions and recommendations and taking actions in relation to them;
• fulfillment of the Company’s legal obligations, protection of the rights and interests of users, the Company and its related persons, including with a view to preventing misuse of information and data;
• other purposes for which we have obtained your express consent.
PROCESSING OF PERSONAL DATA
We process your personal data on the basis of legitimate interest. Our legitimate interest is generally expressed in the legally recognized right of business initiative – the right to carry out and develop our business. When we have requested and you have consented to the processing of your personal data, your consent justifies the lawful processing of your personal data. Any processing of your personal data in fulfillment of a legal obligation of the Company as a personal data administrator, as well as when this is necessary to protect your interests, such as e.g. detecting and preventing data theft, data fraud or other violations.
The Company, as an administrator of users’ personal data, processes the same in accordance with this Policy and with the consent given by the user when providing the data. Users’ personal data are processed by persons authorized by the Company who have access to them based on their official or contractual obligations and only in connection with and for the purposes of processing. When making a request in electronic format to the email office@LightHouseSofia.bg, each user of the Website can receive information about the type of his personal data that the Company processes, the authorized employees who carry out the processing, whether third parties process his personal data, at what basis and for what purposes his personal data were provided to third parties and other relevant information.
The Company processes personal data in accordance with the necessary security requirements in order to minimize the risks of destruction and loss of data, from unauthorized access, illegal processing or processing that does not correspond to the purposes for their collection. The information system of the Website and the programs are configured to minimize the use of personal and identification data, so that these data are used only when necessary for the specific purpose of the processing.
STORAGE OF PERSONAL DATA
Your personal data will be collected and processed through an electronic system managed by the Company or third parties to whom the Company has assigned this, and stored on secure servers.
The storage period of your personal data is mainly determined by the duration of your user profile. As long as you have an active active profile on the Website, the Company will store your personal data. At the moment of deletion or other deactivation of the account, the information about your personal data will be deleted, subject to the applicable regulatory requirements in this regard, within a period of one month.
In other cases, the data necessary to achieve the specific purpose of the processing, including those given on the basis of express consent from the user, are stored by the Company for a period of 5 years from their receipt, or for the period necessary to comply with our legal obligations as the controller of personal data, if this term is longer.
DISCLOSURE OF PERSONAL INFORMATION
We may disclose personal data stored by us in the following cases:
• with your consent;
• for the purpose for which you provide them, if this requires disclosure of the data;
• to third parties providing Website maintenance and management services, analysis and data protection;
• to intermediaries in pre-contractual relations and when concluding contracts by the Company, including sales intermediaries, marketing specialists, analysts, technical and other consultants of the Company;
• in fulfillment of our legal obligation or a request by government authorities or judicial authorities, to protect the rights, property and security of the Company or related persons, business partners, customers or users of the Website;
• upon acquisition of control over the Company, its capital or its business assets or part of them by third parties. Transactions of this nature may also involve the transfer of information about users of the Website, in which case we will notify you through information on the Website of the data transfer and any new privacy and data protection policy.
We may share non-personally identifiable information with our marketing partners, analysts, advertisers, consultants and other persons providing services to the Company. Usually, this information has a numerical expression, such as the number of users who visited the Website in a certain period, the most frequently requested information or service, etc. similar.
RIGHTS OF WEBSITE USERS
Users of the Website have the right at any time:
• request from the Company access to their personal data processed by the Company, check their content and correct or supplement them, update, block, delete, terminate or limit their processing, object to their processing, withdraw their consent to their processing by email to office@LightHouseSofia.bg, and after the withdrawal they will not be able to use the services of the Website and will not be able to receive messages, emails, sms for advertising, marketing and commercial purposes, as well as to contact the Company on matters related to client programs and others electronically, therefore the withdrawal will be treated as a refusal by the user to provide services from the Website);
• to check and delete the information (their profile) related to their personal data. When deleting a profile, all personal data related to the data subject is automatically deleted;
• to receive from the Company information about the purpose of processing their personal data, how and where their personal data is stored, the third parties to whom it is provided and on what basis, how and for what period their personal data is stored, or to request the data not to be used for direct marketing purposes.
According to Art. 20 of Regulation (EU) 2016/679, the Company declares that it does not have the technical possibility to provide portability of personal data from the Website to other websites.
You can contact us at office@LightHouseSofia.bg if you wish to receive the above information from the Company or exercise your rights.
If you suspect misuse of your personal data, please contact a representative of the Company at the email address office@LightHouseSofia.bg.
If you suspect abuse or complain about the collection and processing of your personal data, you have the right to file a complaint with the Commission for the Protection of Personal Data at the address: city of Sofia, 1592, Tsvetan Lazarov Blvd. No. 2, phone: +359 2 915 35 18, email: kzld@cpdp.bg, website: http://www.cpdp.bg/
CHANGES IN POLICY
We will inform users of any material changes to the Policy through a notice on the Website. In some cases, we may also send emails to inform our users about this. We advise you to check the Website regularly for changes to the Privacy Policy.