Welcome to http://dimeko.com/ (the “Website” or the “Internet page”), operated by the Data Manager “DIMEKO MJ” OOD, Unified Identification Code: 131464505, headquarters and registered address: city of Sofia 1331, Lyulin Region, Filipovtsi Residential Complex, 45 Zemedelska St., email; firstname.lastname@example.org
As of 25 May 2018, Bulgaria started to implement the General Data Protection Regulation (GDPR). It was adopted by the European Union and its objective is to harmonise the policies of EU member states related to personal data collection and use. It also aims to ensure our right to privacy and to protect our personal data in order to protect us from misuse of our personal information. The new regulation comes with a number of requirements that DIMEKO MJ applies and which you can familiarise yourself with here. These include:
- To inform you about the categories of data we use.
- To inform you why we use them.
- To request your consent to use them when we provide additional services based on these data.
- To provide you with the opportunity to change your consent with respect to different purposes.
- To ensure your right to request rectification of your data, their erasure, as well as the “right to be forgotten”. In addition, we can provide you with your data so that you can download them, or we can transfer them, if you notify us and prove your identity by using the applicable methods for this.
- To indicate all third parties/other companies we exchange your data with. Please, be aware that the internet is a global network and we often use standardised services to register any login and to track the behaviour in an anonymised format, e.g. through Google Analytics.
Your data that can be used to identify a particular user are considered personal data. These may include e-mail, names, mobile phone number, residence address and IP address.
Categories of data we collect and how we process them:
Every time a user opens our website and its different menus, we receive information in the form of an information protocol with the following content:
- Internet protocol (IP) address of the device used by the individual to access the platform (typically used to determine the country or city, from which the individual accesses the platform);
- Type of the device used by the individual for access to the platform (e.g. computer, mobile telephone, tablet, etc.);
- Type of operation system;
- Type of browser;
- The specific actions undertaken by the individual, including pages visited, frequency and duration of the website visits;
- Date and time of the visits.
In order to place an order for products you selected without creating a user account or during the creation of a user account, you will have to provide the following personal data: full name, e-mail, contact telephone, address, invoicing details (optional). The collection and processing of these data is necessary: based on a conclusion or performance of a contract for purchase of goods and for meeting legal requirements, including for the purpose of issuing invoices.
When an individual contacts DIMEKO MJ via telephone, the company only collects and processes the name and the telephone number of the individual and, in some cases, their address and/or e-mail. These data are processed for the purpose of communication with the individual and for delivery of goods. The processing of these data is necessary:
- for meeting the Data Manager’s legitimate interests.
- for actions preceding the conclusion of the contract and undertaken based on a request by the individual, particularly, for provision of further information on the services offered by the Data Manager in relation to possible conclusion of a contract with the individual and/or confirmation of an order that was placed by them.
If you have agreed to receive our Newsletter, we are using your e-mail address so that you can receive information about our products, promotions and other relevant information.
Our services are not suitable for children aged under 16 and we do not consciously collect personal data of persons below 16 years of age. If we become aware that a person under 16 years of age has provided personal data to us, we will immediately delete those data.
Principles of personal data processing:
DIMEKO MJ applies the following principles for processing individuals’ personal data:
- The personal data are processed lawfully, fairly and in a transparent manner in relation to the data subject (“lawfulness, fairness and transparency”);
- The personal data are collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
- The personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimisation”);
- The personal data are accurate and, where necessary, kept up to date (“accuracy”);
- The personal data are stored in a form that allows identification of the data subject for no longer than is necessary for the purposes for which the personal data are processed (“storage limitation”);
- The personal data are processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (“integrity and confidentiality”).
Purposes for which personal data are processed:
DIMEKO MJ shall collect and process individuals’ personal data provided directly by them solely for the following purposes:
- for the purpose of providing services offered by the Data Manager, particularly: sale of goods and identification of the individuals (prospective and current customers);
- for contacting the individual via e-mail or telephone so that the Data Manager can respond to an inquiry received from the individual or to request confirmation of an order placed by the individual;
- for performance of obligations under a contract to which the data subject is a party, as well as for actions preceding the conclusion of a contract and undertaken at their request;
- for fulfilment of a statutory obligation of the Data Manager in accordance with the applicable law;
- for dispatching the goods purchased by the individual;
- for accounting purposes;
- for statistical purposes.
- If you have subscribed to our Newsletter, your personal data will be used so that you can receive information about our products, promotions and other relevant information.
DIMEKO MJ shall collect and process automatically collected individuals’ personal data for the following purposes:
- for improving the website efficiency and functionality;
- for generating anonymous statistical data on the way in which the website was used.
The data manager shall not apply automated decision-making, including profiling.
Personal data storage period:
Personal data of individuals who have purchased goods: The Data Manager will store the personal data of individuals who have purchased goods from the Data Manager for a period of five years, which is the statutory period for storage of invoices issued to customers.
In all other cases, the Data Manager will store the individuals’ personal data for no longer than is necessary, based on the following criteria: – whether the Data Manager must continue to process the individuals’ personal data in order to comply with a legal requirement; – the present and the future purpose of storage of the personal data; – whether there is a contract signed between the individual and the Data Manager and whether the Data Manager is obliged to continue to process the personal data in order to fulfil their obligations under the contract; – present and future purposes for using the personal data; – whether the individual will need to be contacted in the future; – whether the Data Manager has a legal ground to continue to process the individual’s personal data; – any other legitimate reasons, such as the nature of the relations with the individual.
Mandatory and voluntary nature of personal data provision:
The personal data required by the individuals are based on the services offered by the Data Manager. The provision of personal data by individuals is voluntary. If the data subject refuses to provide personal data:
- The user shall stop viewing the Website content.
- The Data Manager will be unable to deliver the goods requested by the individual;
- The Data Manager will not be able to receive the user’s e-mail, if the latter does not fill in the necessary information in the contact form.
Data collected by using cookies:
When users are using our Website by viewing its content or by placing orders for selected products, cookies are among the data that help us understand how our services work best and how to make them even better for you. These are small text files sent by the web server to the browser used, which are stored on your device, so that the website could recognise it. There are two types of cookies – persistent cookies and temporary or “session” cookies. Persistent cookies are stored as a file on your computer or mobile device for a longer period of time. Session cookies are temporarily stored on your computer when you visit the Website and deleted instantaneously when you close the page. Most cookies do not contain sensitive information about you or personally identifiable data.
In order to make sure that you receive the most relevant information and the best services when you visit our internet page: http://dimeko.com/ (the “Website” or the “Internet page”), we will collect information and data by using the so-called “cookies”. This helps us provide you with a customised experience when you visit our Website. Furthermore, this allows us to improve our services and to make sure you easily find what you are looking for. We would like you to understand the way in which we use these technologies, therefore this Cookies Policy explains the types of technologies we use, what they do and your options with respect to their use.
What are cookies?
We and our service providers may use the following types of cookies:
These cookies are strictly necessary for the website to function. We use these cookies, e.g. for the following purposes:
* in order to establish the authenticity and identity of our users when they use our Website, so that we can provide our services;
* in order to be able to fulfil our General Terms and Conditions and to maintain the security of our services.
Performance and functionality cookies:
These cookies are not strictly necessary, however, they allow us to customise your online experience with our Internet Pages. We use these cookies, e.g. for the following purposes:
* in order to remember your preferences so that you do not need to enter information that you have already provided every time (e.g. when you enter your data for access to our services);
* in order to collect information on the way in which our users use our services, so that we can improve our Website and our Services and in order to make market studies (e.g.: information about popular pages, viewing habits, number of clicks, number of shares, number of likes of a given article, most recent pages visited, voting on comments).
We use these cookies, e.g. for the following purposes:
* in order to obtain information on the way you use our Internet Page, such as pages visited or how you respond to advertisements in order to offer you advertisements that are relevant for you;
* in order to determine the most popular parts of our Websites;
* in order to track the use of our services and our Websites (frequency and time);
* in order to monitor the success of a certain product;
* in order to determine how often you and the other users visit our Websites.
These cookies often aim to provide advertising relevant for you – both on our Websites and outside them. These types of advertisements are also known as “interest-based advertising”. Many of these types of cookies belong to our service providers.
We may use session cookies, for example to:
* allow you to navigate between the different pages of our Website;
* recognise you when you return to our Website to use our services;
We use the information from the cookies on order to make our Internet Page more user-friendly and in order to provide you with customised recommendations.
We also use some third-party cookies as part of our services. These cookies are managed by the respective sites and are not controlled by us. A list of the third-party cookies we use is provided below, some of which can be turned off through the general settings of your browser. For others, you may need to visit the respective websites and to follow the instructions provided.
Google Analytics – in order to generate statistics on the websites’ traffic and the sources of traffic, as well as for converting units and sales – for opt-out, see here https://support.google.com/analytics/answer/181881
How are cookies deleted?
You can choose whether to accept cookies or not. If you want to know when your computer receives a cookie, you can set your browser to notify you about this. In this way you can accept or refuse the relevant cookie. Your computer may be set to refuse all cookies. If you want to know how to do this, visit aboutcookies.org. Please, note that changes in your browser that deactivate the cookies function will prevent part of our Websites to function properly.
Changes in our Cookies Policy
Any future changes to our Cookies Policy will be published on this page. If necessary, we will notify you about possible changes via e-mail in accordance with the General Terms and Conditions. Unless otherwise noted, all changes shall become effective immediately.
If you have any further questions on this Cookies Policy, please, do not hesitate to contact us at email@example.com
- Tracking the website sections that you visit;
- Time spent at the website;
Entities with whom we share and disclose your personal information
Sometimes we record part of the information on our servers or send it to third parties. This is necessary in order to provide you with the best experience when using our services, and, sometimes – in order to be able to provide availability and accessibility of the service you use.
DIMEKO MJ shall not grant any right for use, sell, disclose or share any information about you (personal data within the meaning of GDPR) with any other parties, unless this is necessary in order to provide you with the services you requested, or unless you have given your permission, or in the following cases:
- to the individuals who are the relevant data subjects;
- to entities, if this is envisaged by a legal act, e.g. to government authorities (e.g. the National Revenue Agency, etc.);
- to Data Processors who provide services that support the Data Manager’s business operations, such as the Data Manager’s accountant or organisations providing courier services.
Protection of information
When we store the information at our place, it is stored both in physical form and on servers co-located at data storage centres on the territory of Republic of Bulgaria.
We limit our employees’ access to your information, unless there are reasonable grounds for them to handle this information in order to provide you with services or in relation to the fulfilment of our employees’ working obligations.
We have put in place physical, electronic and procedural protective mechanisms that comply with our legal obligations with respect to protecting your information.
Data may be transferred outside the EEA, where a solution for adequate protection is in place, e.g. the EU-U.S. Privacy Shield. For more information, you can review the privacy policies of the relevant third parties.
Data Subject Rights
- Right of access to your personal data: you have the right to obtain confirmation from us whether personal data concerning you are processed or not, and, where that is the case, you have right to access the personal data and information.
- Right to rectification of personal data: if you discover that the personal data about you that we process are incorrect, you have the right to make us rectify those personal data.
- Right to erasure of personal data (“right to be forgotten”): under some circumstances, e.g. if your personal data have been unlawfully processed or if you have withdrawn your consent (if personal data processing is based on a consent), you have the right to request and obtain erasure of your personal data by us.
- Right to restriction of processing: under some circumstances, e.g. if you have doubts with respect to the accuracy of your personal data or if you have contested our legitimate purpose for processing your personal data, you have the right to request us to restrict the processing of your data until a proper solution is found.
- Right to object against the processing: under some circumstances, e.g. if you have doubts with respect to our legitimate interest to process your personal data, you have the right to object against such processing based on considerations related to your specific situation.
- Right to data portability: if your personal data are processed with automated means with your consent or for the purpose of fulfilling our contractual obligations, you have the right to request us to provide your personal data in a machine-readable format for transfer to another data controller.
- Right to lodge a complaint with a supervisory authority: you have the right to lodge a complaint with respect to our processing of your personal data with the relevant supervisory authority.
Commission for Personal Data Protection
Address: Sofia, postal code 1592, 2 Tsvetan Lazarov Blvd.
Contact details: 02/915 35 18; 02/915 35 15; 02/915 35 19; firstname.lastname@example.org, www.cpdp.bg
- If you have given your consent to receive our Newsletter, you have the right to withdraw it at any time by using the unsubscribe option provided at the end of each newsletter or by contacting us.
Important: In order to exercise your rights granted by the GDPR and the legislation currently in force, please, contact us, so that we can provide you with specific information on how you can duly exercise any of your rights and/or provide you with specific forms to facilitate you in exercising your rights.