1 – STOP BULGARIA’S WEB PRIVACY POLICY

1stopasia.de is operated by 1-Stop Bulgaria which is part of a global provider of language and translation services, united by the 1 – Stop Brand, operating in full compliance with all applicable legislation and regulations regarding information security and personal data protection.

The whole group abides strictly by the General Data Protection Regulation (GDPR) effective in the European Union from May 2018, the requirements of the GDPR, the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework, and also the requirements of specific laws in the countries where we perform our activities. This Web Privacy Policy applies to all members of the group, including 1 – Stop Bulgaria.

This Privacy Policy describes the types of information we collect, process and retain through our website. It does not apply to information collected by us offline. Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • You have made an information request to us.
  • You have placed an order for one of our services.
  • You have applied for a job or internship with us.
  • You are representing your organization.

Therefore, we collect and process your data in order to provide the services you are interested in. The legal basis for processing your data is either a specific regulatory requirement or your explicit consent to use your personal data. In all cases, we treat your data fairly and lawfully.

As a law-abiding data controller, we take all reasonable measures to ensure that your data is processed and stored securely. We have developed a comprehensive Management System certified to ISO 9001:2015 and ISO 17100:2015 which includes appropriate policies and procedures designed to ensure the fair and transparent management practices covering all aspects of our activities, including information security and personal data protection.

To ensure that your personal data is processed and stored securely, we apply a range of organizational and technical security measures which include but are not limited to:

  • GDPR-compliant Information Security Policy and Data Protection Policy with specific guidance to our employees, sub-processors and freelancers.
  • Non-disclosure and confidentiality agreements with employees and contractors (subprocessors and freelancers).
  • Development of a cloud-based platform where our data management processes take place which is accessible, with appropriate restriction, worldwide by our employees and contractors.
  • Providing guidance and demanding from our contractors full compliance with the best possible data protection measures, including their own desktop and mobile computers.
  • Appropriate procedures and methods of data transfer via secure channels of communication and additional measures such as encryption.
  • Appropriate policies for retention of documents containing personal data and deletion upon completion of the job related to a particular document.
  • Adequate measures to ensure the preservation of documents from loss or destruction.
  • Continuous review of data security practices to ensure full compliance with the applicable legislation and the client requirements set forth in agreements or specific instructions.

In case we identify an actual or potential data breaches, we will immediately notify you and the respective data protection authority.

We store your personal data as long as needed to perform our services or until you decide that you want to have your personal data erased. Your right “to be forgotten” is subject to certain limitations if your data are available on contractual or financial documents (which we need to store for periods specified in the laws in the countries where we operate) or in cases when we need to ensure legal protection.

We acknowledge the rights granted to you by the GDPR within the respective legal framework such as your right of access, right to rectification, right to erasure and right to restriction of processing (within limitations specified in the respective legislation), and right to data portability (where applicable).

We do not apply profiling techniques and do not transfer your personal data to third parties except in case of legal requirements by the law enforcement authorities or your explicit consent.

Regarding any questions and issues related to data protection, you can raise your inquiries to our Data Protection Officer who is available to provide any additional information and explanations regarding personal data protection and accept any claims regarding data security. His contact particulars are phone +359-32-399-222, e-mail: bulgaria@1stopasia.com.

 

Last updated: May 2018