WHO WE ARE
The Company, providing you Services is Hobo Bulgaria Limited Liability Company, having its registered address in Sofia, Sredetz district, 31 Angel Kanchev Str., UIC 205420451, represented by the managing director Teodor Ventzislavov Rachev, VAT number BG205420451.
If you have any questions or requests, please, contact us at: Sofia 1000, Orlandovtsi, 13 Idustrialna Street, or via email: email@example.com.
PERSONAL DATA WE COLLECT AND HOW WE USE IT
Personal data is data that describes and is linkable to someone as a person.
We collect some personal data in order to provide the Services to our Users. We will only process personal data for legal reasons. We don’t sell or otherwise distribute your personal data. We may share it with our selected service providers only when it is vital for the provision of our Services as explicitly described below.
We collect the following personal data for the purposes described:
- Names and Usernames – these are necessary for identification of each User, using our Mobile app.
- Email addresses – these are necessary for authenticating Users before allowing their access to the Services, as well as for providing technical support.
- Phone numbers - these are necessary for providing technical support and communicating conditions in respect of the Service providing.
By filling in the contact details, the User authorizes us to use such contact details for communication with the User in connection with the Services we provide. On the other hand, receiving contact details by the User does not oblige us to contact him / her.
Data processing activities, listed above, are necessary for the performance of our contractual obligations in favour of our Users.
Data processing activities, listed above, are necessary for the performance of our Loyalty Program as well.
If you enter your email address in the newsletter box, we shall consider this as your explicit request to provide you with notifications about our Services, their update, upgrade, amendment, new releases, development and/or termination. You may withdraw your consent to receive this information at any time by contact us at Sofia 1000, 31 Angel Kanchev Street, or via email: firstname.lastname@example.org.
Your consent is voluntary, and we will not refuse our Services, if you do not provide us with your consent. However, we believe you will greatly benefit from receiving this information because it will reflect our latest projects and ideas for improving our Services and satisfaction to our users.
You may withdraw your consent to receive this information at any time by writing to us at Sofia 1000, 31 Angel Kanchev Street, via email: email@example.com, or via the Mobile app.
METHOD OF COLLECTION
Each User provides personally the personal data, entered or uploaded in the Mobile app.
Users are not allowed to enter third party personal data, including sign up a third party using their email address, without due authorization by such third party. We do not monitor or control the content, entered or uploaded by Users. It is the User’s responsibility to provide and guarantee that the processing personal data activities, performed by the User with our Mobile app are compliant with the requirements of the GDPR.
We take appropriate technical and organisational measures to protect your personal data against loss or other forms of unlawful processing. We make sure that in our structure personal data is only accessible by those who need access to do their job, and that they are properly trained and authorised. Our staff is required to conduct in a manner consistent with our guidelines regarding confidentiality, ethics, and appropriate data usage.
SUBPROCESSORS AND PROCESSING OUT OF EU
We outsource the following services:
- Hosting services (Superhosting);
- Payment gateway (Stripe). Please, keep in mind that we do not collect, keep or process in any other way your credit or debit card data. Such data is processed only by the Subprocessor. Subprocessor’s privacy data policy, personal data support, information and related topics may be found at https://stripe.com/privacy-center/legal and https://support.stripe.com/questions/stripe-and-european-data-transfers.
We may replace our Subprocessors from time to time following above rules of strict selection. Updated information about the list of current Subprocessors may be found at all times here on our Website and we may inform you about such updates via email or in the Mobile app.
INFORMATION WE SHARE
We do not share personal information with companies, organizations and individuals unless one of the following circumstances applies:
- 1. With your consent - we will share personal information with companies, organizations or individuals when we have your consent to do so;
- 2. For making some services possible – to third party processors, as described above;
- 3. For legal reasons - we will share personal information with companies, organizations or individuals, if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
- a) meet any applicable law, regulation, legal process or enforceable governmental request;
- b) collect due amounts from the User;
- d) detect, prevent, or otherwise address fraud, security or technical issues;
- e) protect against harm to the rights, property or safety of ours, our Users or the public as required or permitted by law.
We provide Services to and allow our Mobile app to be used only by persons aged 18 and over.
If we obtain actual knowledge that we have collected personal data from a person under the age of 18, we will promptly delete it, unless we are legally obligated to retain such data.
Please, contact us, if you believe that we have mistakenly or unintentionally collected information from a person under the age of 18.
The information received through our contact forms is stored for up to 6 (six) months in order to efficiently satisfy all received requests and inquiries.
You have the right to request a copy of your personal data at any time, to check the accuracy of the stored information, to correct or update this information, to ask for your personal information to be deleted if there are grounds for doing so, as described below. You also have the right to complain when your privacy rights have been violated. Below is a detailed description of your rights as a personal data subject:
- you have the right to request a confirmation if personal data relating to you are being processed and to request a copy of your personal data as well as the information relating to the collection, processing and storage of your personal data.
- you have the right to request your personal data to be deleted if there are any of the following grounds: personal data are no longer necessary for the purposes for which they have been collected; where you have objected against the processing when the processing is unlawful; where data is processed on your consent and you withdraw that consent; where personal data must be deleted in order to comply with a legal obligation under Union law or the law of a Member State applicable to the controller. You may be denied to delete your personal data for the following reasons: exercising of the right to freedom of expression and the right to information; to comply with our legal obligation or to carry out a task of public interest or in the exercise of the official authority that has been granted to us; for reasons of public interest in the field of public health; for the establishment, exercising or protection of legal claims.
- you have the right to request your personal data to be corrected if it is inaccurate or to be supplemented if it is incomplete.
- you have the right to request to restrict the processing of your personal data if applicable and there is a reason to do so, for example: you dispute the accuracy of personal data for a period that allows us to verify the accuracy of personal data; the processing is illegal, but you do not want personal data to be deleted but only to be limited; we do not need any more personal data for the purposes of processing, but you require them to identify, exercise or protect your legal claims; you have objected against the treatment pending verification that our legitimate grounds have an advantage over your interests.
- you have the right to request to receive personal data that concern you and which you have provided in a structured, widely used and machine readable format, and you have the right to transfer this data to another administrator when the processing is based on consent or on contractual obligation and the processing is done in an automated manner.
- you have the right to make an objection against the processing of your personal data by contacting us at Sofia 1000, 31 Angel Kanchev Street, or via email: firstname.lastname@example.org., if there are reasons to do so.
You can address all requests via post at Sofia 1000, 31 Angel Kanchev Street, or via email: email@example.com. In order to be able to provide you with full assistance, please provide us with accurate information about you and specify your request. It is possible that, in the exercise of your rights, we may ask for additional information to establish your identity.
Please keep in mind that when your requests are clearly unreasonable or excessive, in particular because of their repeatability, we can:
- to charge a fee, taking into account the administrative costs of providing information or communication or undertaking the requested activities, or
- to refuse to take actions on the request.
We will make reasonable efforts to respect your request within 30 days of receiving your application. If necessary, this term may be extended by a further two months, taking into account the complexity and the number of requests.
We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems). Where we can provide information access and correction, we will do so for free, except where it would require a disproportionate effort.
If you file a privacy-related complaint, we will collect your name and/or company name, name of a complaint-related person, email, and country location and details that gave rise to your complaint. We will use the information you provide to investigate your complaint and to send you an answer once your complaint is reviewed.
If you think we have infringed your privacy rights, you can lodge a complaint with the supervisory authority of Bulgaria, which is the Commission for personal data protection. More information can be found at: www.cpdp.bg.
You can also lodge your complaint in particular in the country where you live, your place of work or place where you believe we infringed your right(s).