Last updated: 05.04.2021

Welcome on www.sepa-cyber.com

Thank you for visiting our website. We, the SEPA Cyber Technologies (“SEPA Cyber”,“we”, “our” or “us”), take to heart your privacy. We continue and strengthen our commitment to provide adequate protection of any personal information you give us. The present updated version of our Privacy Policy is intended to comply with the requirements of the General Data Protection Regulation (GDPR), effective from 25.05.2018, and the Personal Data Protection Act of the Republic of Bulgaria.

The Website uses cookies under the terms and conditions described below in the Cookies Policy.

SEPA Cyber Technologies contact details for the purposes of this Policy are as follows:

e-mail address: dataofficer@sepa-cyber.com,

Why do we need you to read our Privacy Policy?

Please, take time to read the following Privacy Policy carefully. It highlights a number of questions, including what personal information we collect through our website and the purposes for which we process it.

By using www.sepa-cyber.com (the “Website”), irrespective of whether you are just visiting it to make yourself familiar with us and our activity, use it to apply, submit application, or send us a message, you share information which may contain personal data.

In the course of performing some of the above actions, you may be required to provide certain personal information, such as name, address, mobile number, e-mail, etc. You are entitled to choose whether or not to provide us with your personal data. In the event you decide not to share them with us, we will not be able to process your application, contact you and/or assist you with information.

We reserve the right to amend and update this Policy from time to time. In such cases, the current version will always be available on our Website. The date of the last update will be indicated at the top of the Privacy Policy.

What information do we collect about you?

Information you give us.

This is information that you give us by filling in forms, sending inquiries, submitting applications or proposals, sending messages on our Website, as well as when further interacting with us, and during the execution and reporting of the concluded contracts. This information may include your identification data, contact details (e-mail, address and phone number), financial information, etc., which may be required for further processing of your data in relation to a agreement.

Information we collect about you.

Like many site operators, we collect information that your browser sends whenever you visit our Website (“Log Data”). The Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, pages of our Website that you visit, time and date of your visit, time spent on the Website or its pages and other statistics.

We use Google Analytics service provided by Google and, if you are a user with residence in the European Union, EEA or Switzerland, the controller of your personal data is Google Ireland Limited. This service collects and processes information about your actual location and other technical information about your visit on our Website. For this purpose we use “cookies” as described below in this Policy (“Cookies Policy”). The information collected by Google Analytics includes the Internet protocol (IP) address used to connect your computer or another device to the internet, click stream to, through and from our site (including date and time), page interaction information (such as scrolling, clicks, and mouse-overs). Google Analytics use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points and power supply. You can withdraw your consent at any time by downloading and installing the suggested browser, or by managing your consent in the box of opt-out cookies. Both options prevent web analytics only if you use the browser on which you have installed this plug-in or if you do not delete the refusal cookie. For more information check Google Terms of Use and Privacy Policy. Please refer constantly to Google website for changes or updates to these terms and to the information collected by Google Analytics.

How we collect and use your information?

When you visit the Website there are circumstances in which you may be required to provide us with some of your personal data. This is applicable in the following cases:

  • When applying in order to contact you, including to send you documents;
  • When you fill in and submit an online application to contact you at the contact details provided by you and to answer your questions related to the selection procedure; to invite you to participate in an online meeting or webinar in order to provide you with additional explanations and to answer questions related to a selection procedure; to invite you to an individual meeting or interview;
  • When you have requested to receive information or assistance to send you a personalized reply;
  • When you participate in communities, virtual chat rooms, and use other interactive services in order to administer our programs and projects and the concomitant activities;
  • In connection with the verification of the information you provide to verify your identity and prevent violation of the Terms and Conditions of use;
  • In the course of our communication regarding agreements, projects, initiatives, events and other activities published on the Website;
  • When making comments or giving us additional information in a section of the Website that allows it;
  • In relation to any section of the Website where you deliberately and voluntarily provide personal information and data.

When using your profile in online platforms like LinkedIn, Twitter, Facebook, Instagram, etc., we may process the personal data, which you have made visible on your profile.

We process your personal information and data for the following purposes:

  • Responding to your inquiries;
  • Processing your requests and communicating with you;
  • Reviewing and evaluating your applications and communicating with you;
  • Sending application form, as well as for subsequent processing of the data for the purpose of entering into, implementing and reporting of a agreement;
  • Sending information about the various features on our Website or news about the SEPA Cyber;
  • Notifying you of any updates of our policies;
  • Personalizing the communication with you;
  • Sending letters, invitations to events as well as information about programs, initiatives, activities and projects by e-mail or otherwise; For registration for an event or participation in a program;
  • Optimizing and improving our initiatives and activities;
  • Research and development of our activity;
  • Editorial purposes in respect of publications related to the SEPA Cyber’s activities;
  • Detecting, investigating and preventing actions that may be in violation of our policies or are illegal;

What is the basis for processing of your personal data?

  • Performance of a contract and taking steps at your request prior to entering into a contract with us – your personal data is necessary for reviewing your inquiry, application or project proposal, as well as for the conclusion and implementation of agreement;
  • Compliance with a legal obligation – the processing of your data is necessary for us to comply with the obligations imposed by the applicable laws, for example, for financial and accounting purposes.
  • Your consent – we rely on your consent to inform you about and involve you in various initiatives of the SEPA Cyber, including trainings, conferences, seminars and other events related to our activity; to share your data with our partners and to notify you of any changes in our organization and activity.

How long do we retain your information and what are the criteria?

We store your data only for the term necessary for the specific purpose for which data are collected, or for the periods prescribed by applicable laws. We will be retained for a period of time according to the SEPA Cyber’s internal policies regarding the conclusion, implementation and reporting of agreement. For more information about the retention terms of your personal data you may contact us at any time at the above contact details.

Who do we share your personal information with?

The SEPA Cyber is committed to applying the highest standards of ethical and legal practices in all its activities, including the protection of the personal data of all users of the Website. The SEPA Cyber may share and/or transfer your data or part of it to 1) its partners in collaborative initiatives, co-organizers of events and other activities; 2) contractors (established within and outside the EU which are committed by virtue of a contract with us to support ABF in its activities and in complying with the principles described in this Privacy Policy, incl. for improvement, optimization and security enhancement of our Website; 3) competent authorities in the cases and under the conditions set forth in the applicable laws.

Some recipients of your data may be located in third countries. The non-EU countries concerned may not provide the same level of protection of personal data as your country. In such cases, the SEPA Cyber will ensure that personal data are adequately protected by data recipients in these countries through the mechanisms for lawful data transfer to third countries under the GDPR. For more information about the data transfers and the applied transfer mechanisms, you may contact us at any time at the above listed contact details.

What are your rights?

Right of access and right of rectification

You have the right to receive information about what personal data of yours are being processed by the SEPA Cyber, about the data source and the purposes of their use, about the third parties recipients or categories third parties recipients of the data, as well as other aspects of the processing of your data. You are entitled at any time to request rectification of inaccurate or incomplete data.

Right of data erasure (right to “be forgotten”)

You are entitled to request the erasure of your personal data in specific circumstances, e.g. (i) if you think that your personal data are no longer required for the purposes for which they were collected, (ii) if you withdraw the consent on which your data processing is based and you believe that the SEPA Cyber has no legal grounds for further processing, (iii) if you consider the processing is unlawful, or (iv) the erasure of your data is required for the purposes of fulfilment of a legal obligation, applicable to the SEPA Cyber.

Right to object

You have the right to object to the processing of your personal data for specific purposes. However, even if you object to a particular processing, we may proceed with it, if is permitted or required by the applicable laws, for example, in order to be able to meet legal requirements or fulfil our contractual obligations to you.

Right to restriction of processing

You may request the processing of personal data to be restricted if (i) you believe your personal data is inaccurate in order for us to verify its accuracy; or (ii) you consider the processing to be unlawful, but you do not want the data to be erased, or (iii) you have objected to data processing for the purposes of our legitimate interests, or (iv) you consider we no longer need your personal data, but you require them to establish, exercise or protect legal claims. The SEPA Cyber will restrict the processing of your personal data without deleting it when the accuracy of your personal data is argued by you and this cannot be verified, or when the retention of your personal data is necessary for documentary purposes.

Right of consent withdrawal

If at any time you have given your consent to the processing of your personal data, you may withdraw this consent for future processing to which this consent refers. In case you want to withdraw your consent for receiving our newsletter, please select the “unsubscribe” option in the email. Please note that the withdrawal of consent does not affect the lawfulness of processing of your personal data on another valid legal basis and lawfulness of the processing on the basis of the consent given before withdrawal.

Right of data portability

In certain cases, you are entitled to receive your personal data you have provided to us on the basis of a contract or with your explicit consent in a structured, commonly used and machine-readable format, and you might request that we transmit this data directly to another data controller when technically possible.

Right to lodge a complaint to supervisory authority

If you consider that your personal data processing is in violation of the legal requirements, you have the right to lodge a complaint with the competent supervisory authority. Use the following link to find the competent authority in the EU Member State of your habitual residence, place of work or place of the alleged infringement: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

It is recommended that you address your claims to the SEPA Cyber first in order to get a quicker and more effective solution to the problem.

Please, note that your right of access to data may be restricted in whole or in part, considering your fundamental rights and legitimate interests, in the cases provided by law. The SEPA Cyber may refuse to respond to your request to exercise your rights when it is unfounded, as well as when this is necessary for reasons of important public interest or to protect the rights and freedoms of other individuals. In any case, you will be promptly and duly informed of the decision and the reasons for it regarding any request to exercise your rights.

What to do if you want to exercise your rights or contact us for more information?

In order to exercise your rights, you may submit a request to the above listed email address.

If you would like to receive additional information or have any questions about the way we use your personal information, you can use our contact details listed above.