1. Overview:

This text gives information about how we collect and process your personal information through the use of the site https://sepa-cyber.com/, including any information that you may provide to us through the site when you log in to test the product or register for our newsletter or provide your contact details through the form enabled for this purpose.

We inform you that our services are not available for people who the regulations and laws prevent from providing consent. For this reason, when you send us the forms, you guarantee that you have full capacity to provide consent.

The legal basis on which SEPA Cyber Technologies EAD handles personal data is your voluntary consent.

  1. Company information:

Company name: SEPA Cyber Technologies EAD

Registered office: Office Building Granite, Western Industrial Zone, Varna 9000, Bulgaria

Company registration number: 206306842

Telephone: +35952953104

We have a Data Protection Officer, who you can contact via the following email address: dataofficer@sepa-cyber.com.

SEPA Cyber Technologies EAD (hereafter we or our) is the entity responsible for your data.

  1. Personal data we collect

The General Data Protection Regulation indicates that personal information is all information about an identified or identifiable natural person, meaning each piece of information capable of identifying a person. This will not include anonymous or percentual information.

On our website we can process certain types of personal information, which may include:

  • Identity details: first name, last name
  • Contact details: email and telephone
  • Marketing and communications information: preferences for receiving marketing communications from us and preferred means of communication.

We do not collect any information regarding special categories of personal information (those that reveal your ethnic or racial origin, political opinions, religious or philosophical convictions, trade union membership and information about your health, genetic or biometric data).

In the event of being requested to provide personal information by law or according to the terms of contract, and you refusing to provide them to us, it is possible that we will not be able to provide the service, as you should provide the information to us in advance.

  1. Data Security

We are making serious efforts to ensure the security of our websites. The data you provide us is protected by SSL technology. SSL is a standard method in the area of personal data encryption so that it can be securely transferred over the Internet. The password you provide when signing up for our websites is encrypted to provide protection against unauthorized access to your personal information Keeping the privacy and security of your personal information is of the highest priority and restricting access to it only to those employees of SEPA Cyber Technologies EAD who need to contact her in order to fulfill their role and to enable our services being provided to you. We will keep your information confidential unless disclosure is required by law or for technical purposes.

We store your personal information for as long as necessary to ensure the effective operation of our websites. In general, we store your personal information until you explicitly want to delete the data. The information provided and collected by you will not be sold or made available for use to any person without your personal consent.

  1. How we collect, use, and disclose your personal information

Information can be provided in case of a request by the respective government bodies and institutions, in order and in cases, determined by the Bulgarian legislation in force. We make every possible effort to protect your personal information, but nevertheless, when sharing information on the Internet, you should keep in mind that the transmission of information over the Internet can never be completely secure and that security cannot be fully guaranteed.

The means we use to collect personal information are:

  • Through the form on our website, through our contact email, by telephone, postal mail, when:
    • You request information about our products or services
    • You request quotes
    • You send your comments
  • Through technology or automated interactions: on our website, we may automatically collect technical information about your computer, log in credentials, browsing actions and patterns of use. This information is collected through cookies or similar technologies.
  • Through third parties:
    • Google: analytical data or search data. Outside of the European Union.
    • Social networks:(Facebook, Instagram, Twitter, LinkedIn….) outside of the European Union.
  1. Purpose and legitimacy for the use of your data

The most common uses for your personal information are:

  • To formalise a contract between SEPA Cyber Technologies and yourself
  • When you give your consent in the handling of your information
  • When we need it to comply with a legal or regulatory obligation
  • When it is necessary for our legitimate interest or that of a third party.

The User may revoke the consent provided at any time by sending an email to dataofficer@sepa-cyber.com or by checking the section on the exercising of rights further below.

Below we attach a table where you can see the ways in which we will use your personal information and the legitimacy for its use, as well as knowing what type of personal information we will process. We can process any piece of personal information for an additional legal reason, so if you need details about this you can send an email to dataofficer@sepa-cyber.com.

Purpose Type of data Legitimacy for its processing
To request information through our contact form ·         Name

·         Surname

·         Email

·         Telephone

·         Language

Consent of the person concerned
To send commercial communications, то deliver you relevant content that may be of interest to you ·         Name

·         Surname

·         Email

Consent of the person concerned
For employment applications through the “Work with Us” form ·         Name

·         Surname

·         Email

·         Telephone

Consent of the person concerned Compliance with a pre-contractual obligation.
Legitimate Interest

For example, we use the Personal Data to:

  • Communicate with you about the services that we offer
  • Contact you about Service announcements, updates or offers
  • Provide support and assistance for the services that we offer
  • Personalize website content and communications based on your preferences
  • Meet contract or legal obligations
  • Respond to user inquiries
  • Fulfill user requests
  • Resolve disputes
  • Protect against or deter fraudulent, illegal or harmful actions

Commercial communications: you will only receive commercial communications if:

  • You requested information from us or made a contract with us for a product or service.
  • You provided your information and ticked the box requesting your consent, enabled for this purpose on our form.
  • We obtain your express consent before sending any communication, you can request at any time that we stop sending you communications to the email dataofficer@sepa-cyber.com.
  • When you opt to stop receiving our communications, your personal information will continue to be stored in accordance with the respective legislation as a result of the contract carried out by you, so that we can meet legal requirements.

Purpose: We will only use your information for the purposes for which we collect them, unless we reasonably consider that we must use it for another reason, notifying you in advance so that you are informed of the legal reasons for its processing and whenever the purpose is compatible with the original purpose.

Period of preservation: The information will be kept for the necessary time to comply with the purpose for which it was collected and to determine possible responsibilities that may arise from this purpose and the handling of the information. The provisions of the different regulations regarding preservation periods will apply, as applicable to this processing.

  1. Your rights with respect of your personal data

You have certain rights under the applicable law with regards to the personal data we hold for you, namely:

  • You are authorized to request access and receive personal data, which is stored about you as well as information regarding the purposes of the processing, the categories of personal data, the recipients to which your personal data may be disclosed and others.
  • You have the right at any time to request correction of inaccurate data relating to you, as well as supplementing incomplete data if appropriate and / or necessary for the purpose with which the data are processed.
  • You may at any time withdraw your consent to the use of your personal data that you provided at a previous time. In this case, withdrawing your consent to the use or processing of your personal information may result in the inability to take advantage of certain products or services provided by the above websites.
  • If you do not wish SEPA Cyber Technologies EAD to process your personal data, you have the right to be “forgotten”, that is, you may at any time ask for your personal information to be deleted for one of the following reasons:
    • Your data is no longer necessary for the purposes for which it was collected or otherwise processed.
    • You have withdrawn your consent to the processing of your personal data.
    • Your personal data is being processed unlawfully.
    • You have objected to the processing of your personal data.
    • Other cases provided for in the legislation governing the protection of personal data.
  • Instead of deleting your data under certain circumstances, you have the right to request restrictions of the processing of your personal data.
  • You have the right of objection to SEPA Cyber Technologies EAD against the processing of your personal data, provided there is a legal basis for that.
  • In the event that you want your information to be handled by another company, SEPA Cyber Technologies EAD will facilitate the portability of your information to the new data processor.

All listed rights can be exercised by submitting a free written application to the following email address: dataofficer@sepa-cyber.com, sent from your registered email address, containing at least the following:

  1. username, email and other identification data of the individual concerned.
  2. a description of the request.
  3. reference to SEPA Cyber Technologies EAD’s domain to which this request relates.
  4. the preferred means of contact for SEPA Cyber Technologies EAD to provide information.

The submission of the application is completely free of charge. The time limit for processing the application shall be one month as from the date of receipt of the application.

You have the right to bring a complaint to the Commission for personal data protection (Bulgarian Data Protection Commission): if you consider that there is a problem with the way in which SEPA Cyber Technologies EAD is handling your data. Before bringing a complaint to the Commission for personal data protection, you can write to our Data Protection Officer, at the previously stated email address who will mediate in the solution to your problems. However, you can always write, in the event you feel that your rights have been breached, to the Commission for personal data protection.

More information about personal data protection can be found on the Commission for personal data protection website: https://www.cpdp.bg/?p=element&aid=1115

We may request specific information from you to help us confirm your identity and guarantee your right to access your personal information (or exercise of the other rights mentioned above). This is a security measure to guarantee that personal information is not revealed to any person who does not have the right to receive it.

It is possible that, in carrying out our work, we need the help of third parties (data processors), who will only process the information to provide the service contracted, and with whom we have the following measures in place to guarantee your rights:

  • Providers of services that deliver systems administration and information technology services.
  • Professional advisers (this includes lawyers, auditors and insurers who provide services of banking, legal, insurance and accounting consultancy).

Each data processor that we transfer your data to, will respect the security of your personal information and will process it in accordance with GDPR.

We only enable these processors to handle your data for specific purposes and in accordance with our instructions. However, in compliance with transparency, you can request a list of the companies who provide these services to us via the following email: dataofficer@sepa-cyber.com.

We have implemented suitable security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized manner, modified or disseminated. In addition, we limit access to your personal information to employees, contractors and other third parties who have a commercial need to know this information. They will only process your information according to our instructions and will be subject to a duty of confidentiality.

We have implemented procedures to handle any suspicion of a breach of your personal information and we will notify you and the Control Authority in the event of a security breach, as regulated in the GDPR in its articles 33 and 34.

More information about personal data protection can be found on the Commission for personal data protection website: https://www.cpdp.bg/?p=element&aid=1115.

  1. Contact Us

If you have any questions, comments or complaints about this Data protection and privacy Policy, or if you wish to exercise your rights or update your personal information, please contact us by email at the following address: dataofficer@sepa-cyber.com.