We at DAL SIAT value fairness and transparency and are dedicated to establishing strong and long-lasting relationships with you, our users, built on trust and mutual benefit.
Therefore, we have developed our policy for the protection of personal data in a transparent, understandable and easily accessible form, in accordance with the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of physical persons in connection with the processing of personal data and on the free movement of such data and for the repeal of Directive 95/46/EC.
When you share personal data with us, we process it in accordance with this policy. Please read the information carefully, and if you have any questions, contact us at the coordinates below. Please note that we may request proof of your identity in order to process your specific request.
I. Who are we?
The website www.dalsiat.com is owned by SK DAL SIAT AD, UIC 175055798, address: Sofia 1303, 54 Antim I Str., tel. (+359 2) 8952095, email: email@example.com. Wherever we mention DAL SIAT, "we", "us" or "our", we mean SK DAL SIAT AD. The Company is responsible for protecting the personal data you share with us and is the controller and processor of personal data within the meaning of applicable data protection legislation. The Company has appointed a data protection officer who answers all questions from users regarding the processing and protection of their personal data. Any user of the Site can be contacted by email at firstname.lastname@example.org and by telephone +(359 2) 8952085.
Respecting your personal data is of fundamental importance to us. We ensure that privacy and security are embodied in everything we do.
II. What categories of personal data about you can we receive and process through this site?
We believe that you, the users, are at the heart of what we do. We care about your opinion to build the apps and services you need.
In case you decide to apply for a job with us, the data we can receive from you through our site is in the "Careers" section and is name, e-mail, educational degree, major, an internship in the major, telephone, other explanatory information you wish to provide us and a curriculum vitae. When we collect data, we mark with asterisks the mandatory fields with information that we need to enable you to apply to us for an advertised vacancy. Without this data, we will not be able to obtain the information we need to decide whether you meet the specific conditions for the position you are applying for. There is no transfer of this personal data to third parties.
III. For what purpose do we process your personal data provided to us and on what legal grounds?v
With this Policy on confidentiality and protection of personal data, Dal Siat takes into account the privacy of the individual and makes efforts to protect it against unlawful processing of the personal data of individuals. In accordance with legislation and good practices, the company implements sophisticated technical and organizational measures to protect the personal data of individuals. With this Policy on confidentiality and protection of personal data, we aim to inform natural persons about the purposes of processing personal data, the recipients or categories of recipients to whom the data may be disclosed, the mandatory or voluntary nature of providing data, as well as the consequences of refusal for their provision, information on the right of access and the right to correct the collected data, in accordance with the requirements of Art. 19 and Art. 20 of the Personal Data Protection Act (PDPA)
The law requires us to determine the legal basis on which we process different categories of personal information and to notify you of the grounds and our purposes for each category of personal data processed. If the basis on which we are processing your personal information is no longer applicable, we will immediately stop processing your data. If the reason changes then (if required by law) we will notify you of the change and any new reason where we determine that we can continue to process your information. By certain actions, that do not arise from a contractual relationship between us, for example when you browse the dalsiat.com website or request to submit your application through the Careers section, you give your consent to us processing information that may constitute personal data.
We always strive to obtain your express consent to process this information, for example by asking you to accept the presence of cookies when using the dalsiat.com site, as well as by providing you with all mandatory information regarding the processing of your personal data, immediately before the moment of its receipt.
Sometimes you may give your consent indirectly, such as when you send us an e-mail message to which you reasonably expect us to respond.
We process your data for the following purposes:
• To assess whether you are a suitable candidate for the advertised position;
•To accept your application for the specified vacant position;
•To contact you in case of possible approval and to invite you to an interview;
•• To communicate with you via email and telephone regarding your application.
We never give or sell your data. We respect your rights and always aim to comply with your requests to the extent possible under our legal and operational responsibilities.
Depending on the purpose for which the data is used, the legal grounds for us to process your personal data may be one or more of the following:
•Campaign execution: to provide you with the opportunity to apply for the vacancy or to take steps at your request;
• Legal basis: when data processing is required by law;
• Our legitimate interest, which may be: to ensure the proper functioning of the site, to improve our services (in particular, our business interests to be able to better understand your needs and expectations and, therefore, to improve our services);
• Your agreement.
IV. What are the categories of recipients of your personal data?
We are committed to protecting and safeguarding your data. This includes working only with trusted partners..
Your personal data may only be processed on our behalf. For example, we may entrust services that require the processing of your personal data to IT service providers, hosting services, maintenance of our databases, software and applications that may contain data about you (such services are sometimes related to access to your personal data for the performance of these tasks), social networks, web analytics and search engines, use of tools to refine user-generated content, postal services and deliveries, advertising, marketing, digital and social media agencies to assist us in organizing of advertising and marketing campaigns, to analyze their effectiveness and manage your contacts and questions.
We may share your personal data to comply with our legal obligations, to prevent fraud and/or to protect our interests, to improve our services, or after obtaining your consent to do so.
Dal Siat does not transfer your data to a third country or to an international organization.
We may also provide your personal data to third parties if:
• You have given your consent to this;
• • In other circumstances, if we have the right and are required by law.
V. How long do we keep your personal data?
We store your personal data only to the extent necessary to meet your needs, for the purposes for which we store it, or in accordance with our legal obligations. When we no longer need your personal data, we delete it from our system so that you can no longer be identified by it.
To determine the retention period for your personal data, we apply the following criteria:
• When you apply through a recruitment site, the term is 1 /one/ year.
• When you apply through www.dalsiat.com, the deadline for destroying the information is 30 days from the receipt of the information
• When you apply through our e-mail, we store your personal data for a period of one month.
• We may retain some personal data in order to comply with some of our legal or regulatory obligations and to manage our rights (for example, to file claims in court) or for tax and accounting purposes.
VI.What are your rights?
Dal Siat respects your right to privacy. It is important to be able to manage your personal data. You have the right to request access to, rectification or deletion of personal data or restriction of processing of personal data relating to you, or the right to object to processing, as well as the right to data portability.
You can exercise the following rights:
•Right of access, including the right to a copy of the data being processed:
At any time, any natural person has the right to request information about his personal data that Dal Siat stores. The request is honored and the data is provided after the person authenticates their identity in an appropriate way.
• Right to correct inaccurate personal data
Every natural person has the right to request correction of his personal data if they are incorrect, including completion of incomplete personal data. This can be done by contacting Dal Siat with a written request, after proper identification.
•Right to deletion ("Right to be forgotten") in the following cases:
1.When the need for processing ceases;
2. Upon withdrawal of consent, when the processing is based on consent;
3.In case of established illegal data processing;
4. In the event of a legal obligation to delete the data.
The right to be forgotten is not an absolute right and may not be respected in the cases provided for by law, even after proper authentication of the identity of the subject of the personal data, in which case he/she is notified of this immediately.
On your own initiative, you have the opportunity to realize your right "to be forgotten" by expressing your desire to. After review, we permanently delete your data. The personal data entered by you is deleted to the extent that the remaining data is anonymous or coded and will not constitute personal data within the meaning of the applicable legislation. This means that they will not be able to be linked to your identity.
• A natural person has the right to request restriction of processing when:
1.the accuracy of the data is contested, for the period in which their accuracy must be verified; or
2. the processing of the data is without legal basis, but instead of deleting it, it requested their limited processing; or
3. here is or has arisen a need to process the data for the establishment, exercise or defense of the person's legal claims; or
4.an objection has been filed to the processing of the data, pending verification of whether the reasons of the administrator are lawful;
In case of rectification, erasure or limitation of processing, Dal Siat communicates this, unless this is impossible or requires a disproportionately large effort.
• Right to portability of machine-readable data:
1.Personal data are provided directly to their subject;
2. Upon request by the subject and technical possibility, the data is provided to another administrator of his choice.
• Right of the data subject to object to processing based on legitimate interest:
The subject of personal data has the right to object to the processing of his personal data based on the legitimate interest of the Administrator. Dal Siat will not continue to process his personal data unless it is demonstrated that there are compelling legal reasons for doing so that override the interests and rights of the data subject or due to litigation and other procedural and non-procedural dispute settlement actions /claims.
• Right of the data subject to object to direct marketing:
Any personal data subject has the right to object to receiving marketing communications, including profiling and analysis for direct marketing purposes
• Right to withdraw consent.
The withdrawal of consent to the processing of personal data is done by sending a notification, in the expression of this;
Upon withdrawal of consent, the processing of the relevant type of personal data for the specified purposes is suspended. The withdrawal of consent does not affect the lawfulness of the processing done on the basis of a given consent before its withdrawal.
•Right to appeal to the Commission for Personal Data Protection or to a regulatory body within the EU.
You have the right to object to the processing of personal data by us, as well as the right to appeal to a supervisory authority. The Supervisory Authority in the Republic of Bulgaria, in the sense of the applicable legislation, is the Commission for the Protection of Personal Data. The right of appeal is exercised at the address: 2 Tsvetan Lazarov Bul., 1592 Sofia, +359 2 915 3580; Fax +359 2 915 3525; на e-mail:email@example.com and via Website: https://www.cpdp.bg
The rights described above are exercised by written request in a form specified by Dal Siat, which you can obtain at the office of the Administrator or by electronic means after a request to the Data Protection Officer.
you will receive an answer to your inquiry within the statutory one-month period from receipt of the written request.
Please note that we may request proof of your identity in order to process your specific request.
VII. Is your personal data protected?
We always do our best to protect our sites and implement strict procedures and security measures to prevent unauthorized access. The data we collect is stored entirely electronically.
We use SSL certificates to establish a secure encrypted connection between the web browsers of the site users and our servers. SSL, short for Secure Sockets Layer, is a protocol used to transfer personal data and documents over the Internet. Data is encrypted with a private key, then transmitted over an SSL connection.
Web-based information systems that work with this protocol usually have URL prefixed with "https:" instead of "http:". This is a protocol that protects your information by transferring it over the Internet in an encrypted format. The protocol ensures that the information sent remains unchanged and unread by third parties./p>
In the event of a breach in the protection of personal data and leakage of information, the administrator undertakes to notify the Commission for Personal Data Protection in a timely manner within no more than 72 hours of ascertaining the event.
Whenever possible we always use pseudonymization. This means the processing of personal data in such a way that the personal data can no longer be linked to a specific data subject without the use of additional information, provided that it is stored separately and is subject to technical and organizational measures in order to it is ensured that the personal data is not linked to an identified natural person or to an identifiable natural person.
VIII. Changes to this policy
Please do not hesitate to contact us with any questions about this policy.