“Legal Shield Consulting” OOD (hereinafter referred to as “the Company”, “Data Controller”), endeavouring to respect the inviolability of private life, recognises the need to apply appropriate protection to the personal data of data subjects. This Personal data protection policy (hereinafter referred to as “the Policy”) has been created to help data subjects understand how and for what purposes the Company processes, uses and protects their personal data.
For the purposes of its business, the Company processes personal data in strict compliance with Regulation (EU) 2016/679 (‘General Data Protection Regulation’, ‘GDPR’), the Personal Data Protection Act and other applicable regulations and the Policy.
This Policy provides information on the following issues:
“Personal Data” means any information relating to an identified or identifiable natural person or an identifiable natural person is one who can be identified, directly or indirectly;
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means;
“Controller” means Legal Shield Consulting OOD which, alone or jointly with others, determines the purposes and means of the processing of personal data;
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not.
“Data subject” means an individual whose personal data is processed by the Company;
“Website” means the lsconsultingbg.com website.
This Personal Data Protection Policy applies to the relations between “Legal Shield Consulting” OOD on the one hand and consumers and visitors of the Website on the other hand. The purpose of the declaration is to inform data subjects of their rights in accordance with Article 12 and subsequent articles of Regulation (EU) 2016/679.
The controller of the personal data is “Legal Shield Consulting” OOD, Unique Identification Code (UIC) 206352946, and address: Sofia city, Ovcha kupel district, 136-D, Tsar Boris III Blvd., fl. 1, apartment 3, E-mail: office@lsconsultingbg.com, phone number +359 87 932 3259.
The Company collects the following categories of personal data directly from data subjects:
The data subject can make a request for the use of a concrete service from the personal data controller via the on-line form of the Website. In this case, the following personal data should be provided: names, telephone number, e-mail, IP address, data contained in the description.
An invoice is issued to the data subject who has placed the order, for which the following data are required: names, Personal Identification Number (PIN)/Unique Identification Code (UIC), address, financially liable person
In case of legal disputes, the Company may process the following categories of personal data of data subjects, namely: names, e-mail, Personal Identification Number (PIN), address and other data.
The controller may, where applicable, process personal data for marketing purposes. In this case, the data controller requests the consent of the data subject and collects personal data such as: name, e-mail, telephone number in an appropriate manner.
If personal data are provided by the data subject to the controller without any legal basis as defined in Article 6, paragraph 1, of Regulation (EU) 2016/679, or in violation of the principles laid down in Article 5 of the same Regulation, the Company shall, within one month of becoming aware of the event, either reject the data or, if this is impossible or would require disproportionately great efforts, delete or destroy the data. Deletion and destruction shall be documented.
The Company processes the personal data of data subjects who visit the Website and/or choose to make use of the services offered on the Website. The Company also processes personal data of its contractors.
The Company processes personal data for the following purposes:
The Company processes personal data of data subjects on the following lawful grounds:
The Company may disclose the personal data of data subjects to the following categories of recipients:
The Company may include links to third party websites, plug-ins and applications. Clicking or activating these links may allow third parties to collect or share data about the data subject. The Company does not control these third-party websites and is not responsible for their personal data protection policies.
The Company implements appropriate technical and organisational protection measures to guarantee the rights and freedoms of data subjects in accordance with the principle of “integrity and confidentiality”. In particular, the data controller selects appropriate recipients who, taking into account the protection of the personal data made available to them and the risks involved, obtain the necessary guarantees to ensure the appropriate level of security, including, where appropriate, the following:
The controller may provide personal data in countries outside the European Union. In this case, the provision of personal data is subject to compliance with the requirements of Chapter V of Regulation (EU) 2016/679 and applicable international agreements between the European Union and third countries. For this purpose, the Company may lawfully disclose personal data to countries outside the European Union for which there is a decision of the European Commission for an adequate level of protection of personal data. The same applies where the Company has concluded a contract containing standard provisions on the transfer of personal data to third countries, adopted by Commission Implementing Decision (EU) 2021/914 of 4 June 2021.
Legal Shield Consulting OOD stores personal data in accordance with the principle of “storage limitation”. In particular, for the above purposes, the Company will store personal data as follows:
Data subjects whose personal data are processed by the Controller have the following rights:
The aforementioned rights can be exercised by sending the application form in electronic form signed by a qualified electronic signature in accordance with the Electronic Document and Electronic Trust Services Act to office@lsconsultingbg.com. An application may also be made in writing and sent to the Company’s address.
The Company may request consent from data subjects as a legal basis for processing personal data for one or more purposes. For example, some of these purposes may be for profiling, linked tracking, behavioural advertising or others. In these cases, the Company will request the consent of the data subject in order to have a legal basis for the processing of personal data and will inform them in a timely and appropriate manner. Personal data may cover more categories than those listed above, and the consent to be given shall specifically specify the necessary categories of personal data to be processed for the relevant purpose.
Consent must be granted voluntarily, specific, conscious and clear indication of the data subject’s will. Consent may be withdrawn at any time in the manners described above for the exercise of rights by data subjects.
In accordance with the General Data Protection Regulation and the Personal Data Protection Act, data subjects have the right to lodge a complaint with the Personal Data Protection Commission at: Sofia city, 2, Prof. Tsvetan Lazarov Blvd.
The data controller takes the necessary measures for the security of personal data. All documents on paper carrier containing personal data are stored in locked cabinets in the Company office and only authorised persons have access to them. Data in electronic format are stored in accordance with information security and access restriction requirements.