top of page

Privacy Policy

Personal Data Protection Policy of Pishtalova Law Company

 

At Pishtalova Law Company, we acknowledge our responsibility to safeguard the privacy of our clients, partners, and website users. This Personal Data Protection Policy delineates our commitment to providing high-quality legal services while ensuring the protection of your personal information. Please thoroughly review this policy to comprehend how we collect, store, and process your data when utilizing our website: https://www.pishtalova.com/ and our corporate social media profiles.

 

I.Who Are We?

We are Pishtalova Law Company, registered with the Supreme Judicial Council. As a personal data controller under the General Data Protection Regulation (GDPR), we process personal data in compliance with applicable laws and the principles outlined in this policy.

 

II. From Whom we Process Data  

We process data about various individuals, including:

  • Visitors to the Website

  • Inquirers, business proposers, and complainants

  • Subscribers to our communications

  • Social network interactions

  • Job applicants

 

III. Types of Personal Data We Process

  1. Data Related to Correspondence or Interaction: Name, contact details, occupation, message content, and related communication data.

  2. Data Related to Job Applications: Names, contact details, position applied for, CV information.

  3. Data from Social Network Interaction: Information as per privacy settings.

 

IV. Obligatory Character of Data Submission

We specify the voluntary or mandatory nature of data provision. Refusal to provide mandatory data may affect our ability to respond adequately to inquiries.

 

V. Justification and Legitimate Foundations for the Processing of Personal Information

We process data for purposes such as legal obligations, contract-related steps, legitimate interests, and with explicit consent. Specific purposes include compliance with legal obligations, handling inquiries, maintaining website quality, communication, and exercising legal rights.

 

VI. Categories of Personal Data under Our Purview Recipients
Recipients include subcontractors, business partners, service providers, competent authorities, and others, ensuring compliance with data protection laws.

 

VII. Transfer of Personal Data Beyond the European Union/European Economic Area (EU/EEA).

In cases of data transfer to countries outside the EU/EEA, we ensure adherence to European data protection standards through decisions of the European Commission or standard contractual clauses.

This policy centers on transparency and compliance with data protection laws, underscoring our dedication to ensuring the security and privacy of your personal information. For more details, refer to our comprehensive Personal Data Protection Policy.


VIII. Duration for Retaining Personal Data

We commit to storing your personal data only for the duration necessary to achieve the processing purposes outlined below.

  1. Storage of Personal Data for Legal Compliance: Personal data in documents/information carriers governed by legal storage periods will be stored as per applicable legislation. If this policy prescribes a longer storage period, it will override legal requirements.

  2. Storage of Personal Data in Correspondence/Communication: In the absence of a legally prescribed duration, personal data from correspondence with us will be retained for up to 5 years post the correspondence's completion, covering inquiries, requests, complaints, and other communications.

  3. Storage of Server and System Logs on the Website: Server and system logs are typically stored for up to 1 year. Logs for website interactions, including acknowledgments of policy reading and consents, are retained for up to 5 years post the relevant communication's conclusion.

  4. Storage of Personal Data Based on Consent: Personal data processed with your consent, unless time-limited, will continue until withdrawal or the final achievement of processing purposes. Time-limited consent dictates the relevant period.

  5. Storage of Cookies: Refer to our Cookie Policy for specific storage durations. Legal requirements may extend storage periods beyond those stated in items 1-6. In legal disputes or proceedings, data may be retained for up to 5 years post-conclusion.

 

IX. The Rights you have:

As a Data subject per the Regulation, you possess the following rights:

  • Right of Information (Art.13 and Art. 14 GDPR): Obtain detailed information on personal data processing through this Policy.

  • Right of Access (Art. 15 GDPR): Confirm personal data processing, access such data, and receive information on processing and associated rights.

  • Right of Rectification (Art. 16 GDPR): Request rectification or completion of inaccurate or incomplete personal data.

  • Right of Erasure (Art. 17 GDPR): Request erasure of personal data when Regulation conditions are met.

  • Right of Restriction of Processing (Art. 18 GDPR): Exercise the right to restrict processing per Regulation conditions.

  • Right of Notification of Third Parties (Art.19 GDPR): Request notification of rectification, erasure, or processing restriction to third parties, where applicable.

  • Right of Data Portability (Art. 20 GDPR): Receive personal data in a machine-readable format and transmit it to another controller if conditions are met.

  • Right to Lodge a Complaint (Art. 77 GDPR): Lodge a complaint with the Commission for Personal Data Protection in Bulgaria.

  • Right to Object: Object to data processing based on legitimate interest, with consideration of legal grounds.

 

This Policy covers processing and protection of personal data within our legal services context. For more details on using our website or applying for a job, refer to the respective policies available on our website.

bottom of page