Publish Listing Login
Publish Listing Login

Privacy Policy

C ONFIDENTIALITY AND PERSONAL DATA PROTECTION POLICY OF ISKAMKOLA LTD 
I. DESIGNATION 
This Policy aims  to introduce a unified approach for the application of the regulations 
under Regulation 2016/679 of the EU. This is to be published in ISKAMKOLA LTD 
website. 
II. RANGE OF THE VALIDITY 
This Policy shall be valid for all the customers of ISKAMKOLA LTD. 
III. TERMS, DEFINITIONS, ABBREVIATIONS 
Abbreviation 
GDPR - General Data Protection Regulations
EU - European Union
IV. NATURE

Information about Iskamkola Ltd: This is a company registered in the Commercial 
Register of the Registry Agency, with UIC: 208170729, with head and registered office: 
city of Sofia, 2 Krasna Polyana Residential Area, bl. 28A, flat 18, tel.: 0878787386, e
mail: office@iskamkola.bg
In order to achieve the set goals and under Regulation 2016/679, effective as of 25 May 2018, which gives the individuals greater control on their personal data protection, Iskamkola Ltd processes your personal data under the following principles: 


Principles for Personal Data Processing 


Personal data processing is performed under the principles of their protection, as regulated in Art. 5 of Regulation (EU) 2016/679 – Iskamkola Ltd applies the following principles of personal data processing: 
• the personal data is processed legally, in good faith, and transparently; 
• the persona data is collected for specific, explicitly regulated and legal purposes; 
• the personal data processing must be adequate, relevant, and limited to what is necessary for the processing with the respective purpose; 
• the personal data must be accurate and updated at any moment. Reasonable 
measures must be undertaken in order to guarantee the respective deletion or correction of any incorrect personal data; 
• the personal data is stored in such a way that the subject of the data can be identified only as long as necessary for the processing; 
• the personal data is processed in such a way as to guarantee the appropriate security (Art. 24, par. 32 of the GDPR); 
• following the principles of reporting. 
The security of the data which you have entrusted to us is very important for us. In connection to this, we protect your data by applying all the appropriate technical and organisational means we have so as not to allow any unpermitted access, unpermitted or ill-intentioned use or loss of information. 
This Confidentiality and Personal Data Protection Policy aims to clarify how and why we process your personal data. 
How and why do we process your data? 
The processing is necessary for the performance of the contract you are a party of or for undertaking any steps by your request before, during, or after the conclusion of a contract. 
The processing is performed for the following purposes: 
• reporting your identity; 
• management and execution of your applications and/or requests for products or services, further administration and performance of contract/-s; 
• execution of offers for the conclusion of a contract and the supporting documents, including remotely, as well as their sending through courier services; 
• execution and sending information on liabilities and invoices; 
• ensuring your complete service; 
• providing cooperation during the period of use of the provided products/services; 
• communication and sending notifications online or on paper for anything 
connected to the products and services you use with us, including different messages, information for orders you have sent, problems, errors, or responses to requests, claims, grievances, reports, offers, etc. filed by you; 
• provision of personal data to third parties – administrators of personal data for the performance of the contractual relations; the information is provided under a concluded contract which guarantees that the personal data protection is under the appropriate technical and organisational measures and ensures protection to your rights. 
For the performance of the regulatory obligations 
We process your identification data necessary for following the regulated obligations, namely: 
• Personal Data Protection ACT and Regulation (EU) 2016/679 – provision of information to the Commission for Personal Data Protection in connection to obligations regulated by the regulatory framework for personal data protection; 
• Accounting ACT and Tax-Insurance Procedure Code or other connected regulations in connection to keeping legal accounting; 
• Procedural and substantive legislation – provision of information to the court 
and third parties, within court proceedings, under the regulations of the legislation applicable to the proceedings.

 
Other Regulatory Documents

 
After provided consent for personal data protection. In some cases, your personal data is processed after preliminary written/online consent. The consent is an independent reason for personal data processing, as the purpose of processing is specified in it and does not match the purposes specified in this Policy. 
If you give the respective consent, we will process your personal data for the specified purposes, until its withdrawal. 
The provided consent may be withdrawn at any time, as this will not reflect the performance of the contractual obligations of Iskamkola Ltd. 
With the withdrawal of your consent for personal data protection, Iskamkola Ltd will not use your personal data for the purposes it was provided for. 
The withdrawal of the consent does not concern the legal processing based on given consent before its withdrawal. 
When the processing is necessary for the purpose of a legal interest. 
We can process your personal data when the processing is necessary for the purposes of our legal interests or for the purposes of the legal interests of third parties unless your interests or your basic rights and freedom prevail over such interests. Processing your personal data based on legal interests may include, without limitation to the use of personal data, for identification in executing invoices, for the provision of the performance of the contractual services, for the achievement of internal administrative goals. 
What kind of data do we process? 
• identification data – full name, personal number, personal ID, etc.; 
• other data – information about the type and contents of the contractual 
relations; any other information connected to the contractual relations, including: 
o e-mail, letters, including, but not limited to: applications, claims, 
requests, grievances, reports, etc.; o contact personal data – contact address, telephone number, and e-mail; 

o bank account number or any other bank or payment information connected to the payments to Iskamkola Ltd. 
Other information like: 
• other personal data provided by you or by a third party in the conclusion or under 
Iskamkola Ltd contract, including, but not limited to: full name, personal number/personal number for a foreigner, personal card number, address under your identity card, telephone number, e-mail, personal data specified in a power 
of attorney. When processing your personal data for the purposes of providing services, for their payment, for the execution of your service orders, as well in order to perform our legal obligations, this processing is obligatory for the achievement of these goals.

 
How do we protect your personal data? 
In order to provide adequate personal data protection, we apply all the necessary organizational and technical measures governed by Regulation 2016/679 of EU and the Personal Data Protection Act. For the purposes of maximal security in the processing, transferring, and storage of personal data, we can use additional protection mechanisms, like encryption, pseudonymisation, etc. Rights of the Data Subject 


Right of Deletion (right of ‘Being forgotten’)

You have the right of asking Iskamkola Ltd to delete the personal data connected to you, like: 
• the personal data is not necessary for the purposes it was collected for; 
• the processing is under consent, after the withdrawal of your consent; 
• The personal data has been processed illegally; 
• the personal data must be deleted for the purposes of following legal obligations under the Union law or the right of a member state, which is applicable to Iskamkola Ltd. 


Deletion of Your Personal Data 


Iskamkola Ltd will terminate the use of your personal data after achieving the goals they were provided for when they are not necessary for the protection of a legal interest, after termination of the contractual relations, or until the final settlement of all financial relations, as well as after the expiry of the regulatory obligations for the purposes of data protection, like, for example: 
• under the Accounting Act, for the purposes and processing accounting data (11 years); 
• under the Obligations and Contracts Act – after the expiry of the claiming terms (5 years). 
Please, consider that we will not delete your personal data if it is necessary for a pending lawsuit, administrative, or any other procedure, as well as in case of obligations for providing information to the court, to competent governmental bodies, and in case of any other grounds regulated under the current legislation. 


When and why do we share personal data to third parties? 
The provision of personal data to partners or third parties, when there is a valid reason for that, is performed under a concluded contract, which guarantees that the processing is under appropriate technical and organisational measures and provides protection to your rights. 
We do not provide your personal data to third parties before we are convinced that all the technical and organisational measures for data protection have been taken, by aiming to provide strict control for the achievement of this goal. 
Third parties to which we provide personal data, like: 
• banks for servicing your payments; 
• post operators and courier service companies; 
• authorities, institutions, and persons to whom we are obliged to provide personal data – under the current legislation. 


Right of Information 


You have the following rights: 
• to ask if your personal data connected to you has been processed. In case of 
confirmation, to ask for access to the data and information for the purposes of the processing; 
• to receive the information in a brief, transparent, understandable, and easily accessible form.

 
Right of Correction 


You have the following rights: 
• Provided that the personal data we process are incomplete, incorrect, or outdated, you have the right, at any time, to ask for its correction. 
• In case of correction of your personal data, you have the right to ask us about any third parties to whom this personal data has been revealed. 


Right of Objection

 
At any time, you have the right to: 
• object against processing your personal data. Provided that your objection is reasonable, Iskamkola Ltd will terminate the processing of your personal data. 


Right of Limitation of the Processing

 
You have the right to ask for processing your personal data if: 
• you dispute the accuracy of the data for the period for which we have to check its accuracy; 
• the data processing has not been under legal grounds, but instead of being deleted: you would like to limit their processing; 
• we need your data for the purposes of its processing, but you demand their establishment, execution, or protection of legal claims; 
• you have filed an objection against the data processing for the period of performing the check. 


Transferability Right 


You have the right to receive your personal data from us in an organised, ordered, structured, widely used e-format if: 
• we process your personal data under a consent you have given to us or the processing is under your contractual obligation with us and 
• the processing is automatic. 


Right of Claim 


You have the right to file a claim before Iskamkola Ltd in the cases you consider that your personal data processing violates the applicable regulatory framework. You must file the claims personally or through a proxy, with a notarial power of attorney. Iskamkola Ltd will provide information about your claim within a month after its submission. If necessary, this term may be prolonged with a month, with view of collecting additional information.You have the right of filing a claim before the Commission for Personal Data Protection and before the European Data Protection Board provided that you think that the personal data processing violates the applicable regulatory framework. 


Final Provisions


This Policy was approved with a Resolution of the Sole Owner of the Capital and the Manager of Iskamkola Ltd on 19 March 2025.