Terms of Service and Data Protection Policy of Lex Aspect Law Offic
Entry into force: 25.05.2018
Last modified: 22.05.2018
1. These Terms of Service govern the rules of use of the https://lexaspect.com site, hereafter referred to as the “Site”, including the processing of personal data and cookies.
2. The site is owned by Attorney Dichko Yanev, who is a member of the Burgas Bar Association and complies with all the provisions concerning the legal regulation of his profession under the Law on Attorneys. Contact attorney Yanev – email:firstname.lastname@example.org ,+359887985788, or at address: Burgas, 2, Vasil Aprilov Street, floor 3
4. Site information is in the form of legal articles or other information that expresses the owner’s opinion and should not be considered as legal or other advice. The owner or any related person does not bear any responsibility with regard to the accuracy of the information and the correct functioning of the site, including the timeliness of published acts, legal articles, etc.
2. Cookies are specific information sent by the server to the user’s browser. Used for more effective site performance. They allow the site to tick the actions and preferences of users for a certain amount of time. The cookies that are commonly used may be “for the current session” or “permanent,” the first ones are automatically deleted after the end of the site session and the latter can be saved on the user’s device for a specified period of time or indefinitely.
The SSL protocol is a way of protecting the processed personal data and is responsible for its encryption. The site https://lexaspect.com uses the SSL Security Certificate to protect its users.
Information on the rights of persons regarding the protection of personal data
Information about the person who processes your personal data
Name: Attorney Ditchko Yanev
Address and address: Burgas, 2 Vasil Aprilov Street, floor 3
Address for correspondence: Burgas, 2 Vasil Aprilov Street, fl. 3
Phone number: +359 887 985 788
Information about the competent supervisory body which provides personal data protection
Name: Commission for the protection of personal data
Seat and business address: Sofia, 1592, Blvd. “Prof. Tsvetan Lazarov “№ 2
Address for correspondence: Sofia, 1592, Blvd. “Prof. Tsvetan Lazarov “№ 2
Phone number: 02 915 3518
Attorney Dichko Yanev (Hereinafter referred to as” Administrator “) operates in accordance with the Law on Personal Data Protection and Regulation (EU ) 2016/679 of the European Parliament and of the Council of 01 October 2015 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. This information is intended to inform you of all the aspects of the processing of your personal data through this website and the rights you have in connection with such processing.
Reason for collecting, processing and storing your personal data
The administrator collects and processes your personal data in connection with the use of the website https://lexaspect.com and in connection with making of contracts with the company pursuant to Art.6, para. 1, Regulation (EU) 2016/679 (GDPR), and in particular on the following:
- You explicitly give your consent as a customer;
- Execution of the obligations of the Administrator under the contract with you;
- Compliance with a statutory duty applicable to the Administrator;
- For the purposes of the legitimate interests of the Administrator or of a third party.
Objectives and Principles in Collecting, Processing and Storing Your Personal Data
(1) The administrator collects and processes the personal data you provide in connection with the use of thewebsitehttps://lexaspect.comand the conclusion of a legal service contract, including for the following purposes:
- individualization of a party regarding the contract;
- accounting purposes;
- statistical purposes;
- protection and security of information;
- securing the execution of the contract for the provision of the respective service;
- sending a newsletter at your request.
(2) The administrator shall follow the following principles when processing of your personal data:
- Lawfulness, good faith and transparency;
- Limitation of the purpose of processing;
- Relevance to processing goals and minimization of data collection;
- accuracy and timeliness of the data;
- Restriction of storage in order to achieve the objectives;
- Integrity and confidentiality of processing, and ensuring an adequate level of security of personal data.
(3)In the processing and storage of personal data, the Administrator may process and store personal data in order to protect his legitimate interests:
- Fulfillment of his duties with the National Revenue Agency, the Ministry of Interior and other state and municipal authorities.
(4) Personal data can be processed in order to make it easier for users searching on the Internet to obtain publicly available legal information.
What kind of personal data the administrator acquires, processes and stores
Personal data is provided by users when using the site, absolutely voluntarily, they have no obligation to do so. During the functioning of the site, there is no obligation for the user to provide certain personal data that is absolutely mandatory for the website to function.
(1) The administrator shall carry out the following operations with the personal data provided by you for the following purposes:
- Conclusion and execution of a legal service contract with a client– the purpose of this operation is the conclusion and execution of a contract with the client and its administration. In some cases, the purpose of the operation may also be to protect the legitimate interests of the Administrator in performing the contract. Given the limited scope of personal data collected and the fact that part of it is collected from publicly available sources, it is not necessary to carry out an impact assessment on the operation.
- Send a request from a user to the site via an inquiry form– the purpose of this operation is to send a request for a personal case at the user’s request, for which contact details are provided to make a call-in connection with the inquiry. Personal data sent by e-mail or by inquiry form shall not be made available to third parties other than subcontractors or other third party owners for the sole purpose of these Usage Guidelines. Given the limited scope of personal data collected, an impact assessment of the operation is not required to be carried out.
- Send a newsletter– the purpose of this operation is to administer the bulletin submission process to customers who have explicitly stated they wish to receive them. Given the limited scope of personal data collected, an impact assessment of the operation is not required to be carried out.
- Data to be collected and processed(names, phone and e-mail)
- Purpose for which data is collected:
- Making a contact with the user and responding to a request made to the office;
- For the purpose of sending a newsletter.
- Conclusion of a legal service contract.
- Reason for processing your personal data– By accepting the Terms and Conditions of Service and / or the conclusion of a written contract for the provision of legal services, a contractual relationship is created between the Administrator and the User, on which the personal data – Art. 6, para. 1, b. (b) GDPR. Your data for sending a newsletter is processed on the basis of your explicit consent – Art. 6, para. 1, b. (s) GDPR.
- Data from your social networking accounts (public information from your Google+ accounts, Facebook)
- Goal for which data is collected:
- Making a user connection and sending information to the user.
- Reason for processing your personal data: Your data used to sign up for events and campaigns is being processed on the basis of your explicit consent – Art. 6, para. 1, b. (a) GDPR
(2)To function properly, the site uses the following programs and web solutions that could access the user’s IP address and analyze its behavior while staying on the website without identifying it as an individual: Google Analytics, various Wordspress plugins, Google Webmaster tools, Facebook, Google plus, which comply with the requirements of the Regulation and are responsible for the personal data they are being provided.
(3) The processed personal data is not being used for marketing purposes or advertisement messages.
(4) The administrator does not collect or process personal data that relates to the following:
- Reveal racial or ethnic origin;
- Reveal political, religious or philosophical beliefs, or membership of trade unions;
- Genetic and biometric data, health data, or data on sexual life or sexual orientation.
(5)Personal data is collected by the Administrator for the persons to whom it refers.
(6) The administrator does not perform automated decision making with data.
(7) The administrator does not collect and process data for persons under 16 years, except with the explicit consent of their parents or legal guardians.
Term of storage of your personal data
(1) The administrator keeps your personal data for a period no longer than necessary for the proper functioning of the site or for the withdrawal of the consent for processing. Upon the withdrawal of the consent to processing, the Administrator takes the necessary care to erase and destroy all your data without undue delay or to make it anonymous (i.e. to bring them in a form that does not reveal your identity).
(2) The Administrator shall keep your personal data provided in connection with inquiries for a period of 5 years for the purpose of protecting the legal interest of the Administrator in judicial or administrative disputes, and the accounting documents shall be kept for the relevant statutory period.
(3) The Administrator shall notify you in the event that the period for storing the data is required to be extended in order to comply with a statutory obligation or with respect to the legitimate interests of the Administrator or otherwise.
Art. 6. The administrator keeps the personal data of the clients of the firm for the term of execution of the concluded contract for observing the legitimate interests and legal obligations of the Administrator, which may exceed the term of the concluded contract.
Transmission of Your Personal Data for Processing
(1) The administrator may, at his own discretion, transmit all or a part of your personal data for the fulfillment of the processing purposes with which you have agreed, subject to the requirements of Regulation (EC) 2016/679 (GDPR) .
(2) The Administrator notifies you in case of intent to transfer some or all of your personal data to third parties or international organizations.
Your rights in collecting, processing and storing your personal data
Withdrawal of consent to process your personal data
(1)If you do not want all or a part of your personal data to continue to be processed for any or all processing purposes, you may at any time withdraw your consent to process by submitting a request in free text.
(2) The Administrator may require you to certify your identity and identity with the person to whom the data relate to the site at the Administrator’s office.
Right of access
(1)You have the right to request and obtain from the Administrator a confirmation that personal data relating to you are being processed
(2)You have the right to access the data relating to you as well as the information relating to the collection, processing and storing your personal data.
(3) The Administrator shall provide you, upon request, with a copy of the processed personal data relating to you in electronic or other appropriate form.
(4) The provision of access to the data is free of charge, but the Administrator reserves the right to impose an administrative fee in case of repeatability or excessive demand.
Right of Correction or Filling
Art. 10. You may correct or fill in imprecise or incomplete personal data relating to you by contacting us.
Right to Erase (“to be forgotten”)
(1)You have the right to ask the administrator to erase a part or all of your personal data and the administrator is obliged to delete them without undue delay when there is any of the following reasons:
- Personal data is no longer required for the purposes for which they were collected or otherwise processed;
- You withdraw your consent on which the processing of the data is based and there is no other legal basis for the processing to continue;
- You object to the processing of your related personal data, including for the purposes of direct marketing, and there are no legitimate grounds for the processing that will take precedence;
- Personal data has been tampered with;
- Personal data must be deleted in order to comply with a legal obligation under EU law or the law of a Member State that applies to the Administrator;
- Personal data have been collected in connection with the provision of information society services.
(2) The administrator shall not be obliged to erase the personal data if he keeps and processes them:
- To exercise his right to freedom of expression and his right to information;
- To comply with a legal obligation that requires treatment provided under EU law or the law of the Member State that applies to the Administrator or for the performance of a task of public interest or the exercise of official authority conferred on him;
- For reasons of public interest in the field of public health;
- For purposes of archiving in the public interest, for scientific or historical research or for statistical purposes;
- For the grounds, exercise or protection of legal claims.
(3)In the event that you exercise your right to be forgotten, the Administrator will erase all your data, except the following information:
- information that is necessary to verify that your right to be forgotten;
- technical information about the functioning of the site, which information cannot connect in any way with your identity;
(4)In order to exercise your right to be forgotten, you must submit a request by sending an email request to the Administrator.
(5) The administrator may ask you to verify your identity and identity with the subject of the data.
(6) The administrator does not erase the data, which he has a legal obligation to store, including the protection against claims against him or to prove his rights.
Right to Limitation
You have the right to submit a request to the Administrator to restrict the processing of your related data when:
- You contest the accuracy of the personal data for a period that allows the Administrator to verify the accuracy of the personal data;
- processing is illegal, but you do not want personal data to be erased but only to be limited;
- The administrator no longer requires personal data for the purpose of processing, but you require the data to establish, exercise or protect your legal claims;
- You have objected to the processing pending verification that the legal grounds of the Administrator have an advantage over your interests.
Right of portability
(1)You may at any time obtain in a machine-readable format the data that is stored and processed for you in connection with the use of the services of the Administrator by submitting an email request.
(2)You may request the Administrator to directly transfer your personal data to an administrator you provide when it is technically feasible.
Right to receive information
You may request the Administrator to inform you of all recipients of the personal data to whom the personal data with the correction, deletion or limitation has been disclosed. The administrator may refuse to provide this information if this would be impossible or would require disproportionate amount of effort.
Right of objection
Art. 15. You may at any time object to the processing of personal data which concerns the Administrator even if its` been processed for your purposes of profiling
Your rights in violation of the security of your personal data
(1)If the Administrator detects a breach of security of your personal data that may pose a high risk to your rights and freedoms, he shall notify you without unnecessary delay of the violation, as well as of the measures he took or are about to be taken.
(2) The administrator is not obliged to notify you if:
- He has taken appropriate technical and organizational measures to protect the data affected by the security breach;
- Has subsequently taken measures to ensure that the violation will not lead to a higher for your rights;
- Notification would require disproportionate efforts.
Entities to which your personal data are provided
Art. 17. The administrator does not transfer your data to third countries.
Art. 18. In the event of a violation of your rights under the above or applicable data protection laws, you have the right to file a complaint with the Personal Data Protection Commission as follows:
Name: Personal Data Protection Commision
Seat and address of management: Sofia 1592, blvd. “Prof. Tsvetan Lazarov “№ 2
Address for correspondence: Sofia 1592,” Prof. Tsvetan Lazarov “№2
Phone number: 02 915 3 518
Art. 19. You may exercise all of your rights to protect your personal data by submitting your claims in any form that contains a statement and identifies you as the data holder.
Art. 21. If the consent relates to a transfer, the Administrator shall describe the possible risks for the transfer of data to third parties in the absence of a decision on adequate protection and appropriate solutions.
Lex Aspect Law Collective