Политика за поверителност

1.1 The Controller understands the privacy concerns of the visitors to this Website (hereinafter referred to as “individuals”) regarding the protection of personal data and is committed to protecting their personal data by applying all the standards for the protection of personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as “GDPR”).

With this Privacy Policy, the Controller respects the privacy of individuals and undertakes every effort to protect the personal data of individuals against unlawful processing by applying technical and organizational measures, which measures are entirely consistent with state-of-the-art technological developments and provide a level of protection that corresponds to the risks associated with the processing and the nature of the data that should be protected.

1.2 With this Privacy Policy and in compliance with the requirements of the GDPR, the Controller provides information on the:

• the purpose and scope of this Privacy Policy;
• personal data collected and processed by the Controller;
• purposes of personal data processing;
• period for which the personal data will be stored;
• mandatory and voluntary nature of the provision of personal data;
• processing of personal data;
• protection of personal data;
• recipients of personal data;
• rights of individuals;
• the procedure to exercise the rights.

3.1 For the purposes of the GDPR and this Privacy Policy, the following terms shall have the following meaning:

1. Personal data means any information relating to an identified or identifiable natural person (‘individual’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
2. Processing of personal data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
3. Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.
4. Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular, to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
5. Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
6. Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
7. Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
8. Third-party means a natural or legal person, public authority, agency or body other than the individual, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
9. Consent of the individual means any freely given, specific, informed and unambiguous indication of the individual’s wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
10. A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, or unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

4.1 The Controller observes the following principles relating to the processing of personal data:

• The personal data are processed lawfully, fairly and in a transparent manner in relation to the individual (‘lawfulness, fairness and transparency);
• The personal data are collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
• The personal data are adequate, relevant and limited to what is necessary for relation to the purposes for which they are processed (‘data minimisation’);
• The personal data are accurate and, where necessary, kept up to date (‘accuracy’);
• The personal data are kept in a form which permits identification of individuals for no longer than is necessary for the purposes for which the personal data are processed (‘storage limitation’);
• The personal data are processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality).

A. Processing of special categories of personal data (“sensitive data”)

5.1.A The Controller does not collect and record special categories of personal data, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. Individuals shall not provide such sensitive data to the Controller. If the individual negligently or intentionally provides sensitive data to the Controller, the Controller undertakes to immediately delete such data.

B. Personal data collected directly from individuals

5.1.B Personal data is collected directly from individuals when the Controller is contacted by phone

5.1 Individuals provide personal data to the Controller when they contact the Controller by phone. The telephone number of the Controller is specified in the Controller’s Identification Information in this Privacy Policy and in the Contacts menu where the contact details of the Controller are provided. When the individual contacts the Controller by phone, the Controller only collects and processes the name and phone number of the individual, and in some cases also the e-mail address of the individual.

These data are processed for the purpose of communicating with the individual. The processing of these personal data is necessary for actions preceding the conclusion of a contract and undertaken at the request of the individual, namely providing more information on the services offered by the Controller in connection with a possible conclusion of a contract with the individual.

The Controller uses the services of a telephone service provider located in the Republic of Bulgaria.

5.2.B Personal data is collected directly from individuals when individuals contact the Controller using the contact form on the website

Individuals provide personal data to the Controller when they contact the Controller by sending a message using the contact form on the Controller’s website at: https://seoble.com/contacts/. When the individual sends a message to the Controller using the contact form to contact Controller, the Controller collects and processes the name of the individual, the e-mail address and the other information that the individual provides in the sent message, such as the address.

These personal data are processed for the purpose of communication with the individual and record keeping. The processing of these personal data is necessary for actions preceding the conclusion of a contract and undertaken at the request of the individual, namely providing more information on the services offered by the Controller in connection with a possible conclusion of a contract with the individual.

The Controller uses the services of an e-mail service provider to store received emails on a server that is located in the Republic of Bulgaria.

5.3.B Personal data is collected directly from individuals when individuals contact the Controller by e-mail

Individuals provide personal data to the Controller when they contact the Controller by sending an e-mail. The e-mail address of the Controller is specified in the Controller’s Identification Information in this Privacy Policy and in the „Contacts“ menu where the contact details of the Controller are provided. When the individual sends an e-mail to the Controller, the Controller collects and processes the e-mail address of the individual and the other information that the individual provides in the sent message, such as the address.

These personal data are processed for the purpose of communication with the individual and record keeping. The processing of these personal data is necessary for actions preceding the conclusion of a contract and undertaken at the request of the individual, namely providing more information on the services offered by the Controller in connection with a possible conclusion of a contract with the individual.

The Controller uses the services of an e-mail service provider to store received emails on a server that is located in the Republic of Bulgaria.

5.4.B Personal data is collected directly from individuals when individuals contact the Controller by sending a message using the Facebook platform

Individuals provide personal data to the Controller when they contact the Controller by sending a message using the Facebook platform via the Facebook messaging service available on the Facebook page of the Controller. When the individual sends a message to the Controller using the Facebook platform via the Facebook messaging service, the Controller collects and processes the individual’s name, as well as the other information the individual provides in the sent message. This data is processed for the purpose of communication with the individual and record keeping. The processing of such personal data is necessary for the realization of the legitimate interests of the Controller, whose legitimate interests are to reply to the received messages, as well as to keep the received messages.

The administrator uses Facebook services, an independent US service provider, to receive messages via the Facebook platform. This means that the personal data provided will be stored on Facebook servers in the United States. For the transmission of such personal data outside the European Economic Area, appropriate safeguards should be provided in accordance with Article 46 of Regulation (EC) 2016/679. Facebook confirms that it adheres to the principles of the „EU-US Privacy Shield“. Facebook has its own Privacy Policy and individuals are advised to get acquainted with it in order to get more information.

The Facebook Privacy Policy is posted at https://www.facebook.com/privacy/policy/

5.5.B Personal data is collected directly from individuals when individuals contact the Controller by sending a message using the LinkedIn platform

Individuals provide personal data to the Controller when they contact the Controller by sending a message using the LinkedIn platform via the LinkedIn messaging service available on the LinkedIn page of the Controller. When the individual sends a message to the Controller using the LinkedIn platform via the Instagram messaging service, the Controller collects and processes the individual’s name, as well as the other information the individual provides in the sent message. This data is processed for the purpose of communication with the individual and record keeping. The processing of such personal data is necessary for the realization of the legitimate interests of the Controller, whose legitimate interests are to reply to the received messages, as well as to keep the received messages.

The Controller uses LinkedIn services, an independent US service provider, to receive messages via the LinkedIn platform. This means that the personal data provided will be stored on LinkedIn servers in the United States. For the transmission of such personal data outside the European Economic Area, appropriate safeguards should be provided in accordance with Article 46 of Regulation (EC) 2016/679, and LinkedIn provides such safeguards and describes them in detail in its Privacy Policy.

LinkedIn’s Privacy Policy is posted at https://www.linkedin.com/legal/privacy-policy

5.6.B Personal data is collected directly from individuals when individuals contact the Controller in order to request a professional SEO audit of their website

Individuals provide personal data to the Controller when they contact the Controller in order to request a professional SEO audit of their website. When the individual contacts the Controller in order to request a professional SEO audit of the website the Controller collects and processes the e-mail address of the individual and the website address of the individual. These personal data are processed for the purpose of communication with the individual, providing a quote, and record keeping. The processing of this personal data is necessary for actions preceding the conclusion of a contract and undertaken at the request of the individual, namely providing a quote for an SEO audit of the website of the individual in connection with a possible conclusion of a contract with the individual.

C. Personal data collected from third parties

5.1.C The Controller usually does not obtain personal data for individuals from third parties. However, in some cases, if the Controller has reasonable grounds to suspect any individual of infringing the Controller’s legal or intellectual property rights, then the Controller will obtain the personal data of the suspected individual from public registers or private sources.

This data may be processed for the purposes of investigating the infringement and taking legal action against the infringement. The lawful grounds for the processing of the personal data are the legitimate interests pursued by the Controller, which legitimate interests are investigating the infringement and taking legal actions against the infringement.

D. Data collected automatically

7.1.D When an individual visits the Web site, the Controller automatically collects the following data, namely:

• The type of device from which the individual accesses the platform (for example, a computer, a mobile phone, a tablet, etc.);
• Internet Protocol (IP) address of the device from which the individual accesses the website (usually used to determine the country or city from which the individual accesses the website);
• Type of operating system;
• Type of the browser;
• Concrete actions undertaken, including the pages visited, frequency and duration of visits to the website;
• Date and time of visits.