PERSONAL DATA PROCESSING AND PROTECTION POLICY
1. Personal Data Definition
Personal data refers to any information that can directly or indirectly identify you as an individual. Indirect identification can be achieved by correlating different pieces of information such as your name, postal address, email address, and telephone number.
​
2. Our Approach to Personal Data Processing
At DaxBulls, we will use your personal data primarily for fulfilling contracts for goods and services requested via our website, and for our newsletter marketing initiatives. We ensure to limit our data collection and processing only to what is necessary to fulfill these purposes.
We commit to using personal data as outlined in this policy, unless we receive your explicit consent for other usage, such as for specific marketing communications.
​
-
Categories of Personal Data We Process
To fulfil our contractual obligations, we process the following categories of your personal data:
-
Names
-
Email addresses
-
Telephone numbers
​
On certain occasions, we might collect other personal information such as gender, age, city/country of residence, previous experience, education, interests, and preferences.
The aforementioned categories of personal data are those you provide us when registering on our site or requesting an offer. We will not ask for any personal data beyond what's necessary for preparing an offer and executing the contract for the provision of goods and services.
​
In certain situations, we may need to process and store personal data based on legal requirements to ensure regulatory compliance, such as preventing, detecting, or investigating crimes, or preventing financial misconduct.
​
-
Website Usage
​
This Privacy Policy also covers the use of our website with certain mechanisms and features concerning personal data protection.
​
-
Cookies: Our website uses cookies and similar technologies to enhance user experience, functionality, and security. Additionally, they aid in understanding advertising effectiveness. For more information, refer to our cookie policy.
-
Third-Party Websites: For user convenience, our website includes links to third-party websites that are not operated or controlled by us. This Privacy Policy doesn't extend to these websites. We bear no responsibility for the security or protection of any information collected by these third parties. We recommend you to check their privacy policies directly.
-
Mailchimp and WIX: We use Wix and Mailchimp for managing mailing list subscriptions. More information can be found in the Mailchimp and WIX privacy statement.
-
Personal Data Disclosure:
-
External Service Providers: We will disclose your personal data only to those third parties mentioned, and for the stated purposes. Unless we have your explicit consent to share your personal data with other third parties, we will implement measures to ensure your data is processed, protected, and transferred in accordance with the law.
-
Business Transitions: In the event of business transformation activities like restructuring, merger, sale, or asset transfer, we may share your personal data with the acquiring entity, provided they have agreed to comply with applicable personal data protection laws.
-
Public Authorities: We will disclose your personal data to public authorities when legally required, such as complying with requests from courts, administrative bodies, or other government entities.
​
Note that we do not transfer your personal data or any related information outside the territory of the European Union.
​
-
Processing of Children's Personal Data:
We do not collect or process personal data of children under 18 years of age. If we inadvertently collect such data, it will be deleted promptly.
​
Processing of special categories of personal data ("sensitive" data):
-
We do not collect or process special categories of personal data, which include: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as the processing of genetic data, biometric data for the sole purpose of identifying an individual, data concerning health, or data concerning an individual's sex life or sexual orientation.
​
-
Security of your data:
​
-
We take the security of your personal information seriously. We implement appropriate levels of protection and have developed reasonable physical, electronic, and technical procedures to safeguard the data we collect from accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access to transmitted, stored, or otherwise processed personal data. Access to your personal data is granted only to employees, service providers, or persons related to us who require the information for official purposes or need it to perform their duties. In the event of a data breach involving personal data, we will comply with all applicable notification rules in such cases.
-
What are your legal rights?
-
As a data subject, you have specific legal rights related to the personal data we collect from you. These rights apply to all processing activities that we carry out and undertake with your personal data, as listed above. We respect your individual rights and will address your questions adequately.
-
The following list provides information about your rights arising from the applicable data protection laws:
-
Right to rectification: You have the right to have your personal data rectified. We make reasonable efforts to ensure that the personal data in our possession and under our control, which is regularly processed, is accurate, complete, up-to-date, and relevant based on the latest information available to us.
-
Right to restriction: You have the right to request the restriction of the processing of your personal data if:
-
you contest the accuracy of your personal data, for the period we need to verify their accuracy,
-
the processing is unlawful, and you request a restriction on the processing instead of erasing your personal data,
-
we no longer need your personal data, but you require them for the establishment, exercise, or defence of legal claims, or
-
you object to the processing, pending verification that our legitimate grounds override yours.
-
-
Right of access: You have the right to request information about the personal data we hold about you, including information on the categories of personal data we hold or control, their purposes, the source of the data (if not obtained directly from you), and any disclosures to third parties, if applicable. You are entitled to one free copy of the personal data we hold about you. In accordance with applicable law, we reserve the right to charge a reasonable fee for any additional copies requested after the first one.
-
Right to data portability: Upon your request, we will transfer your personal data to another data controller when technically feasible, provided that the processing is based on your consent or a contractual obligation. Instead of receiving a copy of your personal data, you may request that we transfer the data directly to another data controller specified by you.
-
Right to erasure: You have the right to request the erasure of your personal data under the following circumstances:
-
The personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
-
You have the right to object to further processing of your personal data (see below) and choose to exercise this right;
-
The processing is based on your consent, you withdraw this consent, and there is no other legal basis for the processing;
-
The personal data has been processed unlawfully;
-
Unless the processing is necessary for the following reasons:
-
To comply with a legal obligation requiring processing by us;
-
For archiving purposes in the public interest
-
For the establishment, exercise, or defence of legal claims
-
-
​
Right to object: You may object at any time to the processing of your personal data concerning your particular situation, provided that the processing is not based on your consent but on our legitimate interests or those of a third party. In such cases, we will cease processing your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests or for the establishment, exercise, or defence of legal claims. If you object to the processing, please specify whether you wish to have your personal data erased or the processing restricted by us.
​
Right to lodge a complaint: In the event of an alleged violation of applicable data protection laws, you have the right to lodge a complaint with the Data Protection Authority in your country of residence or the location of the alleged violation. In the Republic of Bulgaria, this body is the Commission for Personal Data Protection (CPDP).
​
Additional information required to exercise your rights:
​
Response Time: We will endeavour to comply with your requests to exercise your rights or obtain information from us concerning your personal data within 30 days. This timeframe may be extended for specific reasons related to the particular legal right or due to the complexity of your request.
​
Limited Access: In certain situations, we may be unable to provide you with access to all or part of your personal data due to legal provisions. If we deny your request for access, we will inform you of the reason for the denial.
​
Identification Challenges: In some instances, we may be unable to verify your personal data based on the identifiers provided in your request. In such cases, when we cannot identify you as a data subject, we are objectively unable to comply with your request to exercise your legal rights as outlined in this section, unless you provide additional information enabling us to identify you.
​
Exercising your legal rights: To exercise your legal rights, please contact us at the addresses listed at the end of this policy.
​
Retention of your personal data:
​
Generally, we will retain the personal data you provide to us for the purposes of sale and delivery of goods and services, as long as necessary to fulfil the delivery, as well as for an extended period, as required by applicable regulations concerning accounting and company cash flow control. We will maintain your purchase history on the site for a period of 3 years.
Policy amendments:
​
We reserve the right to modify our data protection practices and update and revise this policy at any time. For this reason, we encourage you to review the policy regularly. This data protection policy is current as of the "latest revision" date listed at the top of this page.
Breach Notification: In the event of a data breach, we will notify all affected users promptly and in accordance with applicable law, detailing the nature of the breach, the potential impacts, and the steps we are taking to mitigate the effects.
​
Contact information:
​
The personal data controller is DaxBulls Ltd.
​
Please direct your inquiries regarding data protection and any requests related to exercising your legal rights to the email address specified on the site.
​
-
Effective from: 10.06.2023
-
Last revision: 10.06.2023