Personal data management

Personal Data Protection

"MOYA STUDIO" OOD carries out its activities in accordance with the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data.

Control over activities related to the collection, processing and provision of personal data is exercised by the following state body:

Commission for Personal Data Protection (CPDP)

Address: Sofia 1592, "Prof. Tsvetan Lazarov" Blvd. No. 2

Tel: 02/91-53-518

Email: kzld@cpdp.bg

Website: www.cpdp.bg

“Personal data” means information defined as such in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation – "GDPR") or information considered personal under any other law or decree. We protect the personal data of our customers and treat the users of this website in the same way.

 

4.1. The Provider takes all necessary legal measures to protect the personal data of the User. This policy explains how the information of visitors to www.onenightdress.shop is processed.

4.2. In accordance with these General Terms and Conditions, in order to shop from the online store www.onenightdress.shop, registration with a password and email is required. Registration is completely free and is done by filling out the registration form. During registration, the User must provide an email and password, names, and delivery address. Upon registration on the site, the User voluntarily provides their full name, region, city, postal code, delivery address, correspondence address, contact phone number, and current email. This data is provided by the User only to be handed over to a courier and to perform delivery of the selected goods.

4.3. By using the online store, the User expressly agrees for their personal data to be collected and processed by the company in accordance with the Personal Data Protection Act, while simultaneously guaranteeing their accuracy and reliability. The User also declares that they have been informed about the type of personal data collected and processed, the purposes for which they will be used, as well as their rights to access, correct, amend, or delete personal data.

4.4. The Provider takes action to collect personal data from the User to respond to their requests, which may include: creating a personal profile, fulfilling an order, providing customer service, providing access to certain functionalities of the online store, registering for the newsletter, for marketing activities, for internal purposes such as audit, statistical analysis and research to improve the products, services, and customer relations of the Provider. We may use information in aggregated form to analyze the use of our site. The Provider does not sell, rent, loan, trade, or lease any personal information collected on www.onenightdress.shop, including membership data or email address lists. Any information entered by the User in their profile on www.onenightdress.shop will be kept and will not be used in a way for which the User has not given their consent.

4.5. The User has the right:

  • to request information about what personal information the Provider has collected about them, as well as information regarding the purposes of processing, categories of personal data, recipients to whom your personal data may be disclosed, and other;
  • to refuse their personal data to be used for commercial, advertising, or marketing purposes. If the User does not wish their data to be used for commercial, advertising, or marketing purposes, they can contact the Provider at the contacts published on www.onenightdress.shop in the Contact section.
  • to request correction or completion of inaccurate data related to them
  • to withdraw their consent for the use of their personal data
  • to request to be "forgotten", i.e., their personal data to be deleted
  • to object to the processing of their personal data
  • to file a complaint, in case of unlawful use of their personal data, with the Commission for Personal Data Protection, Sofia, "Prof. Tsvetan Lazarov" Str. No. 2, email: kzld@cpdp.bg and website: www.cpdp.bg;

4.6. The Provider provides the personal data it possesses to third parties (registered in Bulgaria or another member state) only for the purposes of concluding and executing distance sales contracts, including for the delivery of goods to an address specified by the User. The data is provided to a licensed postal operator (courier company), providers of technological infrastructure for card payments, banks servicing payments made by and to customers; persons who, by assignment of the Administrator, maintain the functioning of the Site as well as equipment and software, persons providing consulting services to the Administrator in various fields - lawyers, accountants; bodies, institutions, and persons to whom we are obliged to provide personal data under current legislation.

The Provider obliges all its agents and service providers to state in writing that they will protect the personal information of our users and will use it only for the purposes approved by us.

Personal data will be processed by employees of the administrator or personal data processors, among whom, in particular, will be cloud service providers in the field of hosting, file storage, CRM, and eMail services.

"MOYA STUDIO" OOD works only with reputable providers who provide sufficient guarantees for the implementation of appropriate technical and organizational measures in such a way that processing proceeds in accordance with the requirements of the GDPR and ensures the protection of the rights of data subjects.

These companies, without the list being exhaustive, are:

– MailChimp: https://mailchimp.com/legal/privacy/

– Google Analytics: https://privacy.google.com

– Facebook: https://www.facebook.com/privacy/explanation

– Paysera https://www.paysera.bg/v2/bg-BG/sigurnost

– UBB Bank https://www.unicreditbulbank.bg/bg/pravna-informatsiya/poveritelnost/zashita-na-lichnite-danni/

Some service providers may transfer data outside the EU/EEA where there is a decision on the adequate level of protection, for example - in the case of the EU-U.S. Privacy Shield, or where there are other appropriate safeguards in accordance with the requirements of the GDPR. For more information, you can review the privacy policies of our providers and contact us using one of the methods listed above.

The Personal Data Protection Act obliges every personal data administrator, including the Provider, to disclose information required by court order or other legal means, or to prevent possible damage to persons or property. By creating a profile on www.myplantobe.com, the User declares that they are aware that in certain cases the Provider is required to disclose information:

  • if required by law;
  • in compliance with a judicial, regulatory, or other official act or decision;
  • based on an agreement (if any) between the Provider and other personal data administrator(s), in accordance with the requirements of the Personal Data Protection Act;
  • upon instructions given by the User

4.7. The Provider does not collect or process data revealing racial or ethnic origin, political, religious, or philosophical beliefs, membership in political parties or organizations, associations with religious, philosophical, political, or trade union purposes, as well as data relating to health, sexual life, or the human genome.

4.8. Each User has access and can correct, change, or delete parts of their personal data through their personal profile registered on the website www.onenightdress.shop. The Provider will keep their data for as long as necessary to provide services from the online store or until required by law. After that, the user's personal data will be deleted. We store your personal information for as long as necessary to ensure the effective performance of our services. In general, we store your personal data until your profile exists or until you explicitly request the data to be deleted. The information provided and collected by you will not be sold or provided for use by third parties without your personal consent.

4.9. For your convenience, The Provider may provide links on this site to other websites that are not maintained or controlled by The Provider. If you use these links, you leave this site. The Provider has no control and is not responsible for the content, privacy policies, or security of these sites. The Provider undertakes no obligation to verify the veracity or accuracy of third-party sites or their content and does not provide any guarantee or responsibility for them.

4.10. In accordance with the European Data Protection Directive, the General Data Protection Regulation – "GDPR", The Provider gives users the opportunity, after filling in personal data in the special electronic form, to give or not their consent for the processing of their personal data regarding the receipt of news and promotions from The Provider.

4.11. When you visit The Provider's websites and services, we may collect information about the software and technologies you use, through cookies or Facebook pixel. For example, when you visit our site, we save your IP address to know where to send the information you request. The following information is stored when visiting our sites: IP addresses, type of operating system, time and length of stay, pages visited, and type of browser. We do not in any way link the stored information with other such information that could lead to your identification. We may analyze the information from our servers to improve the site and personalize each of them for specific users. For example, Facebook pixel collects data about your behavior on our site and you may see ads from us on Facebook. When you visit our site or use our service, we may place a text file, called a “cookie”, in your browser's directory, only with your consent. Cookies are information that the website sends to your computer when you browse the site. This information allows the website to remember important information about your preferences and to make your stay on the site better and to analyze information about user behavior on the site.

Please note that if you choose to delete or block "cookies", this may affect the accessibility or functionality of this website.

More information about "cookies", including options for managing them, can be found on the following website: http://www.allaboutcookies.org/manage-cookies/.

How can you disable the use of "cookies"? If you want to enable or disable the use of "cookies" from your browser settings, depending on your browser, visit the following webpages to learn about the necessary actions:

Internet Explorer http://support.microsoft.com/kb/278835
Firefox http://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
Chrome http://support.google.com/accounts/answer/61416?hl=en
Opera http://www.opera.com/browser/tutorials/security/privacy/
Safari http://support.apple.com/kb/PH5042
Safari for iPad and iPhone http://support.apple.com/kb/HT1677

4.12. The Provider may change the provisions of this section at any time by publishing a new version of it or a replacement page. The new version should come into effect from the date it is published, and the new effective date should be indicated at the bottom of the page. All employees of The Provider undertake not to disseminate information that became known to them during the performance of their employment duties and concerning the company's Clients.

The Provider reserves the right to amend and supplement these General Terms and Conditions at any time, and all such amendments and supplements come into force without the need for prior consent of the users. Amendments and supplements come into force automatically, from the moment they are published on The Provider's website: www.onenightdress.shop