INTRALINK Co., DATA PROTECTION POLICY

INTRALINK Co., (“the Company”) values its customers’ privacy and is committed to protecting your personally identifiable information. As an administrator of personal data, the Company enforces the below Data Protection Policy for collecting and processing of personal data in accordance with European Union Directive 2016/680 and Bulgarian legislation.

Should you have any questions or would like further information on our Data Protection Policy, please contact us on +359 56 880123 or via e-mail on office@intralink.bg.

The below Data Protection Policy is effective from 25 May 2018.

1. INTRALINK Co., collects and processes personal data for the following purposes:

     • Human resources management.
     • Managing relations with the Company's clients and provision of services.
     • Conclusion and execution of contracts with suppliers for provision of services to the Company.  

2. Information we collect from clients/suppliers: 

     • Full name, unique citizenship number, date of birth, postal address, email address, telephone number and other information needed for business purposes.

3. Information provided by clients when completing online contact form:

     • Name, telephone number, e-mail address.

4. Personal data storage:

     • Personal data is stored on our digital database and/or paper carriers. The Company has taken all necessary precautions as required by European and local legislation to ensure personal data is adequately and appropriately protected from being manipulated, lost, destroyed or accessed by unauthorized persons.
     • The digital database is on reliable and protected servers on Bulgarian territory and/or suppliers’ cloud storage facilities compliant with EU General Data Protection Regulation.

5. Your rights as a personal data subject:  

     • To request a copy of your personal data by making a “subject access request”. Such a request can be made via post or on the Company’s e-mail address.
     • To request us to erase or correct personal data, the processing of which does not meet the requirements of the law.
     • To object to the use of your personal data for direct marketing.
     • To withdraw your consent for processing of your personal data at any time.
     • To complain to relevant authorities.

6. Company’s obligations when responding to data subjects’ requests:

     • Upon receipt of a written request in accordance with Article 5, the Company is obliged to notify the data subject whether there are legal grounds for considering the request. Should such grounds exist, the Company is obliged to notify the person of the order in which these rights can be exercised.

7. Destruction of personal data:

     • The Company will destroy personal data once it is no longer required for processing purposes and once it is no longer necessary for business purposes.
     • Personal data will be destroyed in a secure manner without impairing data subjects’ rights and in accordance with relevant legislation.