Sensika Technologies Ltd (“Sensika”, “We”), registered under Bulgarian law in the Bulgarian Company register with UIC 202229035
Our website address is: https://sensika.com.
2. Grounds and Purpose of the Processing of Personal Data
We process your personal data only when one of the following applies:
- processing is necessary for the performance of a contract to which you are party or in order to take steps at t your request prior to entering into a contract;
- you have given consent to the processing of your personal data for one or more specific purposes;
- processing is necessary for compliance with a legal obligation to which we are subject;
- processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms
3. Processing of Data for the Execution of Contract or During Pre-Contractual Relations
We process personal data to execute our contractual and precontractual obligations. The purpose of the processing is as follows:
- To identify the data subject
- To provide our services and products
- To prepare offers, contracts or any other required documents
- To send you invoices/ bills for the services you are using
- To provide you technical support
- To receive payments from you
- To maintain correspondence with you
Category of data subjects
On this legal basis, we process data of our clients. A client is any individual or representative of a company who has a contractual or pre-contractual relationship with us and wishes to use the provided Services.
We provide monitoring and analysis system services aimed at helping our customers manage their business.
Data we process
On this ground, we process information regarding the type and content of the contract as well as any other information related to the contracted, including:
- Personal contact data – contact address, email, phone;
- purchase orders history
- data about the usage of our services
- information about credit or debit card
- personal data of the registered employees and other team members to create their user profiles. It is the responsibility of the account admin to obtain the required legal basis for the assignment of such personal data to us. In case for whatever reason there is no more legal basis for further processing of the personal data the account admin shall inform us immediately and the personal data will be deleted, unless there is other legal basis for the processing.
In order to execute our contractual obligations, we need the above information or the execution would be impossible without it. Such personal data shall be marked in a specific way with a “*” or another sign. All other personal data is collected voluntarily.
Transfer of personal data to third parties
We transfer data to third parties with the purpose to improve the quality of our services and offer technical support. We only transfer personal data to third parties, who have proved to us they have applied or required organizational and technical security measures. In this case, we are responsible for the privacy and security of your data.
We transfer personal data to the following categories of third parties:
- Postal and shipment service providers
- Hardware and software service providers
- Consulting service providers, such as lawyers, accountants, tax advisors and others
- Communication applications such as Slack, Microsoft Teams, Zoom and others
- Client relationship management (CRM) service providers
- Enterprise resource planning (ERP) service providers
- Translation agencies
- Hosting service providers
We delete personal data processed on this ground after 5 years, after the contract has expired regardless of the reason for the expiration. We chose this time period, because this is the expiration period for the claims from a contract.
We delete personal data collected during pre-contractual relations after 12 months.
Each registered user has a unique user profile. In the account settings each registered user can manage their personal data protection settings, including to add, correct and delete personal data.
We do not use automated algorithms for processing your personal data.
4. Processing of Data in Compliance With Legal Obligations to Which We Are Subject
Sometimes there is a legal obligation for us to process personal data. In these cases we are obliged to process personal data. Such cases are:
- Obligations under Measures against money laundry act (MAMLA);
- Obligations under Consumer protection act (CPA)
- Obligations to provide personal data to Consumer protection commission and third parties under CPA;
- Obligations to provide personal data information to Personal data protection commission
- Obligations under Accounting act and Tax-Insurance Procedure Code (TIPC)
- Obligations to provide information to the court or third parties under the applicable procedure laws;
- Obligation to certify the age of the data subject
Personal data processed on this ground is being deleted after the obligation has been fulfilled or has expired. For example, under the Accounting act we must store the personal data 11 years.
Transfer of data to third parties
In case of legal obligation for us we could transfer personal data to third parties or public authorities such as National Revenue Agency, National Insurance Institute etc.
5. After Receipt of Your Consent
We may process your personal data for different purposes with your explicit consent. Such purposes could be to analyze our website behavior data or marketing purposes, your consent shall be given freely in compliance with Art. 7 from Regulation 679/ 2016 (GDPR).
We do not foresee any negative consequences for you in case you decide not to share your personal data.
The consent is a separate ground for the processing of personal data and the purpose of the processing is specified for each case.
On this ground we process only the data for which we have received your explicit consent. However, in most cases this data includes:
Transfer to third parties
On this ground we could transfer personal data to third parties, specified with the consent.
Withdrawal of the consent
The consent could be withdrawn at any time. The withdrawal does not in any way affect any contracts or other relations between you and us. The withdrawal does not affect the processing before the withdrawal was given.
To withdraw your consent you just have to use our contact form or send us an email.
We delete the data processed on this ground after receiving demand from you or 18 months from the initial processing.
In case you sign up to receive emails from us, you will receive messages with up-to-date information about our services, the services of our partners or other useful information. You can unsubscribe from the email newsletter by clicking the button in the email labeled “unsubscribe” or other similar text. You can also unsubscribe using our contact information provided in this Policy. Website analytics provider such as Google Analytics or Hotjar.
6. Data Anonymization
We process data for statistical purposes, which includes analyses in which the results are just general and thus the data is anonymous. It is impossible to identify a person from this data.
Your data could also be anonymized, which is an alternative of the data deletion. In this case all personal data elements, which allow the identification of a person will be permanently deleted. The anonymized data is not a personal data.
7. Data Protection
To ensure the protection of personal data of the company and the clients we apply all required organizational and technical measures under Data protection act and GDPR, as well as the best international practices.
We have adopted Rules for data processing in the company. To ensure maximum security we could apply additional protection measures such as pseudonymisation, encryption and others.