The protection of personal data is important to us. We process personal data only in accordance with the applicable data protection requirements, in particular the General Data Protection Regulation of 27 April 2016 – “GDRP”.
This privacy policy sets out how we will process and use any personal information that you provide to us, or that we may collect as a result of your visiting our website www.axentbox.bg. Please read the following information to understand our practices with regards to your personal information and how we will treat it.
In this Privacy Policy, you will find all relevant information applicable to our use of our users' and clients' personal data, regardless of the channel or means (online or by phone or e-mail) that you use to interact with us.
We may occasionally update this Privacy Policy. If we do, we will update the “Version” date at the bottom of the Privacy Policy. We encourage you to periodically review this Privacy Policy to stay informed about our collection, use, and disclosure of Personal Information on the AxentBox. Your continued use of the website constitutes your agreement to this Privacy Policy and any updates.
1. Information on the controller
Your data controllers are:
“Apparel Management” Ltd, UIC 200932857, with registered office and address of general management 1618 Sofia, 85 Bratia Bukston Blvd., 2nd floor
“Apparel Retail MOP” Ltd, UIC 200933731, with registered office and address of general management 1618 Sofia, 85 Bratia Bukston Blvd., 2nd floor
“Apparel” Ltd, UIC 131209112, with registered office and address of general management 1618 Sofia, 85 Bratia Bukston Blvd., 2nd floor
“Apparel Retail” Ltd, UIC 200933731, with registered office and address of general management 1618 Sofia, 85 Bratia Bukston Blvd., 2nd floor
In other words, Marc O’Polo&ESPRIT(“We”, “Us” or “Joint controllers”) we are Joint controllers referred to below (“AxentBox”, “The company” or “We”). This means that we are responsible for processing and protecting your personal data.
2. Personal information
When used in this privacy policy, the term “personal information” has the meaning given to it in the Protection of Personal Information Act, 2013 (POPI). Generally speaking, personal information is any information that can be used to personally identify a natural or juristic person.
All personal information provided by you is provided voluntarily. However, if you do not provide us with personal information where we require it, you may not be able to purchase products, use or access the website.
We may collect and handle the following personal information about you:
When you create a AxentBox account: Personal and family name, sex, e-mail address, IP address
When you make a purchase: the product you want, personal and family name, delivery address, billing address, payment method of the purchase, telephone, payment date, history of purchases / orders, information for size of clothes/shoes, etc.
We may collect information about your computer; this is statistical data concerning your browsing actions and does not identify you individually. This information includes your IP address where available, operating system and browser type, for system administration and to report collective information to our advertisers.
We may also collect information about your general internet usage using cookie files stored on the hard drive of all computers. The cookies contain valuable information that is transferred to your computer’s hard drive. In collecting this information we are able to improve our website and deliver a better and more personalized service. If you wish to do so you, you can refuse to accept cookies. You can do this by activating the setting on your browser which allows you to refuse the setting. Cookies may, however, be necessary to provide you with certain features available on the website and if you disable cookies you may not be able to use those features, and your access to the website will be limited.
We may collect and handle the following categories of data related to your “cookies”:
* click history
* navigation and browsing history
We don’t collect or process sensitive data included in special categories of personal data in the General Data Protection Regulation.We do not knowingly collect or maintain personal information from anyone under the age of 18, unless or except as permitted by law.Any person who provides Personal Information through the AxentBox represents to us that he or she is 18 years of age or older. If we learn that Personal Information has been collected from a user under 18 years of age on or through the AxentBox, then we will take the appropriate steps to cause this information to be deleted.
3. Purpose of Collecting Personal Information
We use the personal information held about you in the following ways:
3.1. To manage your registration:
To manage Your registration as a user of the Platform. The personal information You provide Us with shall be used to identify You as a Platform user, and to give You access to its different functionalities, products and services that are available to You as a registered user.
3.2 Improving our services
We use Personal Information in an effort to improve your shopping experience, to communicate with you about our products, promotions or contests, if any, to protect you and us from error and fraud, to process your requests or orders and to keep track of and analyze your purchases, transactions, shopping patterns, account activity, payment history, to assess your credit-worthiness and to comply with legal requirements.
We may also use this information to make offers to you, to help us target specific products to you, and to help us develop and improve our Site and tailor it to your interests.
Finally, we may use the information to conduct surveys and analyses for research, statistical and product development purposes and achieve other purposes as may, from time to time, be permitted by law.
3.3 Marketing
If you have purchased products from us, we may use your personal information to send you details of new products and services that we think may interest you. If you are not a customer of ours, we will obtain your consent if required by law before sending these details to you.
These communications may be sent in various forms (e-mail / SMS / mobile push / webpush) in accordance with applicable marketing laws. If you indicate a preference for a method of communication, we will endeavour to use that method where it is practical to do so.
With filling in the registration card, the participant accepts the Terms and conditions of the Program and authorizes the Organizer to collect process and store the provided personal data. With the acceptance of the Terms and conditions of the Program, each participant authorizes the Organizer to use the provided data for the purposes of the Program, marketing researches, notification of updates and sending promotional materials. The provided data can be processed by the Organizer until the participants request to terminate their acceptance.
If the participant wants to terminate their subscription for messages and/or information in relation to the Program and the activities of the Organizer, they can request termination via any of the following ways:
We process only a personal data that is absolutely necessary to manage or resolve your request / inquiry or application.
3.4 Online contact forms
We offer you the possibility on the website to contact us using contact forms. We process the information provided by you in the contact forms to process your request, for example regarding the availability of certain articles. Where applicable, we also store the information for evidence purposes for any establishment, exercise or defence of legal claims or in order to meet statutory document retention obligations, in particular commercial and tax law document retention obligations.
When the contact forms on our website are used certain information, for example your IP address, is sent to our server by the browser used on your device for technical reasons. We process this information in order to provide the contact forms on our website and to ensure the security of the IT infrastructure used to provide the contact form.
3.5 Legitimate interests
These goals are related to our legitimate interests and/or third parties, such as other users, etc. These goals include:
As a company, you often need to process personal data in order to carry out tasks related to your business activities. The processing of personal data in that context may not necessarily be justified by a legal obligation or carried out to execute the terms of a contract with an individual. In such cases, processing of personal data can be justified on grounds of legitimate interest.
The main reason for these types of processing is our legitimate interests to protecting our business. We can't guarantee that all measures we take guarantee a balance between our interests and your fundamental rights and freedoms.
3.6 Legal basis
The legal basis for the temporary storage of the data is Art. 6 Para. 1 lit. f GDPR
4. Providing information
To achieve the purposes mentioned in this Privacy Policy, we must give access to your personal data to third parties that provide us with support in the services that we offer your, i.e.:
4.1. Suppliers and subcontractors
For service efficiency purposes, some of these providers are located in territories outside the European Economic Area that do not offer a level of data protection comparable to that of the European Union, as the United States of America. In such cases, we inform you that we will transfer your data with adequate safeguards and always keeping your data safe.
4.2. Ownership and change of ownership
We may share some or all of your Personal Information with our parent company or any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us (collectively, “affiliates”), in which case we will seek to require those affiliates to honor this Privacy Policy.
In the event of a change in ownership, or a merger with, acquisition by, or sale of assets to, another entity, we reserve the right to transfer all of your Personal Information, including email addresses, to that entity. We will use reasonable efforts to notify registered users of such a transfer (by a posting on our home page or elsewhere on the NING Platform, or by email to a Member’s email address that was provided to us, as chosen by us in our discretion).
We may disclose Personal Information if we have a good faith belief that doing so is required by a subpoena or other judicial or administrative order or otherwise required by law. Additionally, we may disclose Personal Information where we, in good faith, deem it appropriate or necessary to maintain and protect the security and integrity of our services or infrastructure; protect ourselves and our services from fraudulent, abusive, or unlawful uses; investigate and defend ourselves against third party claims or allegations; or assist government enforcement agencies.
5. Duration of the storage
We’ll hold on to your information for as long as you continue to be an our customer and for as long as we are required to keep it to ensure we meet our legal requirements across the globe, but not longer than thirty days.
If you no longer wish to be a customer you can contact our data privacy officer and request that we close your account. However, we have a legal requirement to keep some of your personal data even after you have asked us to delete it. We will only keep what we absolutely need to, and only to make sure we can meet our legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms & Conditions
6. Safeguard and Accountability
We use industry standard security measures to protect against the loss, misuse, and alteration of Personal Information under our control.
We will protect Personal Information by security safeguards appropriate to the sensitivity of the information, including through the use of the following measures: physical security measures and electronic security measures.
7. Your rights under the GDPR
The Company undertakes to respect the confidentiality of Your Personal Data and to guarantee You can exercise Your rights.
You have the right under this Privacy Policy, and by law if You are within the EU, to:
7.1 Right for to obtain information.
You thus have the right to obtain information from us about your data stored in our company according to the regulations of Art. 15 GDPR (if applicable with restrictions according to Section 34 BDSG).
7.2. Right of Access.
The General Data Protection Regulation (GDPR), under Article 15, gives you the right to request a copy of any of your’s personal data which are being ‘processed’ (i.e. used in any way) by ‘controllers’ (i.e. those who decide how and why data are processed), as well as other relevant information (as detailed below).
7.3 Right to correction.
Following an application from you we will rectify the data stored in relation to your person according to Art. 16 GDPR if these are incorrect or faulty.
7.4 Right to deletion.
If you request it we will delete your data according to the principles of Art. 17 GDPR, if this is not opposed by other statutory regulations (e.g. Statutory storage obligations or the restrictions according to Section 35 BDSG) or a main interest on our part (e.g. for the defence of our rights and claims).
7.5 Right to restrict processing.
By taking the prerequisites of Art. 18 GDPR into consideration you can request that we restrict the processing of your data.
7.6 Right to data transferability.
In accordance with the regulatory requirements of Art. 20 GDPR, you also have the right to receive your data in a structured, popular and machine-readable format, or to have the same transmitted to a third party.
7.7 Withdraw Your consent.
You have the right to withdraw Your consent on using your Personal Data. If You withdraw Your consent, We may not be able to provide You with access to certain specific functionalities of the Service.
7.8 Right to object.
You can also object to the processing of your data in accordance with Art. 21 GDPR. This right to object exists if there are certain reasons that arise from your special situation, and only for data processing the legitimacy of which is based on a consideration of the various interests, which relates to profiling or that is carried out for the purpose of direct advertising. In this case, your data will no longer be processed unless we are legally entitled to decline your objection. We must however comply with an objection against direct marketing, including profiling, and we may no longer process your data for these purposes. We must however comply with an objection against direct marketing, including profiling, and we may no longer process your data for these purposes.
8. Existence of an automated decision-making in an individual case (including profiling)
We do not use any purely automated decision-making processes pursuant to Article 22 GDPR. If we should intend to us such a process in future in individual cases after all we will inform you hereof separately if this is stipulated by law.
9. Contact data privacy officer
You can contact our data privacy officer under:
Address: 85 Bratia Bukston, 2nd floor
1618 Sofia
Bulgaria
E-mail: info@apparel.bg
10. Cookies
We use cookies and similar devices to facilitate your browsing in the Platform, understand how you interact with us and, in certain cases, to be able to show you advertisements in accordance with your browsing habits. Please read our Cookies Policy to understand with greater detail the cookies and similar devices that we use, their purpose and other information of interest.
Version
This data privacy information was most recently updated on 25 May 2020. AxentBox reserves the right to update this data privacy information from time to time.