Privacy Policy
1. Data Protection overview
General
The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator whose data is available a bit later below.
How do we collect your data?
Some data are collected when you provide it to us (an example – via website contact forms) Other data are collected automatically by our web server as soon as you enter our website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy. You can object to this analysis. We will inform you below about how to exercise your options in this regard.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site. We might use some of the data for the marketing purposes of our brand.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge (Art. 15 of GDPR). You also have the right to request that it be corrected(Art. 16 of GDPR), blocked, or deleted(Art. 17 of GDPR).
You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities(Art. 77 of GDPR).
2. General information and mandatory information
Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy. If you use this website, various pieces of personal data will be collected.
Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens. Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches.
Complete protection of your data from third-party access is not possible. In accordance with Art.33 and Art. 34 of GDPR, in case we detect such a breach we will notify CPDP in 72 hours.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
Bright Marketing Research 9,
Sveti Sedmochislenitzi str., office 7
Sofia 1407, Bulgaria
Phone: +359 2 4390790, +359 2 4390799
Email: info@bright-research.com
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time (Art. 7 of GDPR) with future effect by sending us an informal email requesting this. The data processed before we receive your request may still be legally processed.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities (Art.77 of GDPR). The competent regulatory authority for matters related to data protection legislation is the Commission for Personal Data Protection of the Republic of Bulgaria.
A list of data protection officers and their contact details can be found at the following link: https://www.cpdp.bg/en/index.php?p=pages&aid=5
Right to data portability
You have the right to have data that we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format (Art. 20 of GDPR). If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed (Art. 15 of GDPR). You also have the right to have this data corrected (Art. 16 of GDPR), blocked or deleted (Art. 17 of GDPR). You can contact us at any time using the address given in p.2 above if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
3. Data collection on our website
Cookies
Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website. You can always use Revoke consent to re-consider your cookie choice. If you choose “I REFUSE” you will be subtracted from all cookie tracking.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources. The basis for data processing is Art. 6 (1) (f) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
Contact form
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question, and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time with an informal email making this request. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Google Analytics
We use Google Analytics (GA) in order to better understand our customer behavior on our site and enhance the customer experience. We also use Advertising Features of GA, to be able to provide the right audience with the most relevant message and to analyze the website usage. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
When you visit our website information about your browser version, operational system, referrer URL, IP, and time of the request is being sent to the Google servers located in the USA. The data we collect via GA is stored for 50 months.
You have the right to opt-out of GA entirely by https://tools.google.com/dlpage/gaoptout?hl=en.
In addition, to easily opt-out from GA on our website you can click this link. You will create a cookie, that will last 10 years or unless you clear your cache and cookies. Further information about handling user data, can be found at https://support.google.com/analytics/answer/6004245?hl=en and the specially developed section for privacy by Google: https://privacy.google.com/
Google Ads remarketing.
We use Google Ads Remarketing (GAds) in order to better understand our customer behavior on our site and personalize the advertising for a better experience, as well as, to limit the ads to customers that already are our clients. This way we provide the right audience with the most relevant message. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
You can always opt-out of Google’s use of cookies or device identifiers by visiting Google’s Ads Settings. Alternatively, you can opt-out of a third-party vendor’s use of cookies by visiting the Network Advertising Initiative opt-out page or control the use of device identifiers by using your device’s settings.
Hotjar Analytics
We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device’s IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile.
Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link. You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site, and Hotjar’s use of tracking cookies on other websites by following this opt-out link.
LinkedIn Insights
We use Linkedin Insights in order to better understand our customer behavior on our site and enhance the customer experience. We also use Advertising Features of LinkedIn Insights, to be able to provide the right audience with the most relevant message, and to analyze the website usage. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR. Linkedin personal data (like audience email addresses) that is stored by advertisers in LinkedIn Campaign Manager is automatically deleted in 90 days if it is not edited or being used in any active campaigns. You can read the full statement of LinkedIn here. Since the data is kept via cookies, by opting out of our cookies, the cookie for LinkedIn Insights shall also be removed alongside the other cookies.
Microsoft Clarity
Clarity is a GDPR compliant as a data controller for visitors and co-controllers for the data gathered by the Clarity script on our website. For more details, refer to the Microsoft Privacy Statement.
4. Plugins and tools
Google Web Fonts
For a uniform representation of fonts, this page uses web fonts provided by Google.
When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. For this purpose, your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
If your browser does not support web fonts, a standard font is used by your computer.
Further information about handling user data, can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy at https://www.google.com/policies/privacy/.
This Privacy Policy was last updated on the 23rd of September 2020.