is managed by Crowe Bulgaria Advisory EOOD, UIC: 203636112, with registered
office and address: 55, 6th September Str., Sofia 1142, Bulgaria
tel. +359 2 44 565 90, fax: +359 2 42 663 05,
e-mail: [email protected], website: http://crowe.bg/
of the data you entrust to us is of utmost importance to us. For this reason,
we protect your data and your employees' data by applying all the appropriate
technical and organizational means at our disposal to prevent unauthorized
access, unauthorized or malicious use, loss or premature deletion of
and process personal data , which strictly
the requirements of the Bulgarian and European
clients and business partners as well as the personal data of their employees
and / or business partners, individuals, as well as the data of the candidates
in the selection of staff for filling vacant positions in Crowe Bulgaria Advisory EOOD or in Crowe Bulgaria Audit EOOD.
This current policy
is applied by Crowe Bulgaria Advisory EOOD, a company
registered in the Commercial Register of the Registry Agency under UIC
203636112 having headquarter
and management address: 55 6-th September str.,
1142 Sofia, Bulgaria,
for contact: +359 2 44 565 90, fax: +359 2 42 663 05, e-mail: [email protected],
website: http://crowe.bg/, as well as by Crowe Bulgaria Audit EOOD,
Company registered in the Commercial Register of the Registry Agency under UIC
203465145 having headquarter
and management address: 55 6-th September str.,
1142 Sofia, Bulgaria, tel
.: +359 2 44 565 90, fax : +359 2 42 663 05, e-mail: [email protected], website:
http://crowe.bg/, hereinafter referred to as "the Organizations"
Contact details for personal data protection
the case of inquiries
or comments related to the protection of personal data, you can contact directyly our Data Protection Responsible Person:
Crowe Bulgaria Advisory EOOD / Crowe Bulgaria Audit EOOD
55 6-th September str., 1142 Sofia, Bulgaria
E-mail: donka.[email protected]crowe.bg
+359 2 44 565 90
Protection Responsible Person:
Sources of information
The personal data that we are receiving and processing are as follows:
Categories personal data:
We process data through which individuals could be identified, directly or indirectly, in connection with performance of a contract or in the context of pre-contractual relationships, as well as in order to comply with obligations that are provided in a legal or regulatory act. The information we receive and process may include the following data:
Special categories of data we process:
Generally, as a rule, our Organizations do not process special categories personal data. However, it is possible to obtain biometric data in the process of recruiting candidates for vacant positions in the Organizations; visitors in our premises; unwanted information about potential or existing clients and candidates who may disclose information about criminal convictions or crimes.
In case of necessity in the execution of a business engagement if it is necessary to obtain and process information for persons under the age of sixteen (16), we proceed in accordance with the legal requirements, obtaining the consent of their parent and / or guardian.
We do declare that the personal data we collect will only be used for the following purposes:
The basis that entitles us to process your data is as follows:
The following organizations / individuals may receive your personal data:
for the purposes stated by us. Consent is necessary to process both types of
(ordinary and special) personal data.
In some cases
when we want consensus on special (sensitive)
personal data, we will always stated with motives why and how
this information will be used. You may withdraw your consent at any time on the
basis of Art. 7 and Art. 8 of the General Data Protection Regulation in a form
of withdrawal of consent from the data subject sent directly to the Data
Protection Responsible Person (on the
above contact details).
consent does not affect the lawfulness of consent-based processing prior to its
Transmission of personal data to a non-EU/EEA countries or to international organizations
Crowe Bulgaria Advisory EOOD and Crowe Bulgaria Audit
EOOD do not intend to transfer your personal data to third parties outside the
EU or to international organizations without your prior explicit consent.
In some rare
occasions, when it is necessary to provide a professional service, it is
possible to provide information to our partner companies located outside the EU
in order to perform contractual obligations. In such cases, your explicit prior
consent will be requested. Each organization is required to protect personal
data through contracts we have concluded with those non-EU or EEA organizations
containing standard data protection clauses that are in a form approved by the
Period of storage of the personal data
The length of time that your personal data is stored depends on the purpose of the processing and the specific circumstances for which it is collected:
Bulgaria Advisory EOOD and Crowe Bulgaria Audit EOOD will
store your personal data for a period that complies with legal requirements, but not exceeding:
The data will be stored as follows:
In Crowe Bulgaria Advisory EOOD and Crowe Bulgaria Audit EOOD we work to protect the confidentiality and security of the information
we receive in the course of our business. Access to such information is limited
and there are policies and procedures designed to protect information from
loss, misuse and unauthorized disclosure.
For the sake of high security in receiving, processing, and storing your data, we may use additional security mechanisms such as encryption, pseudonymisation etc.
Your rights as a subject of personal data are the following:
At any time while we store or process your personal data, You (according to the terminology of the law - data subject) have the following rights:
We may refuse to delete your personal information for the following reasons:
All of the above mentioned requests will be forwarded if there is a third party (recipients, including outside the EU/EEA and international organizations) in the processing of your personal data.
Notification in case of violation of personal data security
When the personal data
breach is likely to pose a high risk to your rights and freedoms, Crowe Bulgaria Advisory EOOD and Crowe Bulgaria Audit
EOOD will notify the Data Privacy Controller when they are in the role of Processor and will send you a duly notice
of the breach of security in cases where they are in the role of a Data Privacy
individual information requires efforts that are disproportionate, we shall
publish a public release so as to ensure equal awareness.
Updates and policy changes
This right will be applicable after May 25, 2018.
You have the right to appeal to the supervisory authority
You have the right to submit a complaint directly to the oversight body
and the competent authority in Bulgaria is the Commission for Personal Data
Protection, address: 2 "Prof. Tsvetan Lazarov str., Sofia
1592, Bulgaria, Tel: + 359 2 91 53 518, e-mail: [email protected], website: www.cpdp.bg
In case you wish to file a complaint about the processing of your
personal data via Crowe Bulgaria Advisory EOOD or Crowe Bulgaria Audit
EOOD (recipients, including outside the EU/EEA and
international organizations), you can do so by contacting Crowe Bulgaria Advisory EOOD and Crowe Bulgaria Audit
EOOD or directly to the Data Protection Responsible Person (on the above mentioned contact details).
Online Privacy DECLARATION
What is personal data?
Pursuant to the General Data Protection Regulation (GDPR), personal data is defined as:
"Any information relating to an identifiable natural person or an identifiable natural person ("data subject"); an individual who can be identified, is a person who can be identified, directly or indirectly, in particular by an identifier such as name, identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, psychological, mental, economic, cultural or social identity of that individual.
Why Crowe Bulgaria Advisory EOOD and Crowe Bulgaria Audit EOOD collect and store personal data?
In order to be in a position to provide you with high-quality financial and tax services, including financial audit and accounting services, tax advisory, due diligence, corporate management services, etc., we need to collect personal identification data, such as names, place and year of birth, occupation, professional experience, education background, income, taxes etc. We guarantee that the information we collect and use is indispensable for this purpose and is not intended to enter your in your own personal space.
How do You use my personal information?
Shall you forward and share my personal data with other organizations or individuals?
We shall not sell your data to third parties, nor will we pass it on to obtain any benefit.
Crowe Bulgaria Advisory EOOD and Crowe Bulgaria Audit EOOD may transfer your personal data
to our service subcontractors who have entered into a contract with us.
In case we intend to transmit special (sensitive) personal data to a third party, we will do so only after we have received your explicit consent. (the exception will only exist if we are legally obliged to do otherwise)
All third parties who may receive your data are required to keep your data in a secure way and use them only to fulfill our obligations. When they no longer need your data to fulfill these obligations, they will have detailed instructions for their destruction.
Recipients of your data may also be state authorities to whom we provide them under specific and clear legal obligations.
How do you store my personal data that you collect?
Crowe Bulgaria and Crowe Bulgaria Audit EOOD will process (collect, store and use) the information you
provide in a way that is compatible with the GDPR requirements.
We will strive to keep the information accurate and current.
We will not store your personal information longer than is reasonably necessary to meet the specific purposes by which have been collected and notified to you herein.
Some of the storage times of the information depend on legal requirements to keep documents and information within certain minimum periods.
We will take all foreseeable technical and organizational measures to protect your data against unauthorized access.
Can I be aware what personal data you have and process?
The Otganisations are obliged at your request to respond to you what information we store for you and how it is processed.
In case we have your personal data you can request the following information:
How do I access my data processed?
necessary to fill in a request for access, which you can obtain after
contacting the contact data directly with the Data Protection Responsible Person or requesting the contact details of Crowe Bulgaria Advisory EOOD and Crowe Bulgaria Audit EOOD.
Address: 55 6th September str, 1142 Sofia
Phone: +359 2 44 565 90
E-mail: [email protected]
You can contact the Data Protection Responsible Person directly here:
E-mail: donka.[email protected]
Tel.: +359 2 44 565 90
Fax: +359 2 42 663 05