Who are we:
The website "https://mama-derm.com" (the Platform) is owned by "Mama Derm" EOOD (the Company) with BULSTAT number: 206779795, registered under the legislation of the Republic of Bulgaria.
The platform operates in accordance with the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of October 1, 2015 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data.
We process your personal data on the following grounds:
- A contract concluded between us and you in order to fulfill our obligations under it;
- Your express consent - the purpose is specified for each specific case;
- If required by law
We respect your privacy and are committed to protecting the personal data you provide to us. In this regard, we would like to share with you the principles that form our policy.
This policy applies only to the service we provide and should not apply to any third party websites or services.
Our contact details are:
"Mama Derm" EOOD
Control over our activities related to personal data is exercised by the following administrative authority:
Personal Data Protection Commission (PCPD)
Address: Sofia 1431, Akad Blvd. Ivan Evstratiev Geshov" 15
Tel: + 359 2 915 35 18
Fax: + 359 2 915 35 25
E-mail: email@example.com, firstname.lastname@example.org
Collection of personal information
We collect personal information to respond to your requests, which may include: receiving product-related information, signing up for our email newsletter, and others related to the platform's mission.
We process your personal data in order to fulfill the contractual and pre-contractual obligations and to enjoy the rights under the contracts concluded with you.
Purposes of processing:
- establishing your identity;
- management and fulfillment of your request and fulfillment of a concluded contract;
- preparing and sending a bill/invoice for the services you use with us;
- Keeping correspondence related to orders placed, processing requests, reporting problems, etc.
- creating a user profile;
On the basis of the contract concluded between us and you, we process information about the type and content of the contractual relationship, as well as any other information related to the contractual relationship, including:
- personal contact data – contact address, email, phone number;
- identification data - the three names, uniform civil number or personal number of a foreigner, permanent address;
- Data on orders placed through the user profile;
- email, letters, information about your troubleshooting requests, complaints, requests, complaints;
- credit or debit card information, bank account number or other banking and payment information in connection with payments made;
The processing of the specified personal data is mandatory for us in order to be able to conclude the contract with you and fulfill it.
We collect the following personal information from Users:
On this basis, we only process the data for which you have given us your express consent. Specific data is determined on a case-by-case basis. Typically, the data includes:
Directly through the website: name, surname and e-mail if you wish to provide them, leaving a comment, signing up for an online newsletter or filling out a contact form. Through Google Analytics and Facebook Pixel - data about the traffic and behavior of the Users.
We may also request additional information, but only with your express permission or in the event that this information is necessary for the performance of the service you have requested. You are the sole owner of your personal information.
By using our Platform, you expressly consent to your personal data being collected and processed by us, thereby guaranteeing its accuracy and reliability. You also declare that you have been informed about the type of personal data we collect and process, the purposes for which it will be used, and your right to access, correct or delete the collected personal data.
Use of your personal data
We use your personal data to provide you with access to the Platform, to send you our regular newsletter and to offer you additional services and products, to provide you with a comprehensive service and to provide you with the service you expect.
You have the right to:
To receive a file containing all your personal data that we hold.
Opt out of your personal data being used by us.
- To request correction of your personal data.
To exercise your rights described above, you can contact us at https://mama-derm.com/
We may use your information to create aggregate statistics that are anonymous and to perform statistical analysis based on them.
We delete the data collected on this basis 5 years after termination of the contractual relationship, regardless of whether due to expiration of the contract, cancellation or other reason. The term is determined by the 5-year statute of limitations for possible claims from the contract.
Storage of data by third parties
We use third party services to keep the Platform online, improve its performance and better manage the service provided. It is possible that any of these services store data on a server located outside the territory of the Republic of Bulgaria.
The website, including all the data collected through it, is located (hosted) on a server of "Superhosting.bg" Here you can see complete information about the company and its policy for the protection of personal data.
Нашият e-mail бюлетин, включително имената и e-mail адресите на всички, записани в него абонати, се намира на сървърите на SuperHosting и се изпраща чрез тях. Необходимо ни е да събираме тези данни от потребителите, които изрично ги предоставят, за да можем да изпращаме бюлетина, който съдържа полезна информация и понякога информира за продукти или услуги, които абонатите могат да закупят. Всеки абонат на бюлетина получава линкове, съдържащи се във всяко писмо от бюлетина, които му дават възможност да види какви негови данни съхраняваме в системата на SuperHosting, както и да ги изтрие и да спре да получава бюлетина. Тук можете да видите пълна информация за компанията и нейната политика за защита на личните данни.
We use Google Analytics to collect statistical information about the Users of the Website, such as the website from which you come to our Website, the country you are located in, your language, online behavior, the browser you use, the network, etc. This information does not include personal data and you cannot be identified through it. We collect said data to analyze what type of Users visit the Website and how they use it, which helps us customize the Service.
By agreeing to use the Service, you express your express consent to our use of Google Analytics on the Website, including Display Advertising, and you represent that you have been given the opportunity to opt out of Google Analytics.
We use the Facebook Pixel to collect statistical information about visits to the site, which we need to improve the performance of the mission of the Platform by providing online services and information at the appropriate time to people interested in them.
The website runs on the WordPress content management system.
We use backup services that periodically store a full copy of the website content, including personal data you have provided to us, on external servers. This is necessary so that we can restore a working version of the website in the event of a crash. External data storage services are:
Social media sharing services
We provide buttons to easily share our posts on popular social networks. These buttons are necessary so that we can provide an opportunity to share the materials we publish. They may collect statistical information about Website Users, such as the website from which you come to our Website, the country you are in, your language, online behavior, the browser you use, the network, etc. This information does not include personal data and you cannot be identified through it.
We use "cookies" to collect certain information from all Users, including unregistered visitors to the site who do not use the services provided by us. Cookies are a series of data that our system sends to your computer and then uses to identify your computer when you return to the Website.
Cookies provide information about the use of the Service and user data that we may use to personalize your user experience and track user traffic patterns. For example, when you return to the Website, cookies identify you and prompt the Website to fill in your username (without the password) to facilitate access to your account. Cookies also allow us to remember your previous activities and offer you similar services and products. We also use information collected through cookies to develop statistical analyzes of the use of the Service, such as the time Users spend on the Website and the pages they visit most often. These aggregate statistics do not include personal information.
Protection of personal data
To ensure adequate data protection of the company and its customers, we implement all necessary organizational and technical measures provided for in the Personal Data Protection Act.
For the purpose of maximum security in the processing, transfer and storage of your data, we may use additional protection mechanisms such as encryption, pseudonymization, etc.
We ensure the security of the data you send us with industry-standard physical, electronic and managerial procedures. Where appropriate, we use SSL encryption to improve the security of sensitive data transmission. Internally, data is stored on controlled servers with limited access. Your information may be stored and processed at certain locations where we are located, in strict compliance with applicable privacy and data protection legislation.
Provision of personal data to third parties
We are NOT and WILL NOT disclose your personal data to third parties. Exceptions are made in cases where disclosure is required by law, due to significant public interest or for the establishment, exercise or protection of legal rights, e.g. when certain information is provided to lawyers, collection agencies, customs or other government authorities, or to law enforcement agencies to address potential violations, other breaches of contract or illegal conduct. We may also disclose information as required by law or as otherwise required by law, or to prevent possible harm to persons or property.
Links to third party websites
the service, as well as third-party materials that are published on the Website, contain links to and may allow you to visit other electronic pages ("Third-Party Internet Pages"). If you choose to visit any of these third-party pages by "clicking on" a link or navigating to a third-party page, you will be redirected to that third-party page. The fact that we provide a link to a web page through the Service or offer you the opportunity to interact with or provide personal information to a third party is not a warranty, permission or representation of our affiliation with such third party and should not be considered as agreement with their privacy and information security policies and practices.
Access and correction of personal data
Each User of the site enjoys all the rights to protect personal data according to Bulgarian legislation and the law of the European Union.
Each User has the right to:
Information (in connection with the processing of his personal data by the administrator);
Access to your own personal data;
Correction (if data is inaccurate);
Erasure of personal data (right to be forgotten);
Restriction of processing by the administrator or personal data processor;
Portability of personal data between individual administrators;
Objection to the processing of his personal data;
Субектът на данни има право и да не бъде обект на решение, основаващо се единствено на автоматизирано обработване, включващо профилиране, което поражда правни последствия за субекта на данните или по подобен начин го засяга в значителна степен;
Right to judicial or administrative protection in the event that the data subject's rights have been violated.
You can access, correct, amend or delete parts of your personal data by submitting a request to email@example.com. We will retain your data for as long as is necessary to provide our services or for as long as we are required to do so by law. Your data will then be deleted.
The user can request deletion if one of the following conditions is present:
- The personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
- The user withdraws his consent on which the processing of the data is based and there is no other legal basis for the processing;
- The data user objects to the processing and there are no overriding legal grounds for the processing;
- Personal data has been processed unlawfully;
- The personal data must be deleted in order to comply with a legal obligation under Union law or the law of a Member State that applies to the controller;
- Personal data was collected in connection with the provision of information society services to children and consent was given by the person with parental responsibility for the child.
The user has the right to limit the processing of his personal data by the administrator when:
- Dispute the accuracy of the personal data. In this case, the restriction of processing is for a period that allows the administrator to verify the accuracy of the personal data;
- The processing is unlawful, but the User does not wish the personal data to be deleted, but instead requests the limitation of its use;
- The Administrator no longer needs the personal data for the purposes of processing, but the User requires them for the establishment, exercise or defense of legal claims;
- objects to the processing pending verification of whether the legal grounds of the administrator prevail over the interests of the User.
Right to object.
Users have the right to object to the administrator against the processing of their personal data. The administrator of personal data is obliged to terminate the processing, unless it proves that there are compelling legal grounds for the processing that take precedence over the interests, rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims. In case of objection to the processing of personal data for the purposes of direct marketing, the processing should be stopped immediately.
If you do not agree with the changes, you can stop using the Service. You agree that all statements from the Platform regarding the amendment of this Policy will be sent to your e-mail address used to register for the Service or by posting in an appropriate place on the Website.