Privacy statement

This privacy statement sets out which personal data Kodar collects from you through our interaction with you and through our services and products, in which way this takes place, the role of cookies, for which we use the personal data, how long we store personal data, how you can view and change the personal data stored by us and how your personal data is protected by us.

Our company details are:

Kodar EOOD
9N Kuklensko shose Str., fl. 3
Plovdiv
Bulgaria
Phone: +359 32 637763
e-mail: office@kodar.net

Questions:

If you have any questions about the privacy and cookie policy of Kodar, exercising your rights, or requests regarding transparency, please contact Kodar by post or phone using the above information. Due to the fact that Kodar is part of Strypes Group, it is also possible to send an email to privacy@strypes.eu

Applicability of General Data Protection Regulation (GDPR)

When processing data, the General Data Protection Regulation (GDPR) may apply. We refer to it further as the GDPR. The GDPR applies in the case of the fully or partially automated processing of personal data, but also to the manual processing of personal data included in a file or intended for recording therein.

To determine whether the GDPR applies, the following questions are important:

1. Is data processed?
2. Is this data personal data?
3. Is this data processed automatically fully or partially, or is it included in a file or intended to be included in a file?
4. Is the data processing within the scope of the GDPR?

How do we obtain personal data?

Personal data is shared with us by employees, potential employees, customers, prospects, suppliers or if you have contact with us.

We also obtain personal data by entering into agreements or through other business activities. These may be commercial project agreements for products or services, employment contracts, contracts for hiring in freelancers or temporary workers, subscriptions or licenses.

Which personal data is processed by us?

We collect the following personal data:

• name and address
• PIN
• date of birth and place
• phone number
• e-mail address
• bank account number
• identity card details (passport and citizen service number)
• health information
• any other information required by the bulgarian law

Processing targets: for what purposes do we process personal data?

Kodar uses the data that is processed for:

• business management
• recruitment
• delivery of products and services
• health and safety
• labor relationship
• benefits
• improvement of products and services
• offering events
• marketing campaigns

Business management

Kodar works for contractors and supplies professionals to hirers. The legal requirement for such cases is that the contractor or the hirer obtains certain data from the identity card of the professional.

In addition, as an employer Kodar is legally required to collect the information from the identity documents of its personnel in the payroll administration.

The information from the identity card is obtained when an employee starts work at Kodar. The IDs information processed by Kodar is also used for inspections.

Delivery and improvement of Kodar products and services

We collect (personal) data that we receive via websites in order to be able to work effectively and to inform and provide our customers with the best possible information about our products and services.

Furthermore, personal data may also be used for communication with customers and users, for example for providing information about user accounts, security updates and product information.

Recruitment for Kodar

We use personal data from our applicants for recruitment purposes. You may find more exhaustive information in Strypes Group Applicant Privacy Notice.

Kodar website and cookies

We use cookies to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site for you. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit allaboutcookies.org. To opt out of being tracked by Google Analytics across all websites visit tools.google.com/dlpage/gaoptout.

How do we store personal data?

Personal data is stored by Kodar in the following databases and companies:

• BambooHR
• Admin tool
• Jira
• G-suite
• Manatal
• SalesForce
• HubSpot
• MailChimp
• Pipedrive
• STM Zdraven consult
• Doverie
• I&G Brokers
• Usit Colours
• Benefit System
• Bonusly

This list may be subject to change.

With whom can your personal data be shared?

Personal data is shared with:

• Strypes EOOD and Up2 Technology EOOD
• ICT Group and the other subsidiaries from the group.
• Customers, for whom Kodar fulfils service and/or management functions
• Clients, suppliers or subcontractors, government agencies and other business relations.

Basis for providing personal data

The provision of personal data is based on:

• a legitimate interest
• legal obligation and/or implementing the agreement in accordance with the aforementioned objectives
• permission
• signed contract/agreement

Kodar deems the following means of communication as permission:

• handing over a business card at an event;
• request for information;
• quotation request;
• execution of an assignment;
• permission for use of data by email.

Rights of data subjects

Kodar undertakes to:

• provide data subjects with reasonable information about the processing of their personal data
• provide data subjects with a copy of or otherwise provide insight into their processed personal data
• remove, correct, supplement or protect the personal data of data subjects on request, unless a legal (storage) obligation conflicts with this
• provide evidence that personal data of data subjects has been removed or corrected
• enable data subjects to exercise other rights under the applicable legislation.

Retention periods

Kodar ensures that it retains personal data only if it is necessary for specific purposes and strictly following the European and Bulgarian legislation. Your personal data will be deleted or made anonymous when your personal data is no longer necessary for the purposes for which these personal data were collected.

Sharing personal data outside of Bulgaria

If personal data is shared outside of Bulgaria, we will only do so if and insofar as this is legally permitted. Provided that transfer of your data outside EEA is needed, we will transfer it only if and insofar is legally permitted and/or have prematurely signed with the entity the data will be shared with all required documents in order to ensure your data and rights are protected.

Obviously, we ask our data processors to store the personal data that is processed on our behalf on servers that are located within the European Union.

How do we protect your personal data?

Kodar does everything necessary to protect your personal data. To this end, Kodar has implemented and maintain technical and organizational measures in order to ensure a level of security appropriate to the risk of potential violation of the rights and freedoms of natural persons. The appropriateness of the measures is subject to technical and further development.

In addition to technical protection, people are also important. All our employees have a confidentiality clause in their labor contract. Kodar also invests significantly in raising employee awareness in the area of information security and data privacy. Employees with extensive access to personal data are obligated to sign additional Non-disclosure Agreements.

Policy amendment

Kodar may amend this privacy statement from time to time. You can always view the most recent version via the hyperlink “/ Privacy Statement” on the Kodar website.