Privacy Policy

Privacy policy

I. Information about the company that processes the personal data of the Consumers
Niksen Ltd. is a company registered in the Commercial Register at the Registry Agency with UIC 107545591, with a seat and registered office: Gabrovo, 3 Antim I Str., 3rd floor, 7, apartment 21, e-mail: office@niksen.bg, phone: +359 2 978 16 32. The correspondence address with the company is: Gara Yana (RMZ), Sofia 1805.

Niksen Ltd. (hereinafter referred to as “Controller”) carries out the activity in accordance with the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

The Controller sells goods through a website located on the domain https://www.niksen.bg.

II. Definitions


1) Personal data - any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is an identifiable person, directly or indirectly, in particular by an identifier such as name, identification number, location data, online identifier or by one or more attributes;
2) Restriction of processing - marking of stored personal data in order to limit their processing in the future;
3) Controller - Niksen Ltd., which alone or jointly with other persons determines the purposes and means for the processing of personal data;
4) Profiling - any form of automated processing of personal data, expressed in the use of personal data to assess certain personal aspects related to an individual, and in particular to analyze or forecast aspects related to the implementation of his contractual relationships and preferences;
5) Personal data processor - a natural or legal person who processes personal data on behalf of the Controller;
6) Recipient - a natural or legal person, public authority, agency, or other entity to which personal data are disclosed, whether a third party or not;
7) Third party - a natural or legal person, public authority, agency, or other authority other than the data subject, the controller, the processor and the persons, who, under the direct supervision of the Controller or the processor, have the right to process personal data;
8) Consent of the data subject - any freely expressed, specific, informed and unambiguous indication of the will of the data subject, by means of a statement or clearly confirming action expressing his consent for the personal data related to him to be processed;
9) Consumer - any individual who visits the website https://www.niksen.bg  to purchase goods by concluding a distance sale contract with the Controller;

III. Legal Grounds for collection, processing and storage of personal data

1. The Controller collects and processes personal data in connection with the use of the e-shop https://www.niksen.bg  and concluding contracts with the company on the grounds of art. 6, para. 1, Regulation (EU) 2016/679 (GDPR), and in particular based on:
• Explicit consent obtained from the Consumer;
• Fulfillment of the obligations of the Controller under a contract with the Consumer;
• Compliance with a legal obligation that applies to Controller;
• For the purposes of the legitimate interests of the Controller to a third party.

IV. Objectives and principles for collection, processing and storage of personal data

1. The Controller collects and processes personal data provided by the Consumers in connection with the use of the e-shop and concluding a contract with the company, including for the following purposes: ordering goods through the e-shop, concluding and executing a distance sale contract; individualization of a party to the contract; accounting purposes; statistical purposes; information security protection; ensuring the implementation of the contract for the provision of the respective service, the satisfaction  Consumers” complaints, direct marketing.
2. The Controller shall observe the following principles by processing personal data: legality, good faith, and transparency; restriction of processing purposes; relevance to the purposes of processing and minimizing the data collected; accuracy and timeliness of data; limitation of storage in order to achieve the objectives; integrity and confidentiality of the processing and ensuring an appropriate level of security of personal data.
3. The Controller may process and store personal data in order to protect the following legitimate interests: fulfillment of its obligations to the National Revenue Agency, Ministry of Interior, and other state and municipal authorities, fulfillment of any other legal obligations.

V. Types of personal data collected, processed and stored by the Controller

1. The Controller shall the perform the following operations with the personal data provided by the Consumers for the following purposes:
• Ordering goods from the e-shop - the purpose is to send an order for delivery of goods to the Controller.
• Conclusion and execution of a distance selling contract with a Consumer - the purpose is the conclusion and execution of the contract, incl. delivery of the ordered goods and its administration.
• Exercise of the right of withdrawal - the purpose is to facilitate the process of exercising the right of withdrawal by the Consumers.
• Acceptance and satisfaction of a complaint - the purpose is to accept and satisfy the complaints filed by the Consumers.
• Administration of claims made by Consumer - the purpose is to accept and prepare a response to the complaint.
• Carrying out direct marketing - sending advertising messages containing information about goods, services, promotions, news, etc., related to the commercial activity of the Controller.
2. The Controller shall process the following categories of personal data and information for the following purposes and on the following legal grounds:
  • Individualizing data (e-mail, name, telephone, address, etc.)
◦Purpose for which the individualizing data is collected: ordering goods through the e-shop https://www.niksen.bg.
◦Reasons for personal data processing: with the adoption of the General Terms and Conditions for the sale and use of the website https://www.niksen.bg  and the order placement, a contractual relationship is created between the Controller and the Consumer for which reason the Controller processes the personal data of the Consumer.
  • Delivery details (names, phone, address, etc.)
◦The purpose for which the delivery data is collected: Fulfillment of the delivery obligations of the Controller under the sales contract.
◦Reasons for processing personal data: with the adoption of the General Terms and Conditions for sale and use of the website https://www.niksen.bg and ordering goods, a contractual relationship is created between the Controller and the Consumer, on which basis the Controller processes the personal data of the Consumer. The data necessary for the delivery are provided by the Controller to third parties (courier companies) for the delivery purposes.
  • Direct marketing data (email address)
• Purpose for which the data is collected: to send electronic information about products, services, promotions, marketing activities, etc., related to the activities of Niksen Ltd.
• Legal grounds for personal data processing: explicit consent provided by the Consumer when ordering goods from the online store.
The Consumers have free choice to express their consent to be provided with information by the Controller for the purposes of direct marketing. Giving consent for the processing of data for the purposes of direct marketing is not a condition for ordering goods through the e-shop. The Consumers who have agreed to receive information from the Controller related to direct marketing are given the opportunity to opt out at any time without giving a reason. The right of refusal to receive direct marketing information could be exercised through an explicitly specified option in each e-mail sent to users with such information.
3. The Controller does not collect or process personal data that reveal racial or ethnic origin; disclose political, religious or philosophical beliefs or trade union membership; genetic and biometric data, health data or data on sexual life or sexual orientation.
4. The personal data are collected by the Controller from the persons to whom they refer.
5. The Company does not perform automated decision-making with data or profiling of Consumers.
6. The website https://www.niksen.bg could be accessed through Google and other search engines, as well as through social networks. The website may integrate social media services (e.g. social media messages) through which the Consumers could communicate with the website. The website maintains social media accounts and may offer applications on various social media websites. Each time a Consumer accesses the website https://www.niksen.bg  through social media, the provider of the respective social media may allow the Consumer to share information with us. If the Consumer chooses to share, he will be notified by the social media provider what information will be shared with us. For example, when accessing a website through a social media account, certain information (as permitted by the social media provider) may be shared with us. This may include the Consumers' address, age or profile photos stored in the Consumers' profile.
7. When using the website https://www.niksen.bg by the Consumers the Controller receives information from log files (set of system information about the user): IP address; ISP (Internet Service Provider); the browser that the Consumer uses when visiting the website (e.g. Google Chrome, Internet Explorer and Mozilla Firefox); the time the Consumer has spent on the website and which pages on the website have been visited.
8. The website uses Google Analytics - a web service provided by Google for the compilation of detailed statistics for visitors to websites. The statistics are collected on the Google server and used by the Controller for analyzing the traffic and improving the efficiency of the website. The website may use information from social media, in particular Facebook about the Consumer, for this website, as well as for advertising and promotion of the website. The consent for the provision of this information is given by the Consumers to the respective social media.
9. The Controller also uses the so-called Cookies. Cookies are few the amount of information that the webserver sends to the webbrowser, allowing the server to collect feedback from the browser. More information about the types of cookies used by the Controller and the purposes for which he uses cookies could be found in the Cookie Policy.

VI. Term of personal data storage
1. The Controller stores the personal data of each Consumer for a period not exceeding one month from the date of execution of the order. The Controller takes the necessary actions to delete all personal data of the Consumer, without undue delay or to anonymize them (to bring them in a form that does not reveal the identity of the Consumer).
2. Notwithstanding the provisions of item 1, the Controller shall store the personal data, which it is necessary to keep by virtue of the applicable legislation for the respective term provided by law. The Controller shall notify the respective persons in case the term for data storage needs to be extended for fulfillment of a legal obligation or in view of legitimate interests of the Controller.

VII. Transfer of personal data for processing
1. The Controller may, at its discretion, transfer part or all of the personal data of the Consumers to personal data processors for the fulfillment of the processing purposes agreed by the Consumers, subject to the requirements of Regulation (EU) 2016/679 (GDPR). The Controller shall notify the Consumers  in case of intention to transfer part or all of their personal data to third countries or international organizations.

VIII. Rights of Users regarding the collection, processing and storage of personal data
Withdrawal of consent for processing of personal data

1. If the Consumers does not want the personal data provided by him to be processed anymore, he may at any time withdraw his consent for processing by sending an email to the Controller.
2. After receiving the request, the Controller shall send to the email that is provided by the Consumer a message with detailed instructions for the verification of the Consumer concerned as a personal data subject.
3. After verification the Controller shall delete the Consumer's personal data and send a confirmation of the deletion. The deletion of personal data may result in the inability of the Controller to fulfill its obligations under the contract concluded with the Consumer.
4. The withdrawal of the consent does not affect the legality of the processing of personal data, which the Controller has performed so far.

Access right

1. The Consumer shall be entitled to request and receive from the Controller  confirmation of whether personal data relating to him are processed by sending a request by email. The Consumer shall be entitled to access the data relating to him and the information relating to the collection, processing and storage of his personal data.
2. After receiving the request, the Controller shall send to the e-mail which is provided by the Consumer a message with detailed instructions for the verification of the Consumer concerned as the subject of the personal data to which access was requested.
3. After verification the Controller shall provide the Consumer with a copy of the personal data processed related to him in an electronic or another appropriate form.
4. The provision of access to data is free of charge, but the Controller reserves the right to request payment of a fee in the event of multiple requests.

Correction or completion

1.The Consumer may at any time adjust or complete incorrect or incomplete personal data associated with it by asking the Controller by e-mail. The Controller shall notify by email the Consumer about the correction.

Right of deletion (“Right to be forgotten”)

1. The Consumer shall be entitled to ask the Controller to delete a part or all personal data relating to him and the Controller shall have the obligation to delete them without undue delay when any of the following legal grounds exist:
• personal data are no longer necessary for the purposes for which they were collected or processed;
• the Consumer withdrew his consent to the processing of the data and there is no other legal basis for processing;
• the Consumer objected to the processing of the personal data associated with him  and there are no legitimate grounds for the processing which previal;
• the personal data were unlawfully processed;
• personal data have to be deleted in order to comply with a legal obligation under EU or local law which applies to the Controller;
• personal data were collected in connection with the provision of information society services.
2. The Controller shall not be obliged to delete the personal data if it stores and processes them:
• for the exercise of the right to freedom of expression and the right to information;
• to comply with a legal obligation which requires processing as provided for by EU or local law which applies to the Controller or to the implementation of a public interest task or to the exercise of official powers conferred on it;
• for public health reasons;
• to archive in the public interest, for scientific or historical research or for statistical purposes;
• for the establishment, exercise, or protection of legal claims.
3. To exercise his „right to be forgotten“, the Consumer is required to send by email a request to the Controller, after which the Controller will send to the e-mail which is provided by the Consumer a message with detailed instructions for the person's verification as a subject of the personal data for which a deletion request  has been made.
4. Once the Controller has authenticated the identity of the person who made the request and the person to whom the data relate according to the instructions sent, the Controller shall delete all the data of the Consumer.
5. If an order has been placed and is being processed, the earliest moment at which the Consumer may request to be "forgotten" is the successful completion of the order.

Limitation right

1. The Consumer shall have the right to require the Controller to limit the processing of the personal data associated with him by sending the Controller a request by e-mail where:
• the Consumer disputes the accuracy of the personal data, for a period which allows the Controller to verify the accuracy of the personal data;
• the processing is illegal, but the Consumer does not want the personal data to be deleted, but only their use to be restricted;
• the Controller does not need the personal data for processing, but the Consumer requires them to establish, exercise or protect their legal rights;
• the Consumer has objected to the processing pending verification of whether the legitimate grounds of the Administrator have precedence over his interests.
2. After receiving the request the Consumer shall send to the e-mail which is provided by the Consumer detailed instructions for the verification of the person as a subject of the personal data for which a request for restriction of processing has been made.
3. After verification the Controller will discontinue the processing of personal data and notify the Consumer by e-mail.

Portability right

1. If the Consumer has given consent to processing personal data or processing is necessary for the execution of the contract with the Controller, or if the data are processed in an automated manner, the Consumer may ask the Controller to provide the personal data in a readable format and transfer them to another Controller, as well as to ask the Controller to transfer directly the personal data to a Controller designated by the Consumer where this is technically feasible.
2.The Consumer may exercise the right of portability by sending an email request, after which the Controller will send to the e-mail which is provided by the Consumer detailed instructions for the verification of the person subject to the personal data for which the request for portability was made.
3. After verification the Controller shall send the data that it processes for the person concerned in a read-only format to the other Controller.

Right to information

1. The Consumer may ask the Controller to inform him about all recipients to which have been disclosed the personal data subject of correction, deletion or restriction of processing.

Objection right

1. The Consumer may object at any time the processing of personal data by the Controller relating to him, including if they are processed for profiling or direct marketing purposes.

Users‘ rights in case of breach of personal data security

1. If the Controller finds a breach of the personal data which may lead to a high risk to the legal rights of the Consumer, it shall inform the Consumer without undue delay about the breach and the measures taken or to be taken by the Controller.
2. The Controller shall not be obliged to inform the Consumer, if it has taken appropriate technical and other appropriate measures with respect to the data affected by the breach of security or if it has subsequently taken measures that ensure that the breach does not lead to a high risk to the legal rights of the Consumers or if the notification would require unreasonable efforts.

IX. Persons to whom personal data are provided
1. The Controller does not provide the personal data of the Consumer to third parties, except for the cases when such provision is obligatory by law.
2. The Controller shall not transfer personal data to any third country.

X. Competent authority in relation to personal data protection

1. In case of violation of the rights of the Consumers, mentioned above or provided for in the applicable legislation for personal data protection, the Consumers have the right to file a complaint to the Commission for Personal Data Protection with registered office and address: Sofia 1592, bul. „Prof. Tsvetan Lazarov ”№ 2, Phone: 02 915 3 518, Website: www.cpdp.bg . Nevertheless, the Consumers may at any time send to the email address office@niksen.bg . complaints, inquiries, etc. to the Controller on any issues related to their personal data
 

Cookies Policy

General information
The website www.niksen.bg  uses "cookies". Cookies are small text files that are stored by your browser and allow you to store information between web pages and different browser sessions. In this way, it is possible to track every step of your order when you browse the website, to store your information and show the relevant content of the website based on your search. Cookies help us better understand user behavior when browsing the website, which means that we will be able to improve the website and users will have a better experience with us. Cookies could only store text that is always anonymous and usually encrypted. www.niksen.bg never stores personal data in cookies.


What are cookies?
These are small text files that are stored on your computer. Most of the cookies we use after the end of the browser session are deleted from your hard drive (so-called session cookies). So-called long-term cookies are also used.
Cookies are secure. They store information that is placed there by the web browser, as this information is entered by the user in the browser or is included in the request of the page. They cannot be used to read code or access your computer. If a website encrypts information in cookies, only it can read it.
There are two main types of cookies: temporary and long-term. They are used for different purposes and contain different information. Temporary cookies contain information that is used during the current session of your browser. This type of cookie is automatically deleted when you close the web browser. They are not saved on your computer when you are not using the website. Long-term cookies are used to maintain information that is maintained between your visits to the website. This data allows and is needed by the sites to confirm that you are a registered user in order to respond accordingly. Long-term cookies have a value that is determined by the website and could vary between a few minutes and several years.

WHY DO WE USE COOKIES?
We use cookies to know where you have browsed the website. They collect information about your order. They are also used to display relevant products as part of your browsing. Web analytics cookies, used by our partners such as Google, allow us to track user and website interactions. This provides valuable information that allows us to improve the website and the products we offer.

DISABLING OR DELETING COOKIES
All websites allow you to restrict the behavior of your cookies or to exclude them from the settings or options of the respective browser. You can oppose the use of cookies by selecting the appropriate settings of your browser, but we would like to note that in this case you will not be able to fully use all the features of this website.

WHAT COOKIES DOES THE WWW.NIKSEN.BG  CREATE?
The session cookies used by www.niksen.bg  include information used by the web server hardware about which server is processing your session, your status (in the client database of www.niksen.bg ) and data about your order. The long-term cookies used by the website www.niksen.bg  are used to recognize the traffic to the website and whether these are new users or users who return to the site. The information we store is used to display relevant advertisements on other websites on our behalf. Deleting or disabling these cookies will not restrict the proper functioning of the website.

COOKIES USED BY TECHNOLOGICAL PARTNERS
www.niksen.bg  uses cookies from the following technology partners: Google Analytics, Facebook Connect, Facebook Social Plugins. www.niksen.bg  cooperates with these technological partners for web analysis and advertising.
The information in cookies informs Google Analytics what pages and products you have viewed, allowing you to find the right advertisements for you. In addition, it provides detailed information about customers such as geolocation, time spent on the website, which categories they have viewed and other detailed information related to your visit on www.niksen.bg .
This website uses Google Analytics. This is a web analytics service offered by Google Inc. (Google). Google Analytics uses so-called cookies (text files), which are stored on your computer to be able to analyze the use of the website.
At the request of the owner of this website, Google will use this information to evaluate your use of the website, compiling reports on website activity for website operators and providing other services relating to website and Internet with respect to the website owner. Under Google Analytics, the IP address provided by your browser will not be entered along with other data from Google.
You may opt out of the storage of cookies by selecting the appropriate settings for your browser, but we would like to point out that in this case you will not be able to fully use all the features of this website. In addition, you could also prevent the collection of information from cookies and related data when using the site (including your IP address) on Google, as well as the processing of this data by Google.
To do so, go to https://tools.google.com/dlpage/gaoptout?hl=en-GB, download, and install the available Plug-ins for your browser. You can find more information at: https://tools.google.com/dlpage/gaoptout?hl=en-GB or http://www.google.com/intl/de/analytics/privacyoverview.html (general information for Google - Data Analysis and Protection). These cookies do not give us any information about your personal data.
If you want to know more about the other cookies we use, you may contact us on office@niksen.bg.