“Vilmar Home” LTD
(Notice regarding the processing of personal data)

Data Controller:

  1. Name of supplier:
    “Vilmar Home” LTD

  2. Address of the registered office and management address:
    7 Dobromir Hriz Str., Sofia, Bulgaria

  3. Business address:
    1 Lege Str., Sofia, Bulgaria

  4. Contact info:
    Phone: +359 888 322 255, +359 889 292 202
    Email: sales@rivierahome.bg
    Website: https://rivierahome.bg

  5. Registration in the public registry:
    Registered in the Commercial Register at the Registry Agency
    UIC: 206582082

  6. VAT Registration:
    VAT number: BG206582082

"Vilmar Home" Ltd (the "Company" or the "Controller") operates in accordance with the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data ("General Data Protection Regulation" or the "Regulation"). This "Privacy Policy" ("Policy" or "Policy") is intended to inform each Customer (hereinafter defined) of the Company regarding the processing of data by which that particular Customer is or may be identified.
For the purposes of the Policy, a "Customer" is any natural person who is a party to a contract with the Company for the purchase and sale of goods, as well as a natural person who has expressed a desire to enter into a prior contractual relationship with the Administrator and/or a user of the Online Store. https://rivierahome.bg, available on the Internet at: https://rivierahome.bg, as well as a director, manager, agent, attorney, employee, partner, shareholder, beneficial owner of a legal entity or other legal entity using the Online Shop.

What personal data do we process?
The Company as the controller processes the following groups of personal data of the Customers:
- Physical identity - name, ID number, address, telephone number, e-mail address;
- Iconomical identity - information for bank estimates.
Personal data is collected by the Controller from the persons to whom it relates.

How do we collect personal data?
We collect personal data:
- when registering on the E-shop website and when using the E-shop without registration;
- when conducting correspondence with the Client, which may include communication in written form, including electronic and oral form;
- by cookies when using or browsing our website.
In some cases, we may also collect information from third parties or public sources.
Our website collects data in log files that contain information about your IP address, ISP, browser, operating system, time of visit and pages visited.
Our website uses cookies - small files of information that the website sends to the visitor's browser and that the browser stores on the user's end device. They help us make the site better for you. More information about the use of cookies can be found in our Cookie Policy published on the E-shop website: https://rivierahome.bg.

Do we process special categories of personal data?
The Company does not process special categories of personal data of Customers.

For what purpose do we process personal data?
The Company processes the Clients’ personal data for the following purposes:
- providing you with information and assistance that you have requested from us;
- individualization and contact with customers and real owners;
- for all activities related to the establishment, modification and termination of the relationship between the Company and the Client;
- offering and promoting additional services;
- regulatory compliance;
- defending disputes and cooperating with regulators within the framework of legal requirements.
If we do not process this personal data, we may not be able to provide you with our services or the requested assistance.

On what legal basis do we process personal data?
Customers' personal data is collected, processed and used based on several legal grounds:
- To perform a contract or to enter into a prior contractual relationship;
- To comply with a legal obligation that applies to the Company;
- For the purposes of the legitimate interests of the Company or of a third party where the rights and interests of data subjects do not prevail - to resolve disputes; to prevent, detect, investigate fraud, infringement or other unlawful activities; to establish, exercise or defend legal claims;
- In the presence of voluntary consent, where required by applicable law.

How long do we keep personal data?
The Company retains the personal data during the contractual relationship and until the contractual claim is extinguished, as well as during a transitional period (e.g. for compliance with archiving and record-keeping obligations). If legal or other proceedings are initiated, personal data may be retained until such proceedings are concluded, including any appeal periods, after which it will be deleted or archived as permitted by applicable law. In particular, the various accounting and tax information media containing personal data shall be kept for a period of 10 years from 1 January of the accounting period following that to which they relate.
Where personal data is collected and processed on the basis of consent, we will only process your personal data to the extent that we have your consent.

From whom do you spodeme personal data? Is it spodeme in one third of the page?
The Company may, at its discretion, provide some or all of the personal data to processors for the purposes of processing, subject to the requirements of the Regulation.
The Company shares personal data with:
- third party service providers engaged by us to perform functions or activities on our behalf;
- third parties: regulatory, tax, financial, judicial, administrative and law enforcement authorities, in accordance with applicable law.
This list is not exhaustive and there may be other lawful bases for the storage, disclosure or other processing of personal data.
The Company will notify the data subject if it intends to transfer some or all of his or her personal data to third countries or international organisations.

Is personal data protected?
The Company shall provide and maintain appropriate technical and organisational measures to protect personal data against unauthorised access or unlawful use and/or against accidental loss, alteration, disclosure, access and/or corruption or copying. These measures are designed to ensure the continued protection and confidentiality of personal data. The Company regularly reassesses the measures to achieve permanent security of personal data.

Does the Company perform automated decision making?
The Company does not carry out automated decision-making based on personal data.

What rights do Customers have in relation to the processing of personal data?
Any Customer may exercise the following rights by written notice to the Company:

  • Withdrawal of consent to the processing of personal data
    Where processing is based on consent, the Customer shall have the right to withdraw it at any time, without prejudice to the lawfulness of the processing prior to withdrawal.

  • Right of access
    The customer has the right to obtain confirmation as to whether their personal data is being processed, as well as access to it and a free copy (except in cases of excessive or repetitive requests).

  • Right of rectification
    The right to request rectification of inaccurate, incomplete or outdated personal data.

  • Right to erasure ("right to be forgotten")
    The right to request erasure of personal data where:
    (i) are not necessary for the purposes for which they were collected;
    (ii) withdraws its consent and has no other legal basis;
    (iii) objects to the processing;
    (iv) the personal data have been unlawfully processed;
    (v) erasure is necessary to comply with a legal obligation;
    (vi) the personal data were collected in connection with the provision of a public information service.

The Company may refuse erasure if the processing is necessary for: freedom of expression