This describes the information gathering and dissemination practices for the website: https://www.comiccon.bg
“Anivencher Comic Con” Ltd, UIC: 207203090, with registered office and registered address in. Sofia, p.k. 1000, Mladost district, Blvd. Tsarigradsko shose № 115D, et. 3 (hereinafter referred to as “Organizer”), processes your personal data in accordance with the requirements of the General Data Protection Regulation (EU Regulation 2016/679) and the Personal Data Protection Act.
According to Article 4 of EU Regulation 2016/679, “personal data” means any information relating to an identified natural person or an identifiable natural person, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Pursuant to our obligations under Regulation 2016/679 of the European Parliament and of the Council (“General Data Protection Regulation” or “GDPR”), the Promoter warrants that the processing of personal data such as name, address, telephone number and email address will always be in accordance with the Regulation and applicable Bulgarian data protection legislation.
1. Collection and use of personal data
The Organiser collects and processes your personal data in connection with the use of the website https://www.comiccon.bg, providing access and participation of user(s) in Comic-con, sending the newsletter, participating in competitions during the Comic-con event and awarding participants, marketing activities, carrying out volunteer initiatives in connection with Comic-con, concluding contracts with the Organiser on the basis of Art. 6 para. 1 and Art. 9 para. 2, Regulation (EU) 2016/679 (GDPR), as well as other ancillary activities, and in particular on the following grounds:
- Your explicit consent;
- Performance of the Organiser’s obligations to maintain a platform for Comic-con information and to run competition events;
- Compliance with a legal obligation applicable to the Organiser as processor of your personal data;
- For the purposes of the legitimate interests of the Organiser or a third party.
The Organiser does not collect personal data beyond that which is necessary for the performance of its activities or that which is given by you with your explicit and free consent.
2. The personal data we process
2.1. Personally identifiable information: We may collect personal information from you including your name, email address, telephone number, type of legal registration and registered office (where applicable), social media contacts (where applicable), your website address when you participate in any of the following activities:
- Participation in Comic-con and competitions organised by the Organiser;
- Carrying out volunteer initiatives in connection with Comic-con;
- Signing up to receive promotional materials by mail or email;
- Participation in a survey.
2.2. For the purposes of marketing activities and running competitions at Comic-con
For newsletter and other marketing activities we collect the following personal data:
- Three names;
- Phone number;
- Email address;
- Other data provided by you in connection with specific marketing purposes of which you have been informed;
2.3. Technical information
Each time you open the web page of https://www.comiccon.bg and/or the various sections within it, we receive information in the form of an information protocol with the following content:
- Your IP address and the page from which you were referred to our website;
- Information about your stay on our website and the sections you have visited;
- Information about your browser and operating system;
- Other types of technical information as required by the technical requirements of the information system;
3. Personal data not processed:
The Organiser does not collect or process personal data that:
- reveal the racial or ethnic origin of users or other data relating to their health or mental state;
- disclose political, religious or philosophical beliefs, or trade union membership;
- disclose users’ genetic or biometric data or data about sexual orientation, and in the event that the above is shared by users of the site, it will not be subject to processing except with the express consent of the users.
4. Grounds and purposes for processing personal data by the Organiser
The organizer does not carry out automated decision-making, and the data provided will not be used for advertising or marketing purposes, except with the express permission and consent of the person whose data is collected, and will not be provided to third parties, except in certain cases, namely:
- where provided for by law or the Organizer’s General Terms and Conditions;
- if duly requested by a competent governmental or judicial authority;
- where we have obtained your express consent to do so.
5. The storage period of the data provided
The Organiser shall store your data in accordance with the time limits prescribed by law.
The main criterion by which we will determine the duration of processing is the time for which the information is needed.
In cases where no Comic-con is organised and/or held, for which the Organiser is not responsible, or for any other reason the reason for uploading personal data has ceased to exist, your personal data will be deleted in due time. Personal data submitted for participation in Comic-con will be stored for the duration of its performance. Apart from the above, where we process personal data on the basis of your consent, it will be retained until you withdraw your consent and exercise your right to be forgotten/ have any personal data you have provided erased.
6. Technical security regarding the protection of personal data
The Organiser has put in place all technical and organisational measures necessary for the processing and protection of personal data in accordance with EU Regulation 2016/679 and applicable Bulgarian law.
The measures taken correspond to the specific risks associated with the processing and storage of the personal data provided. Organisational and technical safeguards are in place to protect your data from loss, alteration, theft or unauthorised access by unauthorised third parties.
7. Sharing and disclosure of personal data with third parties
In certain cases, the Organiser may disclose certain personal data to partners or subcontractors who work with the Organiser, through the provision of services related to the Organiser’s activities or assist the Organiser in its activities.
The Organiser may disclose your personal data to third parties, including such third parties located outside the European Union, subject to the requirements of the Regulation, such as:
- When organising games, competitions or promotions in accordance with the rules of the specific games, such as. The disclosure of information here is solely between the Organiser and the service providers of the relevant game;
- Third parties with whom the Organiser has a contractual relationship for the use of Virtual Private Servers (VPS) and server and cloud service providers related to the maintenance of the website;
- Third parties providing services to improve the advertising targeting of the Organizer’s services;
- Third parties providing services to the Organiser such as accountants, auditors, lawyers, notaries, advertising and PR agencies or companies carrying out data system administration activities.
The Organizer will share personal data with third parties only after explicitly securing the technical and legal mechanisms under which the processing of the shared personal data will take place, in accordance with the requirements of Regulation 679/2016 and Bulgarian legislation.
The third parties and partners of the Organiser undertake to take all actions to ensure the legitimate processing of personal data in accordance with the privacy requirements set out in this Policy.
8. Your rights as a data subject
Under the Regulation, each data subject has the following rights:
8.1. Right of access
You have the right to find out free of charge what personal data we process about you and whether we process such data.
8.2. Right to rectification
In the event of a discrepancy between your data and that which we process, you have the right to request that we correct, without undue delay, any data held by us which is inaccurate.
8.3. Right to restriction of processing
In certain circumstances, you have the right to request the restriction or blocking of the processing of certain data. Such cases are the need to verify the accuracy of your personal data, the basis for processing or the unlawfulness of processing.
8.4. Right to erasure
In cases where the basis for processing has ceased, you have the right to request the erasure of all data processed by us.
8.5. Right to data portability
In the event that you wish to use your personal data provided electronically for the same service, but by another provider, you have the right to request that it be transmitted to another provider in a machine-readable format. This right only applies to data that you have provided to us with your consent.
8.6. Right to object
If you do not agree with the way we process your personal data, you have the right to object. This right applies only to data the processing of which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Organiser, and to data the processing of which is necessary for the purposes of the legitimate interests of the Organiser or of a third party, except where the interests of the data subject prevail over such interests.
8.7. Right to withdraw consent
When providing data on the basis of your consent, you have the right at any time to withdraw consent to the processing of the specific type of personal data.
8.8. Right to complain
If you are dissatisfied with the manner in which an application made by you in relation to any of the above rights has been administered or you believe that we are not lawfully processing your personal data, you have the right to lodge a complaint with the Data Protection Commission, which is the supervisory authority responsible for the implementation of EU Regulation 2016/679 and the Data Protection Act.
If you wish to exercise any of the above rights, you can send the relevant application for this with your exact request to the following email address: firstname.lastname@example.org
CONTACTS OF THE DATA PROTECTION COMMISSION (CDP)
city. 1592 Sofia Blvd. “Prof. 2
Information and Contact Centre – tel. 02/91-53-518
Reception – working hours 9:00 – 17:30
This Policy was adopted on 01.05.2023 and has not been changed since that time.