of personal data and guarantees its necessary protection against any event that
may put it at risk of violation.
As provided for by European Union
Regulation No. 679/2016 (GDPR) and Article 13 in particular, please find below
the information required by law relating to the processing of your personal
Effective date: April 02, 2018
MatcHub (“us”, “we”, or “our”)
operates the www.matchub.net website (the “Service”).
This page informs you of our policies
regarding the collection, use, and disclosure of personal data when you use our
Service and the choices you have associated with that data.
We use your data to provide and
improve the Service. By using the Service, you agree to the collection and use
of information in accordance with this policy. Unless otherwise defined in this
our Terms and Conditions, accessible from www.matchub.net.
Doubleclick, Criteo, Rocket Fuel, LinkedIn, Facebook or others to monitor and
analyze the use of our Services and Activities.
Types of recipients
belonging to MatcHub;
administrative and accounting requirements as well as those connected with
the contractual services and products;
providers, partners and companies belonging to MatcHub;
activities (assistance, maintenance, delivery/shipping of products,
performance of additional services or technical supports) associated with the
requested service or product;
Legal Authorities, Financial Administration, Supervisory and Oversight
legal requirements, protection of rights; lists and registries held by Public
Authorities or similar agencies based on specific regulations relating to the
subjects or those with recognized legal rights;
representatives, administrators, guardians, etc.;
professionals and consulting companies;
legal requirements, exercising rights, protecting contractual rights, credit
electronic payment institutions, banks/post offices.
deposits, payments, reimbursements associated with the contractual service.
Information Collection and Use
MatcHub collects several different
types of information for various purposes to provide and improve our Service to
MatcHub, represented pro tempore with registered offices
at 45, F. Nansen str. – Sofia (Bulgaria), acts as the Data Controller and can
be reached at email@example.com and
collects and/or receives information relating to you, such as: Personal Data;
Usage Data; Tracking & Cookies Data.
MatcHub does not require you to
supply so-called “private” data, that is, according to the provisions of the EU
Regulation No. 679/2016 (Art. 9), personal data that identifies race or
ethnicity, political opinions, religion or philosophy, or any union
affiliation, nor any genetic or biometric information used to uniquely identify
a physical person, data associated with health or one’s sex life, or sexual
orientation. In the event the services requested from MatcHub require the
processing of this data, you will first receive specific notification with a
request for your consent.
The Data Controller has nominated a
Data Protection Officer (DPO) who can be contacted for any information or
Telephone number: +359 (0)2 8435570
For any information or requests, please contact the
following address firstname.lastname@example.org
Telephone number +359 (0)2 8435570
time to time. We will notify you of any changes by posting the new Privacy
Policy on this page.
We will let you know via email and/or
a prominent notice on our Service, prior to the change becoming effective and
You are advised to review this
effective when they are posted on this page.
Types of Data Collected
While using our Service, we may ask
you to provide us with certain personally identifiable information that can be
used to contact or identify you (“Personal Data”). Personally identifiable
information may include, but is not limited to:
First name and last name
Your professional role, interest and background
Address, State, Province, ZIP/Postal code, City
Cookies and Usage Data
In order to fulfill administrative
and accounting requirements as well as those connected with the contractual services
and products, we may ask banking data (i.e. IBAN and banking/postal account
We may also collect information how
the Service is accessed and used (“Usage Data”). This Usage Data may include
information such as your computer’s Internet Protocol address (e.g. IP
address), browser type, browser version, the pages of our Service that you
visit, the time and date of your visit, the time spent on those pages, unique
device identifiers and other diagnostic data.
Tracking Analytic & Profiling Cookies Data
technologies to track the activity on our Service and hold certain information.
Cookies are files with small amount
of data which may include an anonymous unique identifier. Cookies are sent to
your browser from a website and stored on your device. Tracking technologies
also used are beacons, tags, and scripts to collect and track information and
to improve and analyze our Service.
You can instruct your browser to
refuse all cookies or to indicate when a cookie is being sent. However, if you
do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
Session Cookies. We use Session Cookies to operate our Service.
Preference Cookies. We use Preference Cookies to remember your
preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.
Use of Data
MatcHub uses the collected data for
Registration and contact information, and/or informational
Your personal data is processed to
implement preliminary actions and those following a personal meeting or
registration request, to manage information and contact requests, and/or to send
informational materials, as well as to satisfy any and all other obligations
arising herewith. The legal basis for this processing is to provide the
services relating to a request for registration, information and contact,
and/or the sending of informational materials (i.e. To provide and maintain the
Service; To notify you about changes to our Service; To provide customer care
and support; To provide analysis or valuable information so that we can improve
the Service; To monitor the usage of the Service; To detect, prevent and
address technical issues), and to comply with legal requirements.
Administering the contractual relationship.
Your personal data is processed to
implement preliminary actions and those following the purchase of a Service
and/or a Product, to manage the applicable order, to perform the Service itself
and/or for production and/or shipping of the purchased Product, the associated
invoicing and payment management, handling of any returns and/or notifications
to the support service and performance of the support itself, fraud prevention,
as well as fulfillment of any and all other requirements arising from the
contract. The legal basis for this processing is to provide the services
relating to the contractual relationship and to comply with legal requirements.
Promotional activities on Services/Products that are similar to
those you have purchased (Clause 47, EU Regulation No. 679/2016)
The Data Controller, even without
your explicit consent, may use the contact information you provided for direct
sales of its own Services/Products, limited to those Services/Products that are
similar to the ones included in the sale, unless you specifically refuse.
Business promotional activities on Services/Products that are
different from the ones you purchased.
Your personal data may also be
processed for business promotional purposes, for market research studies
involving the Services/Products that the Data Controller offers, but only if
you have authorized this processing and have not opposed it.
This processing may occur by the
following automated methods:
– telephone contact
and may occur:
If you have not withdrawn your consent for the use of your data;
If processing is done through contact with a personal meeting,
telephone operator, and you are not registered on the noncall registry;
The legal basis for this processing
is the consent you initially granted for the processing itself, which you may
freely withdraw at any time (see Section 3).
Analytics & Profiling
We may use third-party Service
Providers (i.e. Google-analytics, Google
i.e. Google Analytics
Google Analytics is a web analytics
service offered by Google that tracks and reports website traffic. Google uses
the data collected to track and monitor the use of our Service. This data is
shared with other Google services. Google may use the collected data to
contextualize and personalize the ads of its own advertising network.
You can opt-out of having made your
activity on the Service available to Google Analytics by installing the Google
Analytics opt-out browser add-on. The add-on prevents the Google Analytics
Google Analytics about visits activity.
For more information on the privacy practices of Google,
please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en.
Links to Other Sites
Our Service may contain links to
other sites that are not operated by us. If you click on a third party link,
you will be directed to that third party’s site. We strongly advise you to review
We have no control over and assume no
responsibility for the content, privacy policies or practices of any third
party sites or services.
The Data Controller, in line with the
provisions of Clause 49 of the EU Regulation No. 679/2016 and through its
providers (third parties and/or recipients), processes your personal data
involving traffic only to the extent strictly necessary and proportional to
guarantee security of the networks and the information. This means the capacity
of a network or information system to block, at a given level of security, any
unforeseen events or illegal or malicious acts that would compromise the
availability, authenticity, integrity and confidentiality of the personal data
stored or transmitted.
The Data Controller will immediately
notify you if there is any risk of violation of your data, except for any
obligations noted in the provisions of Art. 33 EU Regulation No. 679/2016
associated with notifications of personal data violations.
Your personal data may also be
processed for profiling purposes (such as analyzing the transmitted data and
the pre-selected Services/Products, suggesting advertising messages and/or
business offers in line with user selections) exclusively when you have given
explicit and informed consent. The legal basis for this processing is the
consent you initially granted for the processing itself, which you may freely
withdraw at any time (see Section 3).
Our Service does not address anyone
under the age of 18 (“Children”).
We do not knowingly collect
personally identifiable information from anyone under the age of 18. If you are
a parent or guardian and you are aware that your Children has provided us with
Personal Data, please contact us. If we become aware that we have collected
Personal Data from children without verification of parental consent, we take
steps to remove that information from our servers.
Transfer of Data
Your information, including Personal
Data, may be transferred to — and maintained on — computers located outside of
your state, province, country or other governmental jurisdiction where the data
protection laws may differ than those from your jurisdiction.
If you are located outside Bulgaria
and choose to provide information to us, please note that we transfer the data,
including Personal Data, to Bulgaria and process it there.
Your personal data is communicated
mainly to third parties and/or recipients whose activity is necessary to
perform the activities relating to the contract established or your technical
request, and to meet certain legal requirements, such as:
followed by your submission of such information represents your agreement to
MatcHub will take all steps
reasonably necessary to ensure that your data is treated securely and in
take place to an organization or a country unless there are adequate controls
in place including the security of your data and other personal information.
The Controller will not transfer your
personal data to countries outside the European Union where there is not an
adequate level of data protection, whether by its domestic legislation or of
the international commitments it has entered into (Article 45 and 46, EU
Regulation No. 679/2016).
*The Controller requires its own
third party providers and Data Processors to adhere to security measures that
are equal to those adopted for you by restricting the Data Processor’s scope of
action to processing directly related to the requested service or activity.
Disclosure of Data
MatcHub may disclose your Personal
Data in the good faith belief that such action is necessary to:
To comply with a legal obligation
To protect and defend the rights or property of MatcHub
To prevent or investigate possible wrongdoing in connection with
To protect the personal safety of users of the Service or the
To protect against legal liability
Security of Data
The security of your data is
important to us, but remember that no method of transmission over the Internet,
or method of electronic storage is 100% secure. While we strive to use
commercially acceptable means to protect your Personal Data, we cannot
guarantee its absolute security.
If you do not provide your identification information as needed to
perform the requested service
The collection and processing of your
personal data is necessary to fulfill the activity requests as well as to
perform the Service and/or supply the requested Product. Should you fail to
provide your personal data as expressly required, the Data Controller will not
be able to carry out the processing associated with managing the requested
services and/or the contract and the Services/Products associated with them,
nor fulfill the operations dependent on them.
If you do not provide the consent for processing personal data for
the business promotion activities on Services/Products that are different from
When you do not give your consent to
the processing of your personal data for these purposes, the processing will
not be implemented for these specific purposes, but it will not affect the
performance of the requested services or those for which you have already given
your consent, if requested. In the event you have given consent and later
withdraw it or oppose the processing for business promotional activities, your
data will no longer be processed for these activities, although this will not
create negative effects or consequences for you or the services requested.
Where we process your data
Your data is stored in hard copy,
electronic and remote archives located in countries where the EU Regulation No.
679/2016 is applicable.
How we process your data (Article 32, EU Regulation No. 679/2016)
The Data Controller makes use of
appropriate security measures to preserve the confidentiality, integrity and
availability of your personal data, and requires the same security measures
from third party providers and the Data Processors.
How long your data are stored (Article 13, paragraph 2a, EU
Regulation No. 679/2016)
Unless you explicitly express your
own desire to remove it, your personal data will be stored until required for
the due purposes for which it was collected.
In particular, the data will be
stored for no longer than a maximum period of 36 (thirty six) months of
inactivity, that is, within this time period, there have not been any kind of
Interaction or Service and/or Product purchased.
For data provided to the Data
Controller for the purposes of business promotion for services other than those
you have already purchased, for which you initially gave consent, it will be
stored for 36 (thirty six) months, except when such consent is withdrawn.
It is also important to add that,
should the user forward to MatcHub personal data that has not been requested or
that is unnecessary for the purposes of performing the activities requested, or
for the performance of services strictly connected thereto, MatcHub cannot be
considered controller of this data and will proceed to delete it as soon as
Regardless of your determination to
remove the data, your personal information will in any case be stored to comply
with obligations (e.g. tax and accounting purposes) which may continue even
after the termination of the contract; for these purposes, the Data Controller
shall retain only the data necessary to complete these activities.
For those cases where the rights
arising from the contract and/or registration are used in the courts, your
personal data, exclusively required for these purposes, shall be processed for
the time necessary to complete them.
Rights of the person concerned
You have the right to obtain the following from the Data Controller
(Articles 15-20, EU Regulation No. 679/2016):
a) Confirmation on whether your personal data is being processed
and if so, to obtain access to your personal data and the following
The categories of personal data in question;
The purposes of the processing;
The recipients or categories of recipients that have received or
will receive your personal data, in particular if these recipients are in third
party countries or are international organizations;
When possible, the anticipated storage period of your personal
data or, if not possible, the criteria used to determine this period;
Whether you have the right to ask the Data Controller to correct
or delete your personal data or the limits on processing your personal data or
to oppose the processing of the data;
The right to lodge a complaint with a supervisory authority;
In the event the data is not collected from you, all of the
information available regarding its origin;
Whether there is an automated decision process, including
profiling, and, at least in these cases, significant information on the logic
used, as well as the importance and consequences to you for this processing;
10. The suitable guarantees provided by
the third party country (outside EU) or international organization to protect
any transferred data.
11. b) The right to obtain a copy of the
personal data processed, again given that this right does not affect the rights
and freedoms of others; for extra copies requested by you, the Data Controller
may assign a reasonable fee based on administrative costs.
12. c) The right to edit any of your
incorrect personal data from the Data Controller without unjustified delay.
13. d) The right to have your personal
data deleted by the Data Controller without unjustified delay, if there are the
reasons outlined in the EU Regulation No. 679/2016, Art. 17, including, for
example, if the data is no longer needed for processing or if the data is
considered illegal, and again, if there are no conditions outlined by law; and
in any case, if the processing is not justified by another equally legitimate
14. e) The right to obtain limits on the
processing from the Data Controller, in those cases outlined in Art. 18 of the
EU Regulation No. 679/2016, for example where you have disputed the
correctness, for the period necessary for the Data Controller to verify the
data’s accuracy. You must be notified, within an appropriate time, even when
the suspension period has passed or the cause of limiting the processing has
been eliminated, and therefore the limitation itself has been withdrawn.
15. f) The right to obtain information
from the Data Controller on the recipients who have received the requests for
any corrections or deletions or limits on the processing implemented, except
when this is impossible or would create a disproportionate effort.
16. g) The right to receive your personal
data in a structured format, commonly used and readable by automatic devices as
well as the right to forward this data to another Data Controller without
obstruction from the original Data Controller, in those cases outlined by Art.
20 of the EU Regulation No. 679/2016, and the right to obtain direct forwarding
of your personal data from one Data Controller to another, if technically
For further information and to send your request, contact
the Data Controller at email@example.com.
To guarantee that the rights noted above are exercised by you and not by
unauthorized third parties, the Data Controller may require you to provide
other information necessary for this purpose.
How you can oppose the processing of your personal data (Art. 21,
EU Regulation No. 679/2016)
For any reason associated with your particular situation,
you may at any time oppose the processing of your own personal data if it is
based on legitimate reasons or if it is done for business promotional
activities, by sending a request to the Data Controller at firstname.lastname@example.org. You have the right to have your
own personal data deleted if the Data Controller has no legitimate reason
prevailing over such request, and in any case, where you have opposed the
processing for business promotional activities.
Who you can lodge a complaint with (Art. 15, EU Regulation No.
Without prejudice to any other
ongoing administrative or judicial action, you may lodge a complaint with the applicable supervisory authority of the Bulgarian territory (Bulgarian
Commission for Personal Data Protection), that is, with the agency that
performs its duties and exercises its rights within the member country where
the EU Regulation No. 679/2016 violation occurred. Any updates to this information
shall be communicated in a timely manner and through suitable means, and will
be notified to you if the Data Controller processes your data for purposes
you have given your consent, if necessary.