General Data Protection Regulation
I. |
Controller |
For the processing of your personal data, the controller isAurubis Bulgaria AD, a joint stock company, registered in the Company Register with the Registry Agency under uniform ID code 832046871, having its registered seat and management address in: Aurubis Bulgaria Industrial Zone 2070 Pirdop Bulgaria Aurubis Bulgaria is represented by Tim Kurth – Executive Director. |
|
II. |
Contact information for the Data Protection Officer |
Data Protection Officer, Legal department, Aurubis Bulgaria AD, Industrial zone, 2070Pirdop Tel.:+359 7286 2406 Fax:+359 7286 2636 |
|
III. |
Collection and processing of personal data for evaluation of sponsorship/ donation applications |
1. 2. 3. 4. |
Personal data,collected directly from the applicantin written or verbal when applying for sponsorship/ donation:
Personal data,collected directly from the applicantin written:
Additional personal data,which Aurubis Bulgaria AD may requests:
Video Surveillance– on the territory of the company are located cameras for 24-hour video surveillance designed for security and operational purposes; on the entrances of the company are located cameras for 24-hour body temperature measurement that aim is to prevent epidemic/ pandemic disease spreading. The processing of personal data in p. III (1- 4)is necessary for the following purposes:
When approving and signing a donation/ sponsorship contract, personal data will be stored for up to 6 years from the date of the contract. If the donation/ sponsorship request is rejected, personal data will be stored for up to 1 year from the rejection decision. Video records and indicators of body temperature measurements are processed for up to 2 weeks. Sponsorship/ donation applicantsprovidetheirpersonaldatato theCompany on a voluntary basis. Iftheydo not providetheirpersonaldata, the company will not be able toconsider, evaluate and prepare a donation contract with them,because it will not be able to fulfill its legitimate interests and/ or legal obligations. The grounds for processing thepersonaldata under p.III(1-4)are based on Regulation (EU) 2016/679 as follows: Article 6 (1) (b) of Regulation (EU) 2016/67 and Article 6 (1)(c) of Regulation (EU) 2016/679 and/orArticle 6 (1) (f) of Regulation (EU) 2016/679and Article 6 (1) (d) of Regulation (EU) 2016/679, in relation withArticle9 (2)(i) of Regulation (EU) 2016/679. |
IV. |
Collection andprocessing ofPersonalData inothercases |
In other cases,different than the mention in p. III, personal data is collected and processed only ifprovided voluntarily,as follows: If Aurubis Group companies provide personal data of the type described above to us as allowed for the purposes mentioned above, especially for cases in which You have contacted an affiliated company of ours with an issue that relates to us and not that affiliated company. |
|
V. |
Provision of personal data to third parties |
Aurubis Bulgaria AD usesservice providers, whoprocess and store personal data ("Personal DataProcessors" pursuant to Article 28 of Regulation (EC) 2016/679). In particular, this is applicable to legal advisers, medical advisersand other services. These processors work onlyon contractual basiswith Aurubis Bulgaria AD and store and process personal data according to the company's instructions. If you contact Aurubis Bulgaria regarding issues that concern a company affiliated with Aurubis Bulgaria, in individual cases we will provide this affiliated company with your personal data. If you have entered the premises of the company and subsequently informed us that you have been infected in order to prevent the spread of a pandemic / epidemic disease, this information shall be disclosed to employees of Aurubis Bulgaria AD and employees of contractors who have been in contactwith you and respectively may have been infected. Out of thesethreecircumstances, data will only be provided in individual cases and in a volume that is in accordance with a specific legal obligation of Aurubis Bulgaria AD, as well asin cases where Yousubmittedconsent to provide your data. |
|
VI. |
Sponsorship/ donation applicants rights as Data Subject |
1) For exercising the right of freedom of expression and information; 2) For compliance with a legal obligation; 3) For reasons of public interest; 4) For the establishment, exercise or defense of legal claims (Art. 17 of Regulation (EU) 2016/ 679).
When exercising the right to receive personal data or to transfer it to another Controller, more than once within 24 months, Aurubis Bulgaria AD reserves the right, according to Ch. III, Art. 12 par. 5 (a) of Regulation (EU) 2016/679, to require payment of administrative costs of BGN 20 per set of paper copy and BGN 20 per electronic carrier. In order to exercisehisrights under the abovepoints,the applicant/ data subject mustcontact the Data Protection Officer designated by Aurubis Bulgaria AD: Address: 2070. Pirdop, Industrial zone, Tel : + 359 888 690 430 E-mail:p.gadzhev@aurubis.com The applicant/ data subject hasthe right, under Article 77 of Regulation (EC) 2016/679, tolodgea complainttothe Commission for Personal Data Protection (CPDP)bythe ways described in the Commission's website. The contact details of CPDP are: Address:1592 Sofia,Prof. Tsvetan Lazarov Blvd. 2 Fax:02 9153525 E-mail:kzld@cpdp.bg Aurubis Bulgaria AD will cooperatetoCPDP in the handling of such complaints and will comply with all recommendationsand/ or instructions issued by the supervisory authority. The applicant/ data subjecthas the right tolodgea complaint at Aurubis Group Headquarters by sending an email todataprotection@aurubis.com. |
|
VII. |
Right to object |
Ifthepersonal data is processed on the basis of a legitimate interest of the company pursuant to Article 6 (1) (f) of Regulation (EC) 2016/67,the applicant/ data subjecthasthe right to objectthe processing ofthese第二十一条(1)下数据监管(EC) 2016 /679. In this case, the company willnotcontinue the processing ofthepersonal data,unless there are convincing legal grounds for the processing that take precedence overtheinterestsof the data subject,hisrights and freedoms or are necessary for the establishmentand/or thedefenseof legalclaims. Ifthe applicant/ data subjectwantstousetherighttoobject, it is enough to send an email top.gadzhev@aurubis.com |
I. |
Controller |
For the Processing of Your personal data, Controller is Aurubis Bulgaria AD, a joint stock company, registered in the Company Register with the Registry Agency under uniform ID code 832046871, having its registered seat and management address in: Aurubis Bulgaria AD Industrial zone 2070Pirdop Bulgaria Aurubis Bulgaria AD is represented by Tim Kurt, Executive Director. |
|
II. |
Contact details of the Data Protection Officer |
Data Protection Officer,Legal Department, Aurubis Bulgaria AD, Industrial zone, 2070 Pirdop Tel.: +359 7286 2406 Fax: + 359 7286 2636 E-mail:p.gadzhev@aurubis.com |
|
III. |
Collection and processing of personal data ofjob applicants/ apprenticeshipin Aurubis Bulgaria AD |
1. 2. 3. |
Personal data,collected directly from the data subjectin written or verbal prior to entering into employment or in civil contract:
Personal data,generated by the Company in written or verbal:
当发出一个访问卡,securi的一部分ty and safety measures, review and transfer of the personal data from the identity documentis performed, via reader, into the access control system, or the personal data is entered manually into the system. We collect and process the following data:
Video Surveillance – on the territory of the company are located cameras for 24-hour video surveillance designed for security and operational purposes; on the entrances of the company are located cameras for 24-hour body temperature measurement that aim is to prevent epidemic/ pandemic disease spreading. |
The processing ofpersonaldata in p. III (1-3) is necessary for the following purposes:
Personal data provided as mentioned in p. III (1 and 2) is processed for up to 6 months. Personal data entered into the access control system is processed and kept for up to 3 years. Video records are processed and stored for up to 2 months of creation in compliance with the Private Security Services Legislation. The video records of sites under the Waste Management Act are processed for up to 1 year. Video records and indicators of body temperature measurements are processed for up to 2 weeks. Job applicantsprovidetheirpersonal data to the Company on a voluntary basis. Iftheydo not providetheirpersonal data, the company will not be able toexecute the procedure for recruitment and to take steps for conclusion of a labor contract or to enter in civil contract with them. The grounds for processing the personal data under p. III(1-3)are based on Regulation (EU) 2016/679 as follows: Article 6 (1) (a) of Regulation (EU) 2016/67 and Article 6 (1)(b) of Regulation (EU) 2016/679 and Article 6 (1) (e) of Regulation (EU) 2016/679and Article 6 (1) (d) of Regulation (EU) 2016/679, in relation withArticle9 (2)(i) of Regulation (EU) 2016/679. |
|
IV. |
Collection and processing of personal data in other cases |
In other cases,different than the mention in p. III, personal data is collected and processed only ifprovided voluntarily,as follows: |
|
1. |
Writtenconsentof the job applicantfor the storage and processing ofhispersonal data for up to1 year. The processing in this case is based on staying in touch with the job applicant for the above mentioned period of 1 year if in the company are opened new vacancies that matches his profile. Personal data processing for these purposes is based on the job applicant consent, which is expressed unambiguously, by voluntary provision of documents and information necessary for the purposes of the certain case. Job applicant may withdraw the consent at any time that will not affect the lawfulness of the processing prior to the withdrawal of the consent. Thegroundsfor processing thispersonaldata is based on Article 6 (1) (a) of Regulation (EU) 2016/679, Article 6 (1) (b) of Regulation (EC) 2016/679, Article 6(1)(c) of Regulation (EU) 2016/679 and Article 6 (1) (f) of Regulation (EC) 2016/679. |
V. |
Provision of personal data to third parties |
Aurubis Bulgaria AD uses supplier services to process and store personal data ("Personal Data Processors" pursuant to Article 28 of Regulation (EC) 2016/679). In particular, this is applicable to the security company, recruitment companies and other services. These processors work onlyon contractual basiswith Aurubis Bulgaria AD and store and process personal data according to the company's instructions. The above mentioned data for the above purposes will be provided to other Aurubis Group companies only in the volume required for processing. If you have entered the premises of the company and subsequently informed us that you have been infected in order to prevent the spread of a pandemic / epidemic disease, this information shall be disclosed to employees of Aurubis Bulgaria AD and employees of contractors who have been in contact with you and respectively may have been infected. Out of these threecircumstances, data will only be provided in individual cases and in a volume that is in accordance with a specific legal obligation of Aurubis Bulgaria AD, as well asin cases where Yousubmittedconsent to provide your data. |
|
VI. |
Job applicantsrights as Data Subject |
1) For exercising the right of freedom of expression and information; 2) For compliance with a legal obligation; 3) For reasons of public interest; 4) For the establishment, exercise or defense of legal claims (Art. 17 of Regulation (EU) 2016/ 679).
When exercising the right to receive personal data or to transfer it to another Controller, more than once within 24 months, Aurubis Bulgaria AD reserves the right, according to Ch. III, Art. 12 par. 5 (a) of Regulation (EU) 2016/679, to require payment of administrative costs of BGN 20 per set of paper copy and BGN 20 per electronic carrier. In order to exercisehisrights under the abovepoints,the job applicant/ data subject mustcontact the Data Protection Officer designated by Aurubis Bulgaria AD: Address: 2070. Pirdop, Industrial zone, Tel : + 359 888 690 430 E-mail:p.gadzhev@aurubis.com The job applicant/ data subject hasthe right, under Article 77 of Regulation (EC) 2016/679, tolodgea complainttothe Commission for Personal Data Protection (CPDP)bythe ways described in the Commission's website. The contact details of CPDP are: Address:1592 Sofia,Prof. Tsvetan Lazarov Blvd. 2 Fax:02 9153525 E-mail:kzld@cpdp.bg Aurubis Bulgaria AD will cooperatetoCPDP in the handling of such complaints and will comply with all recommendationsand/ or instructions issued by the supervisory authority. The job applicant/ Data subjecthas the right tolodgea complaint at Aurubis Group Headquarters by sending an email todataprotection@aurubis.com. |
|
VII. |
Right of objection |
Ifthepersonal data is processed on the basis of a legitimate interest of the company pursuant to Article 6 (1) (f) of Regulation (EC) 2016/67,the job applicant/ data subjecthasthe right to objectthe processing ofthese第二十一条(1)下数据监管(EC) 2016 /679. In this case, the company willnotcontinue the processing ofthepersonal data,unless there are convincing legal grounds for the processing that take precedence overtheinterestsof the data subject,hisrights and freedoms or are necessary for the establishmentand/or thedefenseof legalclaims. Ifthe job/ applicant/ data subjectwantstousetherighttoobject, it is enough to send an email top.gadzhev@aurubis.com |
Controller |
For the Processing of Your personal data, Controller is Aurubis Bulgaria AD, a joint stock company, registered in the Company Register with the Registry Agency under uniform ID code 832046871, having its registered seat and management address in: Aurubis Bulgaria AD Industrial zone 2070Pirdop Bulgaria Aurubis Bulgaria AD is represented by Tim Kurt, Executive Director. |
Contact details of the Data Protection Officer |
Data Protection Officer, Legal department, Aurubis Bulgaria AD, Industrial zone, 2070 Pirdop Tel.: + 359 7286 2406 Fax: + 359 7286 2636 E-mail: p.gadzhev@aurubis.com |
Collection and processing of personal data of Aurubis Bulgaria employees |
Personal data,collected directly from the data subjectin written or verbal prior to entering into employment or in civil contract:
|
Personal data,collected directly from the employee in written at the beginning or at time of contractual relationship:
|
Personal data,generated by the Company in written or verbal:
|
Personal data, collected directly fromthe employeein written or verbal,or received by third parties(medical tests,diagnostic procedures, consultations, documents on temporarydisabilitytowork)or are generated by the Health service department throughout the employment period:
|
Video Surveillance:
照片:
|
直接从员工个人资料收集s in written or verbal, or received by third parties (medical tests, diagnostic procedures, consultations, documents on temporary disability to work) or are generated by the Health service department throughout pandemics period, in case the person has symptoms or direct contacts with infected people:
|
直接从员工个人资料收集s in written or verbalwith his consent, or received by third parties (medical tests, diagnostic procedures, consultations, documents on temporary disability to work) or are generated by the Health service department throughout pandemics period, in case the employer carries out an impact assessment and assessment on the need for anti-epidemic measures:
|
The processing of personal data in p. III (1-6) is necessary for the following purposes:
Personal data will be stored for a period of 11 (eleven) years after termination of employee legal relationship with the Company, same as the absolute limitation period for tax obligations, unless they have become necessary within that period to establish, exercise or protect of any legal claims or administrative proceedings against Aurubis Bulgaria AD. In this case, the personal data will be stored until the end of the relevant legal procedure. Personal data entered into the access control system is processed and kept for up to 3 years from the termination of the employment or civil relationship. Payment recordsand health dossiersare kept for up to 50 years. Video records are processed and stored for up to 2 months of creation in compliance with the Private Security Services Legislation. The video records of sites under the Waste Management Act are processed for up to 1 year. Photos of employees are processed for a period of 5 years from committing a violation, unless they have become necessary within that period to establish, exercise or protect of any legal claims or administrative proceedings against Aurubis Bulgaria AD. In this case they will be stored until the end of the relevant legal procedure. Personal data which is processed in case of work accidents, is stored for up to 5 years after the event. 健康记录为目的,以防止大流行s are processed for up to 2 months after the announcement of the end of pandemics. Video records and indicators of body temperature measurements are processed for up to 2 weeks. Employeesprovidetheirpersonaldatato theCompany on a voluntary basis. Iftheydo not providetheirpersonaldata, the company will not be able to conclude a contract withthemor will not be able to fulfill its obligations under such contract,or will not be able to perform its obligations towards thepublic interest in the area of public health, such as protecting against serious cross-border threats to health,orthe employeewill not be able to take advantage of certain social benefits / participate in certain processes and projects in the Company. The grounds for processing thepersonaldata under p.III are based on Regulation (EU) 2016/679 as follows:Article 6 (1) (b) of Regulation (EU) 2016/67 and Article 6 (1)(c) of Regulation (EU) 2016/679 and/orArticle 6 (1) (f) of Regulation (EU) 2016/679and Article 6 (1) (d) of Regulation (EU) 2016/679, in relation withArticle9 (2)(h) of Regulation (EU) 2016/679. |
Collection andprocessing ofPersonalData inothercases |
In other cases,different than the mention in p. III, personal data is collected and processed only ifprovided voluntarily,as follows: |
Additional personal data, collected and processed after a written requestfromthe employee:
The processing of the above mentioned personal data serves for the following purposes:
If employee provides to Aurubis Bulgaria AD, personal data of his family members (e.g. in order to use certain social benefits) or any other third parties,it is his responsibility to:
Personal data processing for these purposes is based on employee consent, whichisexpressed unambiguously,by voluntary provision of documents and information, necessary for the purposes of the certain case.Employee maywithdrawtheconsent at any time that will not affect the lawfulness of the processing prior to the withdrawal of the consent. Thegroundsfor processing thispersonaldata is based on Article 6 (1) (a) of Regulation (EU) 2016/679, Article 6 (1) (b) of Regulation (EC) 2016/679, Article 6(1)(c) of Regulation (EU) 2016/679 and Article 6 (1) (f) of Regulation (EC) 2016/679. |
Provision of personal data to third parties |
Aurubis Bulgaria AD usesservice providers, whoprocess and store personal data ("Personal DataProcessors" pursuant to Article 28 of Regulation (EC) 2016/679). In particular, this is applicable to the security company, insurance companies, mobile operators, travel agencies, transport companies, pensionandinsurance companies, legal advisers and other third parties with which Aurubis Bulgaria has concluded contracts forprovisionof training, medical, accounting and other services. These processors work onlyon contractual basiswith Aurubis Bulgaria AD and store and process personal data according to the company's instructions. Theabovementioned data for the above purposes will be provided to otherAurubisGroup companies only in the volume requiredby the particular purpose forprocessing. The reason for the processing of personal data by other Aurubis Group companies is based on a legitimate interest - unification and standardization of processes at the corporate group level. The information for confirmed infected employees, in relation with p. III (6), shall be disclosed only in case it is necessary to assess whether other employees of Aurubis Bulgaria AD or employees of contractors had been in contact with the infected person, and respectively infected too. Out of thesethreecircumstances, data will only be provided in individual cases and in a volume that is in accordance with a specific legal obligation of Aurubis Bulgaria AD, as well asin cases whereemployee hassubmittedconsent to providethedata. |
Employees rights as Data Subject |
1) For exercising the right of freedom of expression and information; 2) For compliance with a legal obligation; 3) For reasons of public interest; 4) For the establishment, exercise or defense of legal claims (Art. 17 of Regulation (EU) 2016/ 679).
When exercising the right to receive personal data or to transfer it to another Controller, more than once within 24 months, Aurubis Bulgaria AD reserves the right, according to Ch. III, Art. 12 par. 5 (a) of Regulation (EU) 2016/679, to require payment of administrative costs of BGN 20 per set of paper copy and BGN 20 per electronic carrier. In order to exercisehisrights under the abovepoints,the employee mustcontact the Data Protection Officer designated by Aurubis Bulgaria AD: Address: 2070. Pirdop, Industrial zone, Tel : + 359 888 690 430 E-mail:p.gadzhev@aurubis.com Data subject hasthe right, under Article 77 of Regulation (EC) 2016/679, tolodgea complainttothe Commission for Personal Data Protection (CPDP)bythe ways described in the Commission's website. The contact details of CPDP are: Address:1592 Sofia,Prof. Tsvetan Lazarov Blvd. 2 Fax:02 9153525 E-mail:kzld@cpdp.bg Aurubis Bulgaria AD will cooperatetoCPDP in the handling of such complaints and will comply with all recommendationsand/ or instructions issued by the supervisory authority. Data subjecthas the right tolodgea complaint at Aurubis Group Headquarters by sending an email todataprotection@aurubis.com. |
Right to object |
Ifthepersonal data is processed on the basis of a legitimate interest of the company pursuant to Article 6 (1) (f) of Regulation (EC) 2016/67,the employeehasthe right to objectthe processing ofthese第二十一条(1)下数据监管(EC) 2016 /679. In this case, the company willnotcontinue the processing ofthepersonal data,unless there are convincing legal grounds for the processing that take precedence overtheinterestsof the data subject,hisrights and freedoms or are necessary for the establishmentand/or thedefenseof legalclaims.Ifthe data subjectwantstousetherighttoobject, it is enough to send an email top.gadzhev@aurubis.com |
I. |
Controller |
For the Processing of Your personal data, Controller is Aurubis Bulgaria AD, a joint stock company, registered in the Company Register with the Registry Agency under uniform ID code 832046871, having its registered seat and management address in: Aurubis Bulgaria AD Industrial zone 2070Pirdop Bulgaria Aurubis Bulgaria AD is represented by Tim Kurt, Executive Director. |
|
II. |
Contact details of the Data Protection Officer |
Data Protection Officer, Legal department, Aurubis Bulgaria AD, Industrial zone, 2070Pirdop Tel.:+359 7286 2406 Fax:+ 359 7286 2636 E-mail:p.gadzhev@aurubis.com |
|
III. |
Collection and processing of personal data of Contractors employees, who work on the territory of Aurubis Bulgaria |
1. 2. 3. 3. 5. 6. |
当发出一个访问卡,securi的一部分ty and safety measures, review and transfer of the personal data from the identity documentis performed, via reader, into the access control system, or the personal data is entered manually into the system. We collect and process the following data:
Video Surveillance– on the territory of the company are located cameras for 24-hour video surveillance designed for security and operational purposes; on the entrances of the company are located cameras for 24-hour body temperature measurement that aim is to prevent epidemic/ pandemic disease spreading. Photos - on the territory of the company,contractorsemployees are shot for proving violations. Copies of qualification,driving license and training certificates, as required bythe OHS procedures and work instructions in Aurubis Bulgaria AD and form FM-HNSD-006-B/E. Communication details,namely:
直接从员工个人资料收集s in written or verbal, generated by the Health service department throughout pandemics periods, in case the person has symptoms or direct contacts with infected people:
The processing of personal data in p. III (1- 6) is necessary for the following purposes:
Personal data entered into the access control system is processed andstoredfor up to 3 years from the termination of the contract with Aurubis Bulgaria AD or a notice fromtheEmployer thatthe personisno longer its employee. Video records are processed and stored for up to 2 months of creation in compliance with the Private Security Services Legislation. The video records of sites under the Waste Management Act are processed for up to 1 year. Photos of contractor’s employees are processed for a period of 5 years from committing a violation, unless they have become necessary within that period to establish, exercise or protect of any legal claims or administrative proceedings against Aurubis Bulgaria AD. In this case they will be stored until the end of the relevant legal procedure. Personal data which is processed in case of work accidents, is stored for up to 5 years after the event. Video records and indicators of body temperature measurements are processed for up to 2 weeks. Contractor’s employeesprovidetheirpersonaldatato theCompany on a voluntary basis. Iftheydo not providetheirpersonal data, the company will not be able to allowthemto work on the territory because it will not be able to fulfill its legitimate interests and/ or legal obligationsor will not be able to perform its obligations towards thepublic interest in the area of public health, such as protecting against serious cross-border threats to health. The grounds for processing thepersonaldata under p.III are based on Regulation (EU) 2016/679 as follows: Article 6 (1) (b) of Regulation (EU) 2016/67 and Article 6 (1)(c) of Regulation (EU) 2016/679 and/orArticle 6 (1) (f) of Regulation (EU) 2016/679and Article 6 (1) (d) of Regulation (EU) 2016/679, in relation withArticle9 (2)(h) of Regulation (EU) 2016/679andArticle9 (2)(i) of Regulation (EU) 2016/679. |
IV. |
Collection andprocessing ofPersonalData inothercases |
In other cases,different than the mention in p. III, personal data is collected and processed only ifprovided voluntarily,as follows: |
|
1. |
If the employee is communicating with us while acting in a professional capacity for one of our business partners, we store and process professionally used contact data, as follows:
The processing of the above mentioned personal data serves for the following purposes:
The grounds for processing this personaldata are based on Regulation (EU) 2016/679as follows: 1) Article 6 Paragraph 1(b) GDPR (General Data Protection Regulation) and Article 6 Paragraph 1(f) GDPR (General Data Protection Regulation) in order to maintain and conduct the business relationship for the length of the business relationship or until the Aurubis Bulgaria business partner communicates that You are no longer employed by them; 2) In cases when we are obligated to store the data for a longer period of time pursuant to Article 6 Paragraph 1 Sentence 1(c) GDPR (General Data Protection Regulation) due to storage and documentation obligations according to legal tax, commercial regulations and other applicable regulations; 3) In cases when You have consent to a longer storage period pursuant to Article 6 Paragraph 1 Sentence 1(a) GDPR (General Data Protection Regulation). |
2. |
If Aurubis Group companies provide personal data of the type described above to us as allowed for the purposes mentioned above, especially for cases in which You have contacted an affiliated company of ours with an issue that relates to us and not that affiliated company. |
V. |
Provision of personal data to third parties |
Aurubis Bulgaria AD usesservice providers, whoprocess and store personal data ("Personal DataProcessors" pursuant to Article 28 of Regulation (EC) 2016/679). In particular, this is applicable to the security companyand its employees,legal advisers and other third parties. These processors work onlyon contractual basiswith Aurubis Bulgaria AD and store and process personal data according to the company's instructions. If You contact Aurubis Bulgaria regarding issues that concern a company affiliated with Aurubis Bulgaria, in individual cases we will provide this affiliated company with your personal data. The information for confirmed infected employees, in relation with p. III (6), shall be disclosed only in case it is necessary to assess whether employees of Aurubis Bulgaria AD or employees of other contractors had been in contact with the infected person, and respectively are infected too. Out of thesethreecircumstances, data will only be provided in individual cases and in a volume that is in accordance with a specific legal obligation of Aurubis Bulgaria AD, as well asin cases where Yousubmittedconsent to provide your data. |
|
VI. |
Your rights as Data Subject |
1) For exercising the right of freedom of expression and information; 2) For compliance with a legal obligation; 3) For reasons of public interest; 4) For the establishment, exercise or defense of legal claims (Art. 17 of Regulation (EU) 2016/ 679).
When exercising the right to receive personal data or to transfer it to another Controller, more than once within 24 months, Aurubis Bulgaria AD reserves the right, according to Ch. III, Art. 12 par. 5 (a) of Regulation (EU) 2016/679, to require payment of administrative costs of BGN 20 per set of paper copy and BGN 20 per electronic carrier. In order to exercisehisrights under the abovepoints,the data subject mustcontact the Data Protection Officer designated by Aurubis Bulgaria AD: Address: 2070. Pirdop, Industrial zone, Tel : + 359 888 690 430 E-mail:p.gadzhev@aurubis.com Contractors employee/ Data subject hasthe right, under Article 77 of Regulation (EC) 2016/679, tolodgea complainttothe Commission for Personal Data Protection (CPDP)bythe ways described in the Commission's website. The contact details of CPDP are: Address:1592 Sofia,Prof. Tsvetan Lazarov Blvd. 2 Fax:02 9153525 E-mail:kzld@cpdp.bg Aurubis Bulgaria AD will cooperatetoCPDP in the handling of such complaints and will comply with all recommendationsand/ or instructions issued by the supervisory authority. Contractors employee/ Data subjectalso has the right tolodgea complaint at Aurubis Group Headquarters by sending an email todataprotection@aurubis.com. |
|
VII. |
Right to object |
Ifthepersonal data is processed on the basis of a legitimate interest of the company pursuant to Article 6 (1) (f) of Regulation (EC) 2016/67,the employee/ data subjecthasthe right to objectthe processing ofthese第二十一条(1)下数据监管(EC) 2016 /679. In this case, the company willnotcontinue the processing ofthepersonal data,unless there are convincing legal grounds for the processing that take precedence overtheinterestsof the data subject,hisrights and freedoms or are necessary for the establishmentand/or thedefenseof legalclaims. Ifthe data subjectwantstousetherighttoobject, it is enough to send an email top.gadzhev@aurubis.com |
I. |
Controller |
For the Processing of Your personal data, Controller is Aurubis Bulgaria AD, a joint stock company, registered in the Company Register with the Registry Agency under uniform ID code 832046871, having its registered seat and management address in: Aurubis Bulgaria AD Industrial zone 2070Pirdop Bulgaria Aurubis Bulgaria AD is represented by Tim Kurt, Executive Director. |
|
II. |
Contact details of the Data Protection Officer |
Data Protection Officer, Legal department, Aurubis Bulgaria AD, Industrial zone, 2070Pirdop Tel.:+359 7286 2406 Fax:+ 359 7286 2636 E-mail:p.gadzhev@aurubis.com |
|
III. |
Collection and processing of personal data of truck drivers who enter in Aurubis Bulgaria |
1. 2. 3. |
For truck drivers,the company collects and process the following data:
Video Surveillance– on the territory of the company are located cameras for 24-hour video surveillance designed for security and operational purposes; on the entrances of the company are located cameras for 24-hour body temperature measurement that aim is to prevent epidemic/ pandemic disease spreading. Photos - on the territory of the company, truck drivers are shot for proving violations. The processing of personal data in p. III (1-3) is necessary for the following purposes:
Personal data entered into the access control system is processed and kept for up to 3 years. Video records are processed and stored for up to 2 months of creation in compliance with the Private Security Services Legislation. The video records of sites under the Waste Management Act are processed for up to 1 year. Photos of truck drivers are processed for a period of 5 years from committing a violation, unless they have become necessary within that period to establish, exercise or protect of any legal claims or administrative proceedings against Aurubis Bulgaria AD. In this case they will be stored until the end of the relevant legal procedure. Personal data which is processed in case of work accidents, is stored for up to 5 years after the event. Video records and indicators of body temperature measurements are processed for up to 2 weeks. Truck driversprovidetheirpersonaldatato theCompany on a voluntary basis. Iftheydo not providetheirpersonaldata, the company will not be able to allowthemto carry out loading and unloading activities because it will not be able to fulfill its legitimate interests and/ or legal obligations. |
The grounds for processing thepersonaldata under p.III (1-3) are based on Regulation (EU) 2016/679 as follows: Article 6 (1) (b) of Regulation (EU) 2016/67 and Article 6 (1)(c) of Regulation (EU) 2016/679 and/orArticle 6 (1) (f) of Regulation (EU) 2016/679and Article 6 (1) (d) of Regulation (EU) 2016/679, in relation withArticle9 (2)(h) of Regulation (EU) 2016/679andArticle9 (2)(i) of Regulation (EU) 2016/679. |
|
IV. |
Collection andprocessing ofPersonalData inothercases |
1. |
In cases when other companies in the Aurubis Group provide us with the above mentioned data for the above mentioned purposes. |
V. |
Provision of personal data to third parties |
Aurubis Bulgaria AD usesservice providers, whoprocess and store personal data ("Personal DataProcessors" pursuant to Article 28 of Regulation (EC) 2016/679). In particular, this is applicable to the security companyand other services. These processors work onlyon contractual basiswith Aurubis Bulgaria AD and store and process personal data according to the company's instructions. In case You contact Aurubis Bulgaria AD on a matter that concerns and/ or is of the competence of another Aurubis Groupcompany, we will provide your information to this company. If you have entered the premises of the company and subsequently informed us that you have been infected in order to prevent the spread of a pandemic / epidemic disease, this information shall be disclosed to employees of Aurubis Bulgaria AD and employees of contractors who have been in contact with you and respectively may have been infected. Out of these threecircumstances, data will only be provided in individual cases and in a volume that is in accordance with a specific legal obligation of Aurubis Bulgaria AD, as well asin cases where Yousubmittedconsent to provide your data. |
|
VI. |
Truck drivers rights as Data Subject |
1) For exercising the right of freedom of expression and information; 2) For compliance with a legal obligation; 3) For reasons of public interest; 4) For the establishment, exercise or defense of legal claims (Art. 17 of Regulation (EU) 2016/ 679).
When exercising the right to receive personal data or to transfer it to another Controller, more than once within 24 months, Aurubis Bulgaria AD reserves the right, according to Ch. III, Art. 12 par. 5 (a) of Regulation (EU) 2016/679, to require payment of administrative costs of BGN 20 per set of paper copy and BGN 20 per electronic carrier. In order to exercisehisrights under the abovepoints,the truck driver/ data subject mustcontact the Data Protection Officer designated by Aurubis Bulgaria AD: Address: 2070. Pirdop, Industrial zone, Tel : + 359 888 690 430 E-mail: p.gadzhev@aurubis.com The truck driver/ Data subject hasthe right, under Article 77 of Regulation (EC) 2016/679, tolodgea complainttothe Commission for Personal Data Protection (CPDP)bythe ways described in the Commission's website. The contact details of CPDP are: Address:1592 Sofia,Prof. Tsvetan Lazarov Blvd. 2 Fax:02 9153525 E-mail:kzld@cpdp.bg Aurubis Bulgaria AD will cooperatetoCPDP in the handling of such complaints and will comply with all recommendationsand/ or instructions issued by the supervisory authority. The truck driver/ Data subjecthas the right tolodgea complaint at Aurubis Group Headquarters by sending an email todataprotection@aurubis.com. |
|
VII. |
Right to object |
Ifthepersonal data is processed on the basis of a legitimate interest of the company pursuant to Article 6 (1) (f) of Regulation (EC) 2016/67,the truck driver/ data subjecthasthe right to objectthe processing ofthese第二十一条(1)下数据监管(EC) 2016 /679. In this case, the company willnotcontinue the processing ofthepersonal data,unless there are convincing legal grounds for the processing that take precedence overtheinterestsof the data subject,hisrights and freedoms or are necessary for the establishmentand/or thedefenseof legalclaims. Ifthe truck driver/ data subjectwantstousetherighttoobject, it is enough to send an email top.gadzhev@aurubis.com |
I. |
Controller |
For the processing of your personal data, the controller isAurubis Bulgaria AD, a joint stock company, registered in the Company Register with the Registry Agency under uniform ID code 832046871, having its registered seat and management address in: Aurubis Bulgaria Industrial Zone 2070 Pirdop Bulgaria Aurubis Bulgaria is represented by Tim Kurth – Executive Director. |
|
II. |
Contact details of the Data Protection Officer |
Data Protection Officer, Legal Department, Aurubis Bulgaria AD, Industrial Zone, 2070 Pirdop Phone: +359 7286 2406 Fax: +359 7286 2636 E-mail:p.gadzhev@aurubis.com |
|
III. |
Collection and processing of personal data ofshareholders in Aurubis Bulgaria AD |
1. 2. 3. |
当发出一个访问卡,securi的一部分ty and safety measures, review and transfer of the personal data from the identity documentis performed, via reader, into the access control system, or the personal data is entered manually into the system. We collect and process the following data:
Video Surveillance– on the territory of the company are located cameras for 24-hour video surveillance designed for security and operational purposes; on the entrances of the company are located cameras for 24-hour body temperature measurement that aim is to prevent epidemic/ pandemic disease spreading. Other personal data:
The processing of personal data in p. III (1-3) is necessary for the following purposes:
Personal data entered into the KIOSK system for initial Health & Safety instruction, for visitors (e.g. Names, ID date of expiry, photo,№and date of instruction) – is stored for up to 5 years according to Art. 9, para. (2) of Ordinance No. RD-07-2 of December 16, 2009 on the conditions for conducting periodic briefing of employees and the rules for ensuring healthy and safe working conditions. Personal data entered into the access control system is processed and kept for up to 3 years. Video records are processed and stored for up to 2 months of creation in compliance with the Private Security Services Legislation. The video records of sites under the Waste Management Act are processed for up to 1 year. All other personal data will bestoredfor a period of10 years after payment of dividends. Video records and indicators of body temperature measurements are processed for up to 2 weeks. Shareholdersprovidetheirpersonaldatato theCompany on a voluntary basis. Iftheydo not providetheirpersonaldata, the company will not be able tofulfill its legitimate purposes and/ or legal obligations. The grounds for processing thepersonaldata under p.III are based on Regulation (EU) 2016/679 as follows: Article 6 (1) (b) of Regulation (EU) 2016/67 and Article 6 (1)(c) of Regulation (EU) 2016/679 and/orArticle 6 (1) (f) of Regulation (EU) 2016/679and Article 6 (1) (d) of Regulation (EU) 2016/679, in relation withArticle9 (2)(i) of Regulation (EU) 2016/679. |
V. |
Provision of personal data to third parties |
Aurubis Bulgaria AD usesservice providers, whoprocess and store personal data ("Personal DataProcessors" pursuant to Article 28 of Regulation (EC) 2016/679). In particular, this is applicable to the security company, legal advisers and other services. These processors work onlyon contractual basiswith Aurubis Bulgaria AD and store and process personal data according to the company's instructions. If you contact Aurubis Bulgaria regarding issues that concern a company affiliated with Aurubis Bulgaria, in individual cases we will provide this affiliated company with your personal data. If you have entered the premises of the company and subsequently informed us that you have been infected in order to prevent the spread of a pandemic/ epidemic disease, this information shall be disclosed to employees of Aurubis Bulgaria AD and employees of contractors who have been in contact with you and respectively may have been infected. Out of thesethreecircumstances, data will only be provided in individual cases and in a volume that is in accordance with a specific legal obligation of Aurubis Bulgaria AD, as well asin cases where Yousubmittedconsent to provide your data. |
|
VI. |
Shareholders rights as Data Subject |
1) For exercising the right of freedom of expression and information; 2) For compliance with a legal obligation; 3) For reasons of public interest; 4) For the establishment, exercise or defense of legal claims (Art. 17 of Regulation (EU) 2016/ 679).
When exercising the right to receive personal data or to transfer it to another Controller, more than once within 24 months, Aurubis Bulgaria AD reserves the right, according to Ch. III, Art. 12 par. 5 (a) of Regulation (EU) 2016/679, to require payment of administrative costs of BGN 20 per set of paper copy and BGN 20 per electronic carrier. In order to exercisehisrights under the abovepoints,the shareholder/ data subject mustcontact the Data Protection Officer designated by Aurubis Bulgaria AD: Address: 2070. Pirdop, Industrial zone, Tel : + 359 888 690 430 E-mail:p.gadzhev@aurubis.com The shareholder/ data subject hasthe right, under Article 77 of Regulation (EC) 2016/679, tolodgea complainttothe Commission for Personal Data Protection (CPDP)bythe ways described in the Commission's website. The contact details of CPDP are: Address:1592 Sofia,Prof. Tsvetan Lazarov Blvd. 2 Fax:02 9153525 E-mail:kzld@cpdp.bg Aurubis Bulgaria AD will cooperatetoCPDP in the handling of such complaints and will comply with all recommendationsand/ or instructions issued by the supervisory authority. The shareholder/ data subjecthas the right tolodgea complaint at Aurubis Group Headquarters by sending an email todataprotection@aurubis.com. |
|
VII. |
Right to object |
Ifthepersonal data is processed on the basis of a legitimate interest of the company pursuant to Article 6 (1) (f) of Regulation (EC) 2016/67,the shareholder/ data subjecthasthe right to objectthe processing ofthese第二十一条(1)下数据监管(EC) 2016 /679. In this case, the company willnotcontinue the processing ofthepersonal data,unless there are convincing legal grounds for the processing that take precedence overtheinterestsof the data subject,hisrights and freedoms or are necessary for the establishmentand/or thedefenseof legalclaims. Ifthe shareholder/ data subjectwantstousetherighttoobject, it is enough to send an email top.gadzhev@aurubis.com |
I. |
Controller |
For the processing of your personal data, the controller isAurubis Bulgaria AD, a joint stock company, registered in the Company Register with the Registry Agency under uniform ID code 832046871, having its registered seat and management address in: Aurubis Bulgaria Industrial Zone 2070 Pirdop Bulgaria Aurubis Bulgaria is represented by Tim Kurth – Executive Director. |
|
II. |
Contact information for the Data Protection Officer |
Data Protection Officer, Legal department, Aurubis Bulgaria AD, Industrial zone, 2070Pirdop Tel.:+359 7286 2406 Fax:+ 359 7286 2636 E-mail:p.gadzhev@aurubis.com |
|
III. |
Collection and processing of personal data for visitors in Aurubis Bulgaria |
1. 2. 3. |
当发出一个访问卡,securi的一部分ty and safety measures, review and transfer of the personal data from the identity documentis performed, via reader, into the access control system and into the KIOSK system for initial Health & Safety instruction. The personal data might be entered manually into the system. We collect and process the following data:
When visiting Aurubis Bulgaria as a public official and identifying with an official card, as part of the security and safety measures, personal data is entered manually into the access control system. We collect and process the following data: • Name; • No of the pass; • Public institution, issuing the pass; • Registration plate No of the vehicle (only in case access with vehicle in needed). In the KIOSK system for initial Health & Safety induction is performed transfer of the following additional personal data from the identity document, via reader: • Photo; • Expiration date of the identity document. Video Surveillance– on the territory of the company are located cameras for 24-hour video surveillance designed for security and operational purposes; on the entrances of the company are located cameras for 24-hour body temperature measurement that aim is to prevent epidemic/ pandemic disease spreading. The processing of personal data in p. III (1-3) is necessary for the following purposes:
Personal data entered into the KIOSK system for initial Health & Safety instruction, (e.g. Names, ID date of expiry, photo,№and date of instruction) – is stored for up to 5 years according to Ordinance No. RD-07-2 of December 16, 2009 on the conditions for conducting periodic briefing of employees and the rules for ensuring healthy and safe working conditions. Personal data entered into the access control system is processed andstoredfor up to 3 years. Video records are processed and stored for up to 2 months of creation in compliance with the Private Security services Legislation. The video records of sites under the Waste Management Act are processed for up to 1 year. Video records and indicators of body temperature measurements are processed for up to 2 weeks. The grounds for processing thepersonaldata under p.III are based on Regulation (EU) 2016/679 as follows: Article 6 (1) (b) of Regulation (EU) 2016/67 and Article 6 (1)(c) of Regulation (EU) 2016/679 and/orArticle 6 (1) (f) of Regulation (EU) 2016/679and Article 6 (1) (d) of Regulation (EU) 2016/679, in relation withArticle9 (2)(h) of Regulation (EU) 2016/679andArticle9 (2)(i) of Regulation (EU) 2016/679. |
IV. |
Collection and processing of personal data in other cases |
In other cases,different than the mention in p. III, personal data is collected and processed only ifprovided voluntarily,as follows: |
|
1. |
If data subject contacts us directly, especially electronically, e.g., via e-mail, via our website or by telephone, to order a publication or place a request. In this case, we store and process the following data to the extent that has been provided:
The processing of the above mentioned personal data serves for the following purposes:
The basis for the storage and processing is Article 6 Paragraph 1(b) GDPR (General Data Protection Regulation) if You contact us in order to enter into a contractual and pre-contractual legal relationship; otherwise, Article 6 Paragraph 1(a) GDPR (General Data Protection Regulation). |
2. |
If data subject is communicating with us while acting in a professional capacity for one of our business partners, we store and process professionally used contact data, as follows:
The processing of the above mentioned personal data serves for the following purposes:
The grounds for processing this personaldata are based on Regulation (EU) 2016/679as follows: 1) Article 6 Paragraph 1(b) GDPR (General Data Protection Regulation) and Article 6 Paragraph 1(f) GDPR (General Data Protection Regulation) in order to maintain and conduct the business relationship for the length of the business relationship or until the Aurubis Bulgaria business partner communicates that You are no longer employed by them; 2) In cases when we are obligated to store the data for a longer period of time pursuant to Article 6 Paragraph 1 Sentence 1(c) GDPR (General Data Protection Regulation) due to storage and documentation obligations according to legal tax, commercial regulations and other applicable regulations; 3) In cases when You have submitted consent to a longer storage period pursuant to Article 6 Paragraph 1 Sentence 1(a) GDPR (General Data Protection Regulation). |
3. |
If Aurubis Group companies provide personal data of the type described above to us as allowed for the purposes mentioned above, especially for cases in which You have contacted an affiliated company of ours with an issue that relates to us and not that affiliated company. |
V. |
Provision of personal data to third parties |
Aurubis Bulgaria AD usesservice providers, whoprocess and store personal data ("Personal DataProcessors" pursuant to Article 28 of Regulation (EC) 2016/679). In particular, this is applicable to the security companyand companies that provide and maintain hosting services and servers. These processors work onlyon contractual basiswith Aurubis Bulgaria AD and store and process personal data according to the company's instructions. If you contact Aurubis Bulgaria regarding issues that concern a company affiliated with Aurubis Bulgaria, in individual cases we will provide this affiliated company with your personal data. If you have entered the premises of the company and subsequently informed us that you have been infected in order to prevent the spread of a pandemic / epidemic disease, this information shall be disclosed to employees of Aurubis Bulgaria AD and employees of contractors who have been in contact with you and respectively may have been infected. Out of thesethreecircumstances, data will only be provided in individual cases and in a volume that is in accordance with a specific legal obligation of Aurubis Bulgaria AD, as well asin cases where Yousubmittedconsent to provide your data. |
|
VI. |
Your rights as Data Subject |
1) For exercising the right of freedom of expression and information; 2) For compliance with a legal obligation; 3) For reasons of public interest; 4) For the establishment, exercise or defense of legal claims (Art. 17 of Regulation (EU) 2016/ 679).
When exercising the right to receive personal data or to transfer it to another Controller, more than once within 24 months, Aurubis Bulgaria AD reserves the right, according to Ch. III, Art. 12 par. 5 (a) of Regulation (EU) 2016/679, to require payment of administrative costs of BGN 20 per set of paper copy and BGN 20 per electronic carrier. In order to exercisehisrights under the abovepoints,the visitor/ data subject mustcontact the Data Protection Officer designated by Aurubis Bulgaria AD: Address: 2070. Pirdop, Industrial zone, Tel : + 359 888 690 430 E-mail:p.gadzhev@aurubis.com The visitor/ data subject hasthe right, under Article 77 of Regulation (EC) 2016/679, tolodgea complainttothe Commission for Personal Data Protection (CPDP)bythe ways described in the Commission's website. The contact details of CPDP are: Address:1592 Sofia,Prof. Tsvetan Lazarov Blvd. 2 Fax:02 9153525 E-mail:kzld@cpdp.bg Aurubis Bulgaria AD will cooperatetoCPDP in the handling of such complaints and will comply with all recommendationsand/ or instructions issued by the supervisory authority. The visitor/ data subjecthas the right tolodgea complaint at Aurubis Group Headquarters by sending an email todataprotection@aurubis.com. |
|
VII. |
Right to object |
Ifthepersonal data is processed on the basis of a legitimate interest of the company pursuant to Article 6 (1) (f) of Regulation (EC) 2016/67,the visitor/ data subjecthasthe right to objectthe processing ofthese第二十一条(1)下数据监管(EC) 2016 /679. In this case, the company willnotcontinue the processing ofthepersonal data,unless there are convincing legal grounds for the processing that take precedence overtheinterestsof the data subject,hisrights and freedoms or are necessary for the establishmentand/or thedefenseof legalclaims. Ifthe visitor/ data subjectwantstousetherighttoobject, it is enough to send an email top.gadzhev@aurubis.com |