Privacy Policy

INTWAY Ltd., UIC 204672875, is a private limited liability company, incorporated pursuant to the laws of Republic of Bulgaria, having its seat and registered address at 38 Sv. Pimen Zografski Str., Sofia, 1172, Bulgaria (hereinafter referred to as “the Company”, “we”, “us” and derivatives), e-mail: info@intway.com Tel: +359 87 781 8571

We are committed to protecting the confidentiality and privacy of the information provided to us. As part of this fundamental obligation, the Company ensures the appropriate protection and use of personal information that is collected online.

Overall, our intent is to only collect personal information that online visitors voluntarily provide so that we can offer them information and/or services or to offer them information about job openings. Please read this Privacy Policy to learn more about how we collect, use, exchange and protect the personal data we have received.

I. Collection and use of personal data

1. What personal data we collect

We receive personal data about you if you choose to provide it - for example, when you send an email to an email address or when you register for certain services. In some cases, you may have already provided personal data to the Company (for example, if you are a former employee). If you choose to register or log in to the Company’s website using a third-party single sign-in service or other service provider that confirms your identity and links your social media login details (e.g., LinkedIn, Google or Twitter) to the Company, we will collect data or content that is necessary for the registration or login that you have allowed the social media provider to provide to us, such as your name and email address. Other data that we collect is dependent on the privacy settings you have set up with the social media provider and we therefore ask you to review the Privacy Policy of the relevant service.

By registering and/or providing personal data to the Company, you also agree that the data may be used by the Company in accordance with this Privacy Policy. Your personal data shall not be used for any other purpose except with your express consent or unless required or permitted by law or professional standards. For example, if you send us your curriculum vitae (CV) to apply for a job with the Company, we will use the data you provide to compare it with available job openings with us.

The Company generally only collects personal data that is necessary to process your request. Where additional optional data is requested, you will be notified of this at the time of collection.

Legislation in the Republic of Bulgaria allows us to process personal data if we have legal grounds to do so. By law we must tell you what those grounds are. As a result, when we process your personal data, we will invoke one of the following grounds for processing:

  • Performance of a contract: In this case, the processing of your personal data is necessary for the performance of our obligations under a contract.

  • Legal obligation: In this case, we need to process your personal data to comply with a legal obligation, such as keeping records for tax purposes or providing data to a public or law enforcement authority.

  • Legitimate Interests: We may process data about you where it is in our legitimate interests in carrying out a lawful activity to continue that activity except where your interests prevail.

  • Your Consent: We may in certain cases require your explicit consent to process some of your personal data and we will process your personal data in this way if you consent to us doing so. You may withdraw your consent at any time by contacting the Company by email at info@intway.com

The Company only collects “sensitive” personal data where the individuals concerned voluntarily provide it or where such data is required or permitted to be collected by law or professional standards. ‘Sensitive’ data includes personal data about race, ethnicity, political opinions, trade union membership, religious or similar beliefs, physical and mental health, sex life or criminal record. Please use your discretion when providing “sensitive” data to the Company, and under no circumstances provide “sensitive” data to the Company unless by doing so you also consent to the Company using the data for legitimate business purposes and the data being transferred to and stored in the Company’s databases. If you have any questions about whether providing “sensitive” data to the Company is or may be necessary or appropriate for certain purposes, please contact us at info@intway.com.

3. Automatic collection of personal data

In certain cases, the Company and its service providers use cookies and web beacons and other technologies to automatically collect certain types of data when you visit us online and through the emails we exchange. The collection of this data enables us to tailor the Site to you, to improve the performance, usability and effectiveness of the Company’s online presence, and to measure the effectiveness of our marketing initiatives.

An IP address is a number that is given to your computer every time you log on to the internet. It allows computers and servers to recognize each other and to exchange data. IP addresses that are displayed to users may be recorded for information technology security and for systems diagnostic purposes. This data may also be used in aggregate form to conduct trend analyses of sites and their performance.

3.1. Cookies

Detailed information about the cookies we use is contained in our Cookie Policy, which includes a description of what cookies are, what cookies we use and how to restrict and/or disable them.

3.2.Google analytics

The Company may use Google Analytics. More information on what Google Analytics is can be found here: http://www.google.com/analytics/learn/privacy.html

In order to provide website visitors with more choice about how their Google Analytics data is collected, Google has developed the Google Analytics Opt-out Browser Add-on. This add-on connects to Google Analytics JavaScript (ga.js) to indicate that website visit data should not be sent to Google Analytics. The add-on does not stop the data from being sent to the website itself or to other web analytics services

3.3.Web beacons

A web beacon is a small file on a website that can be used to collect certain data from your computer, such as IP address, at what time the content was viewed, browser type and the presence of cookies already registered by the same server. The Company may only use web beaconsin accordance with applicable law.

The Company or service providers engaged by the Company may use web beacons to track the performance of third-party websites or other service providers that provide recruiting or marketing services to us, or to collect aggregate traffic statistics, and to manage cookies.

You have the option to disable certain web beacons by declining the cookies associated with them. A web bookmark may anonymously log a visit from your IP address; however, no cookie data is recorded.

In some of our newsletters and other forms of communication, we may track recipient actions such as number of emails opened through links embedded in the messages. We collect such information to measure user interest and improve the website.

3.4.Location-based tools

The Company’s website may include functionality that enables sharing through third party social media applications such as Facebook’s Like button and Twitter widget. These social media applications may collect and use data about how you use the Company’s websites (see more about social sharing cookies above). Personal information you provide through such social media applications may be collected and used by other members of the given social media application, and such actions are provided for in the privacy policies of the companies that provide the relevant application. We have no control over and are not responsible for those companies or how they use your data.

In addition, there may be blogs, forums, crowdsourcing or other applications or services (collectively, “social media elements”) on the Company’s websites. The purpose of Social Media Elements is to facilitate the sharing of knowledge and content. Personal information that you have provided to a Social Media Element of the Company may be shared with other users of that Social Media Element (unless otherwise indicated when the data was collected) over whom we may have limited or no control.

3.5.Children

The Company understands the importance of protecting the privacy of children, especially in an online environment. In particular, our websites are not specifically designed for or targeted at children under the age of 16. It is our policy never to knowingly collect or store data about anyone under the age of 16 except as part of a commitment to provide professional services. If we become aware that a person under 16 has provided us with personal data, we will delete it immediately.

II. Sharing and transfer of personal data

1. Transfer to third parties

We do not share personal data with unaffiliated third parties or other service providers except as necessary for our legitimate professional and business needs, to fulfil your requests and/or as required or permitted by law or professional standards. This includes:

  • Our service providers: the Company works with reputable partners, service providers or agencies who may process your personal data on our behalf. The Company will only transfer personal data to them if they comply with our strict data processing and security standards. We only share personal data that enables them to provide their services.

  • If we are converted or sold to another organisation: the Company may disclose personal data in connection with the sale, transfer or other transfer of the site business to which the data relates.

  • Courts, Arbitration, Law Enforcement or Regulatory Authorities: The Company may disclose personal data to respond to inquiries from courts, tribunals, government or law enforcement authorities or as necessary or appropriate to comply with applicable law, court orders, tribunals or acts of government authorities.

  • Audits: It may be necessary to disclose personal data in privacy and security audits and/or to investigate or respond to a complaint or security threat.

2. Transfer outside the European Economic Area

In addition, the Company may transfer certain personal data outside the European Economic Area (EEA) to external companies and/or government authorities working with us or on our behalf for the purposes described in this Privacy Policy. The Company may also store personal data outside the EEA. If we do so, your personal data will continue to be protected under any contracts we have with those organisations outside the EEA which are in a format approved by the European Commission. By submitting personal data online, visitors consent to this transfer and/or storage of their personal data across borders.

The Company does not transfer the personal data you provide to third parties or other service providers for their direct marketing purposes.

3. Choices

In principle, you are not required to provide personal data to the Company, but we may ask you to provide certain personal data in order to receive further information about our services or events. The Company may ask for your permission to use your personal data in certain ways and you may consent or opt-out of your data being used accordingly. If you choose to take advantage of certain services or forms of communication such as e-newsletters, you will have the option to cancel your registration or subscription at any time by following the instructions included in each communication. If you choose to cancel your subscription to a service or communication, we will endeavour to remove your details promptly and, in some cases, we may need additional information in order to process your request.

As described in “Cookies” above, if you do not want cookies to track what you view on our sites, you can change your browser settings and refuse all cookies or receive information when a cookie is sent. Please note that certain parts of our sites may not work well if you choose to refuse cookies.

4. Your rights

In case you have provided personal data to the Company, you have the following rights:

  • Access and rectification: you have the right to access the data. This is sometimes referred to as a “Subject Access Request”. If we agree that we have a duty to provide you with personal data, we will provide it to you free of charge. Before we provide you with personal data, we may ask for proof of identity and enough information about your relationship with us so that we can locate your personal data. If the data we hold about you is inaccurate, you may contact us to request that we correct any inaccuracies in your personal data.

  • Objection to processing: you have the right to object to the processing of your personal data if we are no longer allowed to use it, to request the erasure of your personal data if we have kept it for too long, or to restrict processing in certain circumstances.

  • Data portability: you have the right to request the transfer of your personal data to you or to a third party. We will provide your personal data to you or to a third party nominated by you in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information that you originally consented to us using or that we have used to enter into a contract with you.

You have the right to withdraw your consent to the processing of your personal data at any time. This does not affect the lawfulness of the processing we have already carried out on the basis of your prior consent.

You may make a request or exercise these rights by contacting the Company at info@intway.com, and we will make all reasonable and appropriate efforts to comply with your request if it complies with applicable law and professional standards

5. Data Security and Integrity

The Company has reasonable security policies and procedures in place to ensure the protection of personal data against unlawful loss, misuse, alteration or destruction. Despite the Company’s best efforts, complete security against all threats cannot be guaranteed. To the best of our ability, access to your personal information is limited to only those persons who should know about it. Those who have access to the data are required to maintain its confidentiality.

Additionally, we make reasonable efforts to retain personal data only for as long as the data is necessary to respond to an individual’s request or until the individual requests deletion of the data.

6. Technical and organisational security measures for processing

All information we receive about you is stored on secure servers or physical media in secure premises and/or other secure spaces and we have implemented technical and organisational measures that are appropriate and necessary to protect your personal data. The Company continually evaluates the security of its network and the adequacy of its privacy protection system, which is designed to (a) help protect your data from accidental or unlawful loss, access or disclosure; (b) identify reasonably foreseeable security risks to the Company’s network; and (c) minimize security risks, including through risk assessment and regular testing.

Please be aware that the Company’s Web sites may contain links to other sites, including sites maintained by other member companies of the Company’s network, to which this Privacy Policy does not apply and other privacy policies may differ. We encourage users to review the privacy policy for each Web site they visit before providing any personal information.

By registering on a Company web site and then navigating to another Company web site while still logged in, you consent to the use of your personal information in accordance with the privacy policy of the Company web site you are visiting.

8. Amendments to the current policy

The Company may amend this Privacy Policy to reflect our current privacy practices. When changes are made, the “last updated” date at the top of this page will be changed accordingly. We encourage you to check this policy periodically to stay informed about how the Company is protecting your information.

9. Questions regarding the policy and its implementation

The Company is committed to protecting your privacy online. If you have any questions or comments about how we administer your personal data, please contact us at info@intway.com. You may also use this address to forward to us your concerns regarding our compliance with this Privacy Policy. Should you not be satisfied with the reply you receive, you may contact our Privacy Officer at info@intway.com. We will acknowledge receipt of your email within 14 days and endeavor to resolve the matter within 3 months of receipt. We may comply with your request (and in this case apply one of the measures set out in the “Your rights” section) or reject it if there are legitimate grounds for doing so.

In any event, you always have the right to file a complaint with the Personal Data Protection Commission of the Republic of Bulgaria.