With this information, we at KEMSA Ltd. aim to inform you about this:

    • what personal information we collect, 
    • how we use it, 
    • we store and 
    • what are your rights in relation to the personal information provided. 

We want you to know that any information you provide will only be used for the products and services we provide and only in accordance with this Privacy Policy. We assure you that the personal information you provide will be stored and protected, will not be sold, nor will it be subject to third parties for marketing purposes.

All of the information and procedures described below are fully related to European legislation on personal data protection policies based on the General Data Protection Regulation (EU) 2016/679, as well as the national legislation of Bulgaria.

We inform you that in case of disagreement with the policies described below for personal data protection for "KEMSA" Ltd. it would be impossible to provide you with the services of "Car Wash Client" and "Car Wash Control".

 "Personal data" within the meaning of the legislation and in connection with the Privacy Policy created by us constitutes any information specific to you that you provide to us and that relates to your identification.
"Third Party" within the meaning of the legislation and in connection with the Personal Data Protection Policy created by us is any natural or legal person, organization or agency other than the personal data controller, the processor or any person acting on behalf and on behalf of the personal data controller.

WHAT INFORMATION WE COLLECT

We collect information necessary for the purposes of the services provided, which is classified as personal data and not only: 
    • personal names of the user; 
    • user's email address; 
    • mobile phone number; 
    • mobile device identifier; 
    • data from the social networks with which the user has registered;
    • information about crashes, 
    • as well as information related to your use of certain services, which is provided entirely voluntarily by you.

If necessary, we may also collect other information that cannot be classified as personal information.
 
HOW THIS INFORMATION CAN BE USED

Personal data are collected for the purposes of the services and products provided, as well as for compliance with the applicable legislation. We hereby inform you that we may process and disclose personal information to our affiliated third-party service providers for the purposes set out in this Privacy Policy. 

The information you provide can be used for the following purposes:
    • Providing, processing, maintaining, improving and developing our goods and/or services for you, including after-sales service and maintenance of goods and/or services related to our mobile applications. 
    • Communication with you about your device provided by us service or any general queries, as well as updates, support and information about our events and notifications.
    • Analyzing and developing statistical information about the use of our products and/or services in order to improve them.
    • Analyzing and developing statistical information about the use of our products and/or services for marketing purposes of KEMSA Ltd.
    • Storage and maintenance of information in view of legislative obligations.
An example of using your personal information is to create an account in our apps.

COOKIE POLICY

To improve the services provided by us, KEMSA Ltd. uses the cookie technology, which serves to analyze trends, administer applications and site, track user movements around the website and applications. This technology helps us remember information about your visits, which can make it easier for you to visit the site or apps and make it easier for you.
An example of using cookie technology is to remember your preferred language, and the next time you visit, the information you see will be displayed in the preferred language you specify.

WITH WHOM WE SHARE THIS INFORMATION

We state that we do not sell the personal information you provide to us.

For the purposes and needs of the goods and services provided by us, in certain situations, it will be necessary to share the personal information provided by you with third parties providing standardized services. An example is collecting, analyzing, and organizing application crash reports. Such third parties are Firebase – Crashlytics, Firebase – Authentication and Firebase – Cloud Messaging. 

Your personal information, other than those mentioned, will not be shared with third parties unless applicable law so requires.

SECURITY MEASURES

We undertake that your personal information is protected. To prevent unauthorized access, disclosure or other similar risks, we have put in place reasonable physical, electronic and management procedures to protect the information we collect. Our employees do not have access to your personal information unless their direct work so requires. 
The personal information you provide is stored in digital format on secure servers that are in controlled facilities. When selecting our server colocation partners, we do a detailed analysis of their security systems. We classify your data based on importance and sensitivity. We have taken all possible measures to protect the personal information provided. However, the risk that internet usage is not fully protected should be realised.

HOW LONG THE INFORMATION IS STORED	

We store your personal data for the period necessary to provide products and services to you. In general, we store your personal data until you have an account created with us or until you explicitly request their deletion. It is important to know that at any time you may opt out of the use of our services, as well as withdraw the explicit consents provided for the use of your personal data – when consent is the basis for their processing. In these cases, we will cease to use your data as well as provide our services to you as far as possible.
In certain cases, even if the use of your personal data has ceased as a result of the deletion of the account or as a result of the explicit withdrawal of consents provided by you, we may retain an archive of your personal data, to the extent necessary to protect our rights and legitimate interests, for a period up to the expiry of limitation periods,  provided for in the applicable legislation. 

YOUR CONTROL OVER YOUR PERSONAL DATA

In view of national and European legislation (GDPR, known as the GDPR), we inform you that you have the possibility to control the personal information you provide. This control shall consist of:
    • Your right to information about your personal data and the parameters related to their processing.
    • Right of access and rectification. You have the option to access your personal data and request their correction once we are satisfied with your identity.
    • Right to excrement (right to be forgotten). In view of the opportunity provided by national and European legislation, you have the right to request the erasure of your personal data. We will consider the grounds for your request for erasure and take reasonable steps, including technical measures, if the grounds correspond to the GDPR. We are obliged to inform you that the possible removal of your personal data from our system will hinder our mutual work, which is why we will be unable to continue to provide services to you.
    • Right to restriction of the processing of personal data. In view of the possibility afforded by national and European legislation, you have the right to request a restriction on the processing of your personal data. We will consider the grounds for your request for restriction, after which we will inform you promptly of the consequences and take all necessary actions on your request if the grounds correspond to the GDPR.
    • Right to receive information about any rectification, erasure or restriction of processing carried out by our controller in relation to your data.
    • Right to receive a copy of your personal data.  You have the opportunity to request to us to receive a copy of your personal data stored by us, after an explicit request and subject to the cumulative requirements of the GDPR for this.
    • The GDPR provides for the possibility for users whose personal data is subject to collection to request the revocation of automatic decision-making and profiling. We inform you that we do not apply these methods when processing your personal data and, if circumstances change, you will be explicitly and promptly informed.

In view of European legislation and applicable national law, we inform you that you have the right to object. The competent authority, according to the Bulgarian legislation, is the Commission for Personal Data Protection, with address: Sofia, 1592 Blvd. "Prof. Dr.Sc.(Econ. 2 Tsvetan Lazarov Str., tel. +359 2 91 53 518, el. mail: kzld@cpdp.bg, website: www.cpdp.bg 

In case you have any questions, please feel free to contact us at the following addresses:
Stara Zagora, 42 Kazanski quarter, 6th floor, apt. 38, Bulgaria,
phone +359 895 522 269


Personal Data Controller: 
Nina Diamandieva Georgieva
address: Stara Zagora, 42 Kazanski quarter, 6th floor, apt. 38, Bulgaria

Tel: +359 877 710 359; : +359 884 486 103
e-mail: chemsa@abv.bg

This privacy policy enters into force as of 15.03.2022.

We inform you that any amendment to the personal data protection policy will be explicitly informed at the e-mail address you specify.

Thank you for taking the time to familiarize yourself with our privacy policy.