ПОЛИТИКА ЗА ЛИЧНИ ДАННИ НА РАКС.БГ (PRIVACY POLICY)

Subject: This Privacy Policy ( “Policy”) describes how we process personal data with respect to use of our website www.rax.bg (“Website”), as well as with respect to the products and services provided by us on the Website, including hosting, cloud services, dedicated and virtual servers, etc. Please, read this Policy carefully so that you understand how we collect and use your personal data. Terms of Service of the Website: Please, refer and review our Terms of Service, Basic Agreement and related legal documents available at www.rax.bg with respect to the how you may order services and enter into agreement with us.

Terms of Service of the Website:: Please, refer and review our Terms of Service, Basic Agreement and related legal documents available at www.rax.bg with respect to the how you may order services and enter into agreement with us.

Definitions: The terms “personal data”, “processing”, “controller”, “processor”, “third country”, “international organization”, “data subject”, “representative” and “member state” (as well as their derivatives) when used in this Policy shall have their meaning in accordance with the General Data Protection Regulation (EC) 2016/679 ("GDPR").

1. DATA CONTROLLER, CONTACT DETAILS AND DATA PROTECTION OFFICER

1.1. The data controller in our relations under this Policy shall be RAX.BG EOOD, a company registered in Republic of Bulgaria with company number (EIK) 175142210, having its registered office at № 18 “Atanas Uzunov” street, 1505 Sofia, Bulgaria ("RAX.BG", "us", "we", "our"). If you have any questions about this Privacy Policy you may contact us by mail on our registered office address, by email at privacy (at) rax.bg or by phone call at + 359 (0)700 45 888 (in working days from 09:00 to 18:00 local time).

1.2. The designated data protection officer of RAX.BG is announced in the Bulgarian Commission for Personal Data Protection and has the following contact details: RAX.BG, № 5 “G.M. Dimitrov” street, office 5, 4000 Plovdiv, Bulgaria, email: privacy (at) rax.bg, phone number +359 700 45 888.

2. PERSONAL DATA WE COLLECT AND USE

2.1. RAX.BG may process the following types of personal data:
- data you provide us in the registration of your Website profile, such as name, surname, email, password, phone number, address;
- data you provide us in your orders and during the conclusion and performance of a contract, such as name, surname, email, phone number, invoice details. The history of your orders, services used and contracts in the event of registered Website profiles. Payment details, such as bank information, bank account, used debit / credit card, method of payment, card holder, etc.;
- data you provide us in your contacts and communication with us through any means on specific issues, orders, complaints, returns, questions, including by phone, mail, Website forms, email, in the social networks (for instance in Facebook) or otherwise and such as name, surname, email, phone number, social network profile, photos, address, etc. In some cases, and after a warning, we may also take a sound recordings of your phone conversations with us. When you contact us in social media, such as Facebook, our profiles may be public and your interaction or posting may appear to be public. Please note that we do not control and assume responsibility for the use of your social media profile and account.
- information about your device and online identifications including IP address, device used, operating system, browser type, location and cookies data (you may review our Cookies Policy for further details).

2.2. Usually we receive personal data directly by you. Anyway in certain cases we may receive data for you from third parties, such as for instance by a bank institution for executed payments, from your relatives in some cases of gifts, from public registers.

2.3. In certain cases provision of your personal data shall be necessary for the contract and its performance (for instance for conclusion of a contract for our services, for making payments under contracts, etc.). In such cases, if you do not provide the necessary data, you will not be able to receive respective services/result or the services may not be properly performed. For instance you will not be able to create an account in our Website that will give you the ability to use and manage ordered services if you do not provide us with a valid email address.

2.4. Your responsibilities:
- when you submit to us any data or materials, including personal information, you represent and warrant that they are true and accurate, you have the authority to do so and permit us to process such data as set out in this Policy and this will not violate any rights of third parties, including the right to privacy, the right to freedom, copyrights, related rights, intellectual property rights, etc.
- Password: Do not share your password with anyone and keep your account secure. At any time you may change your password by following the instructions on the Website or by contacting us.
- Third-party websites and external links: the Website may contain ads or links to other sites or services managed by persons other than us, such as for instance Facebook. This Policy does not address and we are not responsible for the processing of your personal data by such third parties. We encourage you, if you choose to visit or use any of these third-party websites or services, to review their privacy policies that may be different from our Policy;
- When you provide us personal data or get in touch with us you represent and warrant that you are at least 18 years old. Our services and processes are not intended to persons below that age and we do not intentionally collect and process data of younger persons.

3. PURPOSES OF PROCESSING (HOW WE USE YOUR DATA)

3.1. The main purpose of collecting and processing your personal data is to enter into and to perform a service agreement between us (such as to identify you, including through online profile, invoicing, payment, delivery, communication, exercise of rights and obligations under the contract; etc.).

3.2. We may also process your personal data for the following other specific purposes:
- to communicate with you and to provide you requested information with respect to our Website, how it can be used, our goods and services;
- to send administrative information to you, for example, information regarding our rules and changes to our Terms and Policies;
- to send you newsletters, marketing or promotional materials and other notices by mail, email, SMS, pop-up messages or phone. These are messages or materials for marketing purposes in order to advertise you our products or services, current or upcoming promotions and campaigns and we will always and at any time give you the opportunity to object receiving such messages in free and easy manner. We will also process your objections and withdrawals;
- to comply with or fulfill obligations arising from law, regulations, act of the authorities or of the court, such as for the purposes of accounting, control, reporting, auditing and tax purposes;
to exercise our rights or protect yours, ours, third parties or public legitimate interests, such as investigation and prevention of theft, crime, fraud, misuse of services or of the Website and other offenses, to exercise rights under contracts in which we are a party, etc.;
- for statistics and analysis and for the purpose to improve our products, services, procedures and policies, our Website and its functionality (including information collected from your web browser or application, such as your IP address, operating system, browser type, visit details, location and more);

- in the evets of special promotional campaigns with prizes, in which cases there may be additional special rules for data processing.

4. LEGAL BASIS FOR PROCESSING YOUR DATA

4.1. For orders, sale and use of our services, as well for their performance, the processing of your data is necessary for the conclusion and performance of a contract to which you are a party.

4.2. For other purposes and in given cases we may also process your personal data on other legal basis, such as:
- you have given your consent for the processing – when you have subscribed to our newsletter and to receive marketing materials by us;
- the processing may be necessary for compliance with our legal obligation – for instance for accounting and control, for tax purposes and others;
- the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, such as: in certain cases of marketing to our clients; in case of gift orders for your relatives; for investigation and prevention of theft, crime, fraud, misuse of services or of the Website; to improve and modify our products, services, procedures and policies, our Website ant its functionality.

5. RECIPIENTS OF PERSONAL DATA

Your personal data may be disclosed to the following categories of recipients:
- to our vendors and service providers such as: to the courier and warehouse companies for the purposes of performance of our contract with you; to our accounting and legal services providers;
- to companies from which we have licensed special software products such as accounting, communication or other software; to companies that provide us services and technical support in relation to the Website and to the communications, as well as to other similar service providers;
- to payment service providers for the purpose of identifying and processing payments;
- to persons to whom we are required to disclose data in accordance with applicable laws, act of the authorities or of the court, or in court proceedings, or in connection with an investigation of illegal activity, or suspected illegal activity, or at the lawful request of state, governmental or regulatory authorities;
- to third parties, when we have a good-faith belief that this is necessary to prevent death or harm or financial loss, or in connection with an investigation of actual or suspected theft, crime, fraud, misuse of services or of the Website, or other illegal activity, including violation of our or third party rights, such as for instance copyrights, intellectual property rights or privacy rights;
- to affiliate companies for the purposes under this Policy;
- to third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or part of our business;
- publicly - when you contact us in social media such as Facebok, our profiles may be public and your interaction or posting may be public. This also depends on your account settings, and we do not control and take responsibility for the use of your account.

6. TRANSFER OF DATA TO THIRD COUNTRIES

6.1. In certain events for the purposes of provision of our services as detailed in this Policy we may transfer personal data to third countries outside the European Union, that may have different data protection laws. In such cases we will transfer your personal data to third country only on the basis of: (a) an European Commission decision on an adequate level of protection for that third country (art. 46 of the GDPR), including based on the Privacy Shield framework or other similar approved mechanism; or (b) appropriate safeguards as provided under art. 46 of the GDPR, including by utilizing the Standard Contractual Clauses in accordance with the Annex to the Decision of the European Commission of 05 February 2010 (available at the date of update of this Policy here: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32010D0087) as amended or exchanged over time by the European Commission or other appropriate safeguards, including subject to specific permission of a competent supervisory authority; or (c) binding corporate rules approved by the supervisory authority (art. 47 of the GDPR).

6.2. In other cases, we may rely on and request your consent in order to make such transfer to third countries, in which case we will inform you in details about the transfer and the technical and organizational measures taken for the protection of personal data.

7. YOUR RIGHTS

7.1. Right to withdraw your consent. When we process personal data based on your consent (some cases of direct marketing), you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on your consent before its withdrawal. You may exercise that right without additional costs to you by one of the following:
- at any time by sending us email to privacy@rax.bg with clear statement that you withdraw you consent;

- by phone call to phone number 0700 45 888 during standard local working time (from 09:00 to 18:00 in working days);

- by post a mail to our registered office;

- by using the contact form on our Website.

In the event that you withdraw your consent for the processing of personal data we will, without undue delay and to the extent provided under applicable laws, erase the relevant data from our systems.

7.2. Right to access - at any time you may request information about the personal data we have for you and the purposes of processing. In some cases, this will only be the personal data you have recorded in your profile.

7.3. Right to rectification - you have the right to ask to rectify your data if they are inaccurate. If you have profile in our Website you may edit your personal data also from there.

7.4. Right to erasure - "the right to be forgotten". You should keep in mind that this is not an absolute right and applies in accordance with applicable laws. For example, you have the right to request the deletion of your personal data if it is no longer necessary for the purposes for which it was collected or otherwise processed, but only if there is no legal obligation upon us that requires further processing (e.g. some of your data to be further processed for accounting, control or compliance purposes as provided under the respective legislation). In any case, we will respect any lawful and legitimate request for erasure of your data.

7.5. Right to restriction of processing – as provided under the applicable laws.

7.6. Right to data portability – in certain cases as provided under the laws you may request by to transfer to you or to a third party a copy of your data in a structured, commonly used and machine-readable forma (this right is only applicable to data provided directly by you and processed by automated means where our processing of your data is based on your consent or on a contract with you).

7.7. Right to object. In particular the right to object includes that you may object at any time to processing of your personal data is that processing is based on:
- the performance of a task carried out in the public interest or in the exercise of official authority vested to us; or pursuing our or third party's legitimate interests;

- In these cases we will cease the processing unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims; or
- the purposes of direct marketing - you may object at any time by following the instructions in the relevant marketing material or by sending us a email to privacy (at) rax.bg.

7.8. 7.8. In the event that you are established in the European Union you also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of the EU of your habitual residence, place of work or place of the alleged infringement. For Bulgaria, the supervisory authority is the Commission for Personal Data Protection, having its website at www.cpdp.bg.

7.9. You may exercise your rights mentioned above in accordance with the applicable law and in particular as provided under the GDPR. In order to exercise your rights you may contact us at any time by sending us an email to privacy (at) rax.bg. We may need to verify your identity or to contact you with respect to your request.

8. STORAGE PERIOD

8.1. We will retain your personal information for as long as necessary for the respective purposes of the processing and to comply with our obligations under applicable laws.

8.2. In particular we may retain personal data:
- data for the purposes of concluding and executing a contract - generally for 5 years from the date of performance of the contract;

- data for accounting and control purposes - in accordance with the statutory accounting and auditing rules and principles. The data processed with respect to other legal obligations will be retained until the respective obligation cease to apply;
- data for marketing purposes - until you withdraw your consent (if applicable) or until you object to processing, or until you delete your profile;
- we will delete inactive profiles on the Website 2 years after the last active action;
- you may stop communicating with us in social networks at any time and according to the tools of the relevant social network, for example, if you have liked our Facebook page, you may withdraw such like (unlike), and so on.

8.3. Personal data processed for other purposes will be processed and stored as required and in accordance with data protection laws and applicable standards.

8.4. For the avoidance of doubt we may generate and store aggregate statistical reports and materials that do not contain personal data and from which a particular person cannot be individualized. This Policy does not apply to them as they do not contain personal data.

9. AUTOMATED PROCESSING

9.1. In some cases we may use software for automated processing of personal data. This may be the case, for example, when we divide inactive from the active accounts on the Website. We will not take our decisions solely based on such software for automated data processing and we will use also a human factor.

9.2. You may request an explanation if you think a particular result of an automated processing is incorrect. You may also oppose any decision that is of major concern to you and which is taken solely by a computer, software, or other automated process, if any.

10. CHANGES IN THIS PRIVACY POLICY

10.1. We may change this Privacy Policy from time to time and we will publish such updated policies on the Website and we may specifically notify you by email for the changes or in other suitable manner. Where the changes in the Policy affect processing of your data on the basis of your consent we will notify you of the new Policy and request your consent with it.

Basic Agreement" (General Service Agreement)

Terms of Service (TOS)

Acceptable Use of Policy (AUP)

Data Privacy Addendum

OUR BEST WEB HOSTING & CLOUD SERVICE PRACTICES

FAULT-TOLERANT DATA STORAGE

We host your data on a Storage Area Network that has built-in protection and keeps the information safe, under any circumstances.

HIGH AVAILABILITY (HA) CLOUD SERVERS

HA is not a standard service. It minimizes IT services outage, but more 95% of the providers you'd find, don't support it. We do!

FAILOVER COMPUTING & 100% UPTIME

Take advantage from our Failover, 100% Uptime Cloud Servers. They never go down and give you business continuity.

WEB HOSTING & SERVERS ON DEMAND

We provide Web Hosting, Dedicated and Cloud computing servers in any point of the world, wherever you need them.