CONFIDENTIALITY AND PERSONAL DATA PROTECTION POLICY
OF BULGARIAN TELECOMMUNICATION COMPANY EAD ("VIVACOM")
FOR SAFEBEEP AND WWW.SAFEBEEP.BG USERS

Bulgarian Telecommunication Company EAD ("VIVACOM") seriously takes into consideration the privacy of its customers and guarantees to the maximum extent possible the protection of their personal data processed in the course of and in relation to the provision of the application SafeBeep ("the Application", "the Service") and the usage of www.safebeep.bg (the "website").

This Confidentiality and personal data protection policy of VIVACOM for SafeBeep and www.safebeep.bg users (“Privacy Policy”) is based on the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing of Directive 95/46/EC (“Regulation (EU) 2016/679”).

All amendments and supplements to the Privacy Policy shall be applied only after the publication of its up-to-date content, accessible on our websites www.vivacom.bg and www.safebeep.bg

This Privacy Policy shall apply regarding the processing of personal data of every natural person who is:

- a VIVACOM customer and is registered and using SafeBeep Application by downloading it or through the website www.safebeep.bg;

- a user/visitor of the website www.safebeep.bg.

This Privacy Policy gives information about VIVACOM and its processors’ practices regarding the collection, use, disclosure and protection of information that is collected when using SafeBeep (through the mobile app and/or the website (collectively, our “Service”)), as well as your choice regarding the collection and use of information in the Application.

Capitalized terms that are not defined in this Privacy Policy have the meaning given to them in the application’s Terms and Conditions and in the Confidentiality and Personal Data Protection Policy of Bulgarian Telecommunication Company EAD on and in Connection with the Provision of Electronic Communications Services available at www.vivacom.bg .


1. Who performs the processing and who is responsible for your personal data

Data Controller

Bulgarian Telecommunication Company EAD (“VIVACOM”, “we”), is a commercial company registered in the Commercial Register of the Registration Agency under UIC 831642181, having its registered seat and address: Sofia, Block A, „Hermes Park - Sofia”, 115 I “Tsarigradsko Shosse” blvd., 1784 Sofia, Bulgaria, which collects, processes and stores your personal data under the terms of this Policy.

VIVACOM is registered in the public register of the Communications Regulation Commission as an enterprise providing a wide range of electronic communication services.

VIVACOM is an insurance broker registrated in the Public Register of insurance brokers with the Financial Supervision Commission.

VIVACOM is a controller of personal data within the meaning of Regulation (EU) 2016/679 and the Personal Data Protection Act.

You can contact us at our registered office:
115I, Tsarigradsko Shosse Blvd., 1784 Sofia, Bulgaria
Tel: +3592/9494600; +3592/9494700;
Or by filling in the electronic contact form on our web site: https://www.vivacom.bg/bg/residential/kontakti

For all issues relating to the processing of your personal data, you may also contact the VIVACOM Data Protection Officer at: email: dpo@vivacom.bg; tel. +359 29496079.

“Innovative Applications SA” (“IA”) is a company incorporated under the laws of Greece, with company’s registration (ΓΕΜΗ) No. 132846001000, whose registered office is at 342, Kifissias Av. & 58, Pindou Str. Halandri, Attica, Greece, that is a controller of personal data within the meaning of Regulation (EU) 2016/679 and the Personal Data Protection Act concerning only the information collected automatically through the use of technology, which is described in details in 2.1.d hereunder.


Data Processor

“Innovative Applications SA” (“IA”) is a company incorporated under the laws of Greece, with company’s registration (ΓΕΜΗ) No. 132846001000, whose registered office is at 342, Kifissias Av. & 58, Pindou Str. Halandri, Attica, Greece, that upon a written contract with VIVACOM, process your personal data on behalf of VIVACOM.


2. What data we process, for what purposes and on what legal basis

2.1. Data provided by you, required for the provision of the Service and the performance of VIVACOM and the customer contractual obligations.

a) Registration and Profile Information

When you create a “SafeBeep family” (an account), IA on behalf of VIVACOM shall collect (without ability to confirm them) your personal data as per your statement made upon the registration, namely your first and last name, mobile phone number and an avatar, if you choose to have an avatar associated with your account. Each time you add a family member to your account, the aforementioned data regarding this member is collected as well.

For the ability to use the Application and make use of the Service, IA on behalf of VIVACOM will collect:

- Name and surname
It is not necessary to register your real name but any name you choose will be used as the identifying name of the user between the rest members of the family that you have created within SafeBeep.

- Mobile phone number
Specifically, the mobile phone is mandatory for the following reasons: to login in the Application; in the event you are the creator or Guardian of the family, it should be certified that you are a VIVACOM customer and be charged accordingly by VIVACOM depending on you tariff, thus, we need in any case your mobile phone number. In the event that you are an invited member, then you may insert your mobile phone number purely for login reason; to receive notifications and alerts by the Application through SMS.

- Initial Password
- Home address
- Avatar
if you choose to have an avatar associated with your account.


Modifying Your Account Information and Settings

You may modify your account information, update or amend your personal data or change your password at any time by logging in to your account. If you have any questions about reviewing or modifying your account information, you can contact directly VIVACOM Customer Service Number 123 or +359 87 123 and +35987 8009 123 for international calls to VIVACOM Customer Service Number


b) Geolocation

IA on behalf of VIVACOM collects your location through GPS, WiFi, or wireless network triangulation in order to obtain your location for the purposes of providing the Service. To enable this, it is necessary that you accept that IA manages your GPS during installation (for iOS devices) or when your location services are turned on (for Android devices). IA collects the location of your designated “Home” to provide alerts when your family members arrive and leave. If any family member turns off the location sharing, or the GPS service from his/her smartphone, IA will not share the exact location data; however, while you are logged in to your account, VIVACOM will continue to provide the Service via IA (for example, in case a car accident or a body fall occurs, VIVACOM will provide via IA alert notifications to the Guardian(s) but without precise location information of the possible incidence for iOS devices. On the contrary for Android devices only, VIVACOM via IA will continue to provide location of the possible incident using cellular or WiFi networks around the incident location.


c) Chat messaging and User Content

IA on behalf of VIVACOM collects encrypted information when you chat with another member of your Family through use of the Service. You can control the reception of notifications in SafeBeep by visiting “Settings” within the mobile app. VIVACOM may also send you Service-related SMS (e.g. change or updates to features of the Service, technical and security notices). You may not opt-out of Service-related notifications.


d) Information collected automatically through the use of technology

When you visit SafeBeep website or use the mobile app, certain information may be collected about your computer or device through the use of technology such as cookies, web beacons, log files, or other tracking/recording tools.

The information collected through the use of tracking technologies includes, but is not limited to, IP address, browser information, referring/exit pages and URLs, click stream data and how you interact with links on the website, mobile app, or Service, domain names, landing pages, page views, data collected through cookies that allows to uniquely identify your browser, browsing behavior on SafeBeep site, mobile device type, mobile device IDs or other persistent identifiers, and location data collected from your mobile device.

In case you are a register user of SafeBeep some or all of this data may be combined with other personally identifying information described above. This information is used for the following purposes: to diagnose or fix technology problems reported by SafeBeep Users or engineers that are associated with certain IP addresses or User IDs; to remember information so that you will not have to re-enter it during your visit or the next time you visit the site or the mobile app; to automatically notify users of any updated version of the mobile application.


2.2. In order to fulfill its legal obligations, VIVACOM processes your personal data for the following purposes:

  • Issuing invoices;
  • Carrying tax and social security control by the respective competent authorities;
  • To provide information about a customer and the services used by him/her on inquiry/reguest/verification by a competent authority;
  • Sales of receivables from customers; providing information on a debt to a transferee: contracts, records, monthly bills/invoices;
  • Reports on sold obligations under cession contracts for the purpose of confirming the transfer of receivables.


IA on behalf of VIVACOM also process your data for the following purposes on the basis of its legitimate interest:

  • Monitor the effectiveness of the Service and relevant marketing campaigns;
  • Monitor aggregated metrics such as total number of visitors, users, traffic, and anonymized and generic demographic patterns.


3. Categories of third parties who access and process your personal data:

VIVACOM and IA will not disclose to non-authorized recipients, except in cases noted below:

  • Share your information, including name and location, with other members of your SafeBeep Family;
  • Share your personal data with companies storing the Application’ s data and are considered their data sub-processors and with which it has signed relevant data processing agreement of the Application’ s data, currently the company „Χουντάλας- Β. Παπουτσόγλου Ο.Ε.” (“Euro VPS, Amsterdam NL”).
  • May share your personal data with third-party business partners, vendors and consultants who perform services on VIVACOM’s and/or IA’s behalf, such as accounting, managerial, technical, marketing or analytic services. These business partners will be given access to your information as necessary to deliver the Service under reasonable confidentiality terms.
  • Except as described above, VIVACOM and IA will not disclose your personal data to third parties (including law enforcement, other government entity, or civil litigant; excluding the subcontractors) unless required to do so by law or subpoena or if in the sole discretion, it is determined necessary to (a) conform to the law, comply with legal process, or investigate, prevent, or take action regarding suspected or actual illegal activities; (b) to enforce the SafeBeep Terms and conditions, take precautions against liability, to investigate and defend against any claims or allegations, or to protect the security or integrity of SafeBeep site; and/or (c) to exercise or protect the rights, property, or personal safety of SafeBeep, its Users or others.


4. How long your personal data is stored

The length of storing your personal data depends on the purpose for which it was collected and processed. In principal the personal data is stored for no longer than is necessary for the purposes for which the personal data are processed.

  • Personal data processed for the purpose of registration and profile information is stored by IA on behalf of VIVACOM for as long as the customers are using the Service and are deleted up to 30 days after the termination of the contract with VIVACOM and the licence you were granted. Or/and after any termination of the contract and the licence you were granted, personal data is stored for as long as is determined by the applicable legal and regulatory framework or for as long as it is required to defend IA and/or VIVACOM’s rights before a Court or other competent Authority.
  • Personal data processed for the purpose of issuing accounting/financial documents for the performance of tax and social security control shall be kept for at least 5 years after expiry of the limitation period for the repayment of the public claim, unless the applicable law provides for a longer period.
  • Personal data processed with regard to exercising your right to access your personal data shall be kept for 5 years from the answer of the inquiry.
  • IA on behalf of VIVACOM stores location information only so long as is reasonable to provide the Service, but no longer than 30 days, and then delete the location data.
  • IA on behalf of VIVACOM collect anonymized information when you chat with another member of your Family through use of the Service only so long as is reasonable to provide the Service, but no longer than 30 days, and then delete the chat data.

Vivacom may store some of your personal data for a longer period of time until expiry of the applicable limitation period, in order to provide protection in the case of customer claims in connection with the execution/termination of a service contract, as well as for a longer period of time in the case of a legal dispute which has already arisen in connection with a case, pending its final decision by a court/arbitration decision in force.


5. Rights of the data subject

As our customer and in relation to your personal data you have the following rights:

5.1. To access your personal data and information, of the kind we have included in this Privacy Policy with respect to the data in question. You may ask VIVACOM for information on whether and for what purposes we and/or IA process your personal data.

The proper way of exercising this right is included in details in the Confidentiality and personal data protection policy of Bulgarian telecommunication company EAD on and in connection with the provision of electronic communications services available at www.vivacom.bg ;

5.2. To demand your personal data to be rectified when it is inaccurate or should be supplemented for purposes of processing;

5.3. Тo demand erasure of your personal data in one of the following cases:

  • Such data is no longer needed for the purposes for which it is being processed;
  • You have objected to its processing and there is no reason for its processing;
  • Data processing is recognized as illegal;
  • This is required by the national or European legislation.

5.4. To require restriction of the processing of your personal data in any of the following cases:

  • Upon challenging the accuracy of your personal data within the time required by VIVACOM to verify the accuracy of the data;
  • In case of unlawful processing where you wish only limitation of the processing of your data, instead of deletion;
  • You wish your personal data to be stored even though VIVACOM no longer needs them for processing purposes, because you are going to use them to identify, exercise or protect your legal claims;
  • Upon objection made by you to the processing of your personal data for the time of validity verification of the objection.

5.5. То request portability of your personal data which concerns you and which you have provided to us, including receiving it from VIVACOM in a structured, commonly used and machine readable format and transferring it to another controller. Your right to portability concerns personal data for which the following conditions are satisfied: (a) The processing of the data is based on contractual obligation; (b) The processing is carried out in an automated manner.

5.6. To object to VIVACOM at any time and for your personal reasons, in view of a particular situation, against the processing of personal data relating to you, based on the need to perform a public interest task or the exercise of official authority that has been granted to us or, for which we have indicated that we process such data to our legitimate interest. VIVACOM will respond within a reasonable time, but not longer than one month, if it finds the objection reasonable and, accordingly, if it will discontinue the processing of the relevant personal data for these purposes.

5.7. To submit a complaint to the Personal Data Protection Commission in case you believe that your rights in relation to the processing of your personal data have been violated.


6. Can you refuse to provide your personal data and what will be the consequences thereof

In order to conclude a contract with you and to provide you the Service you have requested, we need certain data necessary for the conclusion and performance of the relevant contract.
Failure to provide the following data will prevent us from entering into a contract with you:

  • Mobile number


7. Exercising the aforementioned rights

For matters concerning the processing of your personal data you may address in writing to the Data Protection Officer (DPO) by physical or electronic mail to the addresses mentioned in p.1 of this Privacy Policy.

In order to exercise some of your aforementioned rights you may also contact VIVACOM Customer Service Number 123 or +359 87 123 and +35987 8009 123 for international call to VIVACOM Customer Service Number.


8. Security

VIVACOM and IA care about the security of your information and use commercially reasonable physical, administrative, and technological safeguards to preserve the integrity and security of all information collected and shared with its service providers.

The processing of your personal data is confidential and is carried out exclusively by persons under the control of VIVACOM and IA. These persons are selected on the basis of strict criteria established by VIVACOM and IA, which are designed to provide sufficient safeguards in terms of knowledge and personal commitments to the confidentiality. VIVACOM and IA have taken further steps to prevent unauthorized access to its data, including running firewall software and keeping the servers up-to-date with security patches.

That said, VIVACOM and IA cannot guarantee nondisclosure of personal information due to factors beyond its control. If you suspect that your account has been compromised, please contact VIVACOM and/or IA as soon as possible. VIVACOM and IA will not be liable for any losses caused by any unauthorized use of your account.


9. Cookies

To increase efficiency, the electronic platform of the website www.safebeep.bg uses data files of cookies’ type. More information about the use of cookies could be found at https://www.safebeep.bg/cookies-policy


10. Links to other web sites and services

VIVACOM and IA are not responsible for the practices employed by websites or services linked to or from the Service, nor the information or content contained therein. Please remember that when you use a link to go from the Service to another website, this Privacy Policy does not apply to third-party websites or services. Your browsing and interaction on any third-party website or service, including those that have a link on our website, are subject to that third party’s own rules and policies. Please read over those rules and policies before proceeding.

Any use of the maps functionality on this Site and the Service shall be governed by the Google Maps/Earth Additional Terms of Service (http://www.google.com/intl/en_us/help/terms_maps.html) for Google Maps application.

VIVACOM and IA shall have no liability for your use of Google Maps or for any results, including driving directions, which Google Maps might generate during usage of the Service.


11. Changes of the Privacy Policy

VIVACOM may, in its sole discretion and without informing you in advance, modify or update this Privacy Policy from time to time in accordance with the applicable regulatory and legislative framework, and so you should review this page periodically. When the policy is changed VIVACOM will update the ‘last modified’ date at the bottom of this page.

This Privacy Policy was last update on 02.03.2020.