Skip to content Skip to footer

Privacy policy

GENERAL PRIVACY POLICY OF TRINITY CAPITAL AD

This policy aims to inform you about the manner, scope, purposes, grounds, terms of data storage and your rights in relation to the processing of your personal data.

1.      WHO ARE WE?

With this Policy, we inform you that “Trinity Capital” AD (hereinafter referred to as “the Company“) is a Controller of personal data within the meaning of Regulation (EU) 2016/679 and in this capacity collects, records, stores, destroys or processes otherwise personal data.

We provide you with the following information regarding the Controller of your personal data: Name: “Trinity Capital” AD

EIK: 205573011

Address: Bulgaria, Sofia region (capital city), Stolichna municipality, Sofia city, p.k. 1142, Sredets district, Zheneva St. No. 7

Website: www.trinitycapital.bg (hereinafter referred to as “the Website“) Email: office@trinitycapital.bg ; s.kolev@trinitycapital.bg

2.      WHAT ARE THE CATEGORIES OF SUBJECTS FOR WHICH THE COMPANY COLLECTS AND PROCESSES PERSONAL DATA:

The company collects and processes your personal data if you are:

  • employees of the Company engaged under an employment or civil contract;
  • natural persons, applicants for employment with us;
  • natural persons – business partners of the Company (suppliers, customers, contractors, tenants), as well as representatives or proxies of business partners – legal entities;
  • natural persons – visitors to our Retail parks;
  • natural persons, users of the

3.      WHY DO WE NEED TO COLLECT YOUR PERSONAL DATA?

3.1. If you are an employee of the Company, the Company collects and processes your personal data for the following purposes:

    • concluding and/or terminating an employment/civil contract;
    • payment of remunerations, bonuses;
    • evaluation of work performance and results, disciplinary sanctions and proceedings;
    • participation in corporate programs for human resource management, conducting trainings;
    • fulfillment of the legal obligations of the Company, established in the labor, insurance and tax legislation, incl. for summarizing and securing the data for the needs of state institutions;
    • accounting of remuneration, tax obligations and mandatory social security contributions, administration of employee fringe benefits (eg. short-term and long- term compensation and bonus programs);
    • provision of social benefits and additional health insurance services to employees and their family members;
    • making contact and sending correspondence; intra-company communication;
    • maintenance, monitoring and security of internal networks and IT-systems, providing access;
    • data from remote access devices – gaining access to them for the purpose of protection and security, crime prevention, based on legitimate interest;
    • participation in social, cultural or other corporate

3.2. If you are a job applicant, the Company collects and processes your personal data in order to assess whether you meet the requirements for filling the position and selecting the Company’s

3.3. If you are a natural person – business partner of the Company (suppliers, customers, contractors, tenants, etc.), or a representative or proxy of a business partner – legal entity, the Company collects and processes your personal data for the purpose of fulfilling the contracts and protecting the legitimate interests of the Company, as well as for the fulfillment of the Company’s legal obligations arising from tax and accounting legislation, as well as other legal acts applicable to the Company’s activities.

3.4. If you are a natural person visitor to our Retail parks, such as commercial, office, warehouse and production parks with shops, parking spaces and internal alleys, built on land owned by the Company and located as follows:

  • Retail park Jumbo Plaza – Sofia, Kremikovtsi district, Vrazdebna district, “Bogrovski pesotsi” area, “Botevgradsko shose” boulevard No. 525;
  • Retail Park Yambol – town of Yambol, 37 “Bitolya” street;
  • Retail Park Haskovo – town of Haskovo, “G. S. Rakovski” No. 28A;
  • G Center Plovdiv – city of Plovdiv, Severen district , “Bulgaria” No. 115 A, the Company collects and processes your personal data for the following purposes:
    • to protect our legitimate interest in relation to the performance of contracts concluded with tenants in our Retail parks;
    • for planning, reporting and tracking the attendance of our Retail Parks in connection with the implementation of the main subject of the Company’s activity;
    • to protect the life and health of individuals whose data is collected or of another individual;
    • for the purpose of managing the Company’s business strategy – to improve and optimize the Company’s business strategy, as well as to plan appropriate actions and activities of the Company;
    • to protect legitimate economic interests – to exercise the right to defend the Company when its rights and legitimate interests are violated, to conduct audits, etc.

3.5. If you are natural person – user of our Website, the Company collects and processes your personal data for statistical and other purposes, as detailed in our COOKIE USE NOTICE .

3.6. If you do not fall into any of the above categories of natural persons, the Company collects and processes your personal data only if you have given us your consent for this. In this case, you have the right to withdraw your consent at any time.

For persons under the age of 14, consent to the collection and processing of their personal data should be provided by the parent exercising parental rights or the guardian of the data subject.

4.      WHAT PERSONAL DATA OF YOURS DO WE COLLECT AND PROCESS?

The company collects and processes your following personal data:

4.1. Of employees of the Company:

    • identification and contact data – names, gender, nationality, social security number, address, telephones, email, place of residence, data from an identity document, a copy of the SUMPS (only if the persons are provided with a company car);
    • family identity – marital status, family ties, names and social security number of children up to 18 years of age;
    • data on education and competences – diploma of completed education, certificates, qualifications;
    • data on professional experience and previous employers;
    • photo;
    • financial data – bank accounts, information on bank loans, participation and/or ownership of shares or securities in companies;
    • data on competition and participation in other organizations (non-compete data);
    • data on access to the Company’s systems, buildings and premises;
    • employment – position, workplace, department, official contact details – phone, email, fax, working hours (full and half-time), data on completed training, work and insurance experience, remuneration, bonuses, days of temporary incapacity for work, income and insurance length of service paid by a previous employer for the relevant calendar year, number of days and dates of annual leave;
    • work performance – evaluations, disciplinary sanctions, ;
    • membership in professional organizations, insurances;
    • medical data – state of health according to a medical examination document upon initial employment, medical documents submitted by the person during the period of validity of the concluded employment contract in fulfillment of the legal obligations of the Company;
    • criminal record data – criminal record certificate, only for positions for which this is necessary according to Bulgarian and European legislation.

4.2. Of natural persons – applicants for employment with us:

    • identification and contact data – name, surname and surname, telephone, email, photo;
    • data on education, skills and competences (language proficiency certificates and others;
    • details of previous experience and employers;
    • recommendations – with the consent provided by the

4.3. Of natural persons – business partners of the Company (suppliers, customers, contractors, tenants), or representatives or proxies of business partners – legal entities:

    • identification and contact data – name, surname and surname; Social security number, permanent address and/or correspondence address; Email;
    • In the event that the contracts are concluded by a proxy and a notarized power of attorney is presented, the following data are collected for the authorizer and the authorized person: name, surname, surname, social security number (date of birth), identity document number, date of issue, authority, who issued the

4.3. To natural persons who are visitors to our Retail Parks: photographic images, video and voice recordings stored with the recordings created by means of surveillance in the car parks of our Retail Parks, where applicable.

4.4. To individuals, users of the website: electronic identification data from your computer (such as “cookies” (which you can get more information about by reading our COOKIE USE NOTICE) or “IP addresses”), as well as correspondence data that you choose to disclose through the electronic contact form available through the Website.

Please note that we collect and process your personal data only to the extent necessary to fulfill the purposes for which it was collected. Unless specifically instructed, please do not disclose sensitive personal information to us, such as data about your health, race or ethnic origin, your religion, trade union membership, sexual orientation, etc.

5.      HOW LONG DO WE STORE YOUR PERSONAL DATA?

Your personal data is stored by us only for the period for which it is necessary to fulfill the purposes for which it was collected or processed, and for a period not longer than permitted under the applicable legislation.

5.1. The personal data of employees , providing information about the employee’s work and insurance experience or certifying such (including the documents under Article 13 of the Ordinance on the work record and work experience), are stored for a period of 50 (fifty) years ( payrolls, employment contracts (appointment orders), reassignment orders, orders for unpaid leave over 30 working days, orders for termination of employment). All other documents related to the employment relationship are kept until the expiration of the terms for filing claims under the so-called labor disputes under Art. 358, para. 1 of the Labor Code or for a period of 3 (three) years, starting from the date of termination of the employment relationship.

5.2. Personal data of job applicants are stored for the duration of the recruitment process and up to 30 (thirty) days after its termination, unless the applicant has agreed to their data being stored for the purpose of applying for future or other open positions . After the completion of the recruitment process, the job application of a person with whom an employment/civil contract has been concluded will not be stored.

5.3. The personal data of natural persons – business partners of the Company (suppliers, customers, subcontractors, tenants, ), or of representatives or proxies of business partners – legal entities are stored for a period of 5 (five) years as of the expiry of the period of the contract or termination thereof.

5.4. The personal data of natural persons – visitors to our Retail {arks , are stored for a period of 1 (one) month, starting from the day of the recording.

5.5. The personal data of natural persons, users of the Website are kept only until the fulfillment of the purposes for which they were collected or processed. More information can be found in our COOKIE USE NOTICE.

After the retention periods have expired, we take all necessary steps, without undue delay, to appropriately destroy the collected personal data.

6.      WHO ELSE CAN BE THE RECEPIENT OF YOUR PERSONAL DATA?

The company may also share your personal data with third parties under the following conditions:

  • when assigning the processing to carry out specific processing activities by documented order of the Company to accountants, subcontractors and others;
  • when it is necessary for the Company to share such personal data with its service providers, for example our technical service providers such as support and hosting service providers;
  • upon receipt by the Company of a request from a judicial authority or other legally authorized authority to provide such personal data in accordance with current

7.      WHAT ARE YOUR RIGHTS REGARDING YOUR PERSONAL DATA?

You have the right to request from the Company:

  • Access to your personal data, i.e. you have the right to know what personal data about you is being processed by The Company provides you, upon request, a free copy of the processed personal data relating to you. When you submit a request by electronic means, the Controller provides the information in a widely used electronic form;
  • Rectification – the right to request correction of your data held by us if it is inaccurate or incomplete;
  • Erasure (“right to be forgotten”). You have the possibility to request deletion of your personal data in the following cases:
    • if the personal data are no longer necessary for the purposes for which they were collected;
    • if the data subject exercises the right to object and there are no overriding legitimate grounds for the processing;
    • if the processing was unlawful;
    • if there is a legal obligation for the Controller to delete the

However, the right to erasure does not apply in cases where the data is processed:

    • to exercise the right to freedom of expression and the right to information;
    • to comply with a legal obligation that requires processing provided for in the law of the Union or the law of the Member State that applies to the Controller or for the performance of a task in the public interest or in the exercise of official powers that have been granted to the Controller;
    • for reasons of public interest in the field of public health;
    • for the purposes of archiving in the public interest, for scientific or historical research or for statistical purposes pursuant to Article 89(1) of Regulation (EU) 2016/679, insofar as the right to erasure is likely to make it impossible or seriously impede the achievement of the objectives thereof processing;
    • for the establishment, exercise or defense of legal
  • Restriction of the processing of your personal data . If it is necessary to check the accuracy of the data, the basis for the processing or the legality of their processing, you can request the Controller to limit (stop) the processing of your data.
  • Objection to Regarding data that is processed on the basis of “legitimate interest”, you have the right to object to the processing at any time and on grounds related to your specific situation. In the event of such an objection, the Controller is obliged to terminate the processing of your personal data, unless it proves that there are compelling legitimate grounds for the processing that take precedence over your interests, rights and freedoms or in the event that the data is processed for the establishment , the exercise or defense of legal claims.
  • Data portability (ie request your personal data in a structured, widely used and machine-readable format).
  • Where processing is based on your consent, you have the right to withdraw your consent at any time.
  • You also have the right to lodge a complaint with the competent supervisory authority if you believe that your data is being processed unlawfully by the Controller:

Commission for Personal Data Protection

Headquarters and management address: Sofia 1592, “Prof. Tsvetan Lazarov” No. 2; Address for correspondence: Sofia 1592, “Prof. Tsvetan Lazarov” No. 2;

Phone: 02 / 91 53 519;

Website: www.cpdp.bg Email: kzld@cpdp.bg

To exercise your rights, you may contact us as set out in section 10 below “Contact About Personal Data .”

8.      HOW DO WE PROTECT YOUR PERSONAL DATA?

The Company makes every effort to protect your personal data from damage, loss, disclosure, misuse, access, alteration or destruction. To protect data privacy, we implement physical, software-technical, organizational and administrative safeguards. We limit access to your personal data to those who need that information to provide benefits or services to you. We also train our employees about privacy.

9.      CHANGES TO OUR PRIVACY POLICY AND PRACTICES

The company may change this privacy policy at any time.

If the Company plans to adjust this policy (e.g. if we intend to use your personal data for purposes other than those specified in the policy in effect at the time of data collection, and subject to the principle of legality), a notice of the changes will be published in the amended version of the current privacy policy, which will take effect from the date of its publication.

The Company will notify you of any changes by posting them on the privacy policy page or by email or other form of notification.

10.  CONTACT ABOUT PERSONAL DATA / QUESTIONS

For any questions or comments related to this personal data protection policy, the way the Company collects and uses your personal data, the exercise of your rights regarding your collected personal data, please contact the relevant department of the Company at:

  • Email: office@trinitycapital.bg
  • Postal address: Bulgaria, Sofia region (capital city), Stolichna municipality, Sofia city, p.k. 1142, Sredets district, Zheneva St. No. 7;

You can also contact the Company’s Data Protection Officer, who is responsible for compliance with data protection legislation.