PRIVACY POLICY

PRIVACY POLICY

I. INTRODUCTION

BY USING THIS WEBSITE, YOU AGREE TO THE TERMS REGARDING THE COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL DATA IN ACCORDANCE WITH THIS PRIVACY POLICY!

PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING THIS WEBSITE. IF YOU HAVE ANY QUESTIONS REGARDING THIS PRIVACY POLICY, PLEASE CONTACT US AT: info@kikilondon-bg.com !

IF YOU DO NOT AGREE WITH ANY OF THE TERMS CONTAINED IN THIS PRIVACY POLICY, YOU YOU SHOULD NOT TO USE THIS WEBSITE.

ADMINISTRATOR OF PERSONAL DATA

Liu Sto OOD (hereinafter referred to for short as "Administrator") is a limited liability company, with EIC 206489496, with headquarters and management address: Sofia, g.k. Mladost 1, bl. 12, contact phone +359898797821 and website https://kikilondon-bg.com/.

SUPERVISOR:

Commission for the Protection of Personal Data

Address: city ​​of Sofia, p.k. 1592, Prof. Blvd. Tsvetan Lazarov" 2

Contact data: 02/915 35 18; 02/915 35 15; 02/915 35 19; kzld@cpdp.bg , www.cpdp.bg

II. PURPOSES AND SCOPE OF THE PRIVACY POLICY

1.1 The administrator understands the considerations of the visitors of this website regarding the protection of personal data and is committed to protecting their personal data by applying all standards for the protection of personal data according to Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC. With this Privacy Policy, the Administrator respects the inviolability of the personality of natural persons and makes all necessary efforts to protect the personal data of natural persons against illegal processing by applying technical and organizational measures to protect personal data, which measures are fully in line with modern technological achievements and provide a level of protection that corresponds to the risks associated with the processing and the nature of the data to be protected.

With this Privacy Policy and in compliance with the requirements of Regulation (EU) 2016/679, the Provider provides information regarding:

– the purposes and scope of the privacy policy;

– personal data collected and processed by the provider;

- the purposes of personal data processing;

- period of storage of personal data;

- mandatory and voluntary nature of providing personal data;

– processing of personal data;

- protection of personal data;

– the recipients or categories of recipients to whom the data may be disclosed;

– rights of natural persons;

– order for exercising the rights;

– right to object;

– buttons, tools and content from other companies;

– changes to the privacy policy.

III . DEFINITIONS

For the purposes of Regulation (EU) 2016/679 and this policy, the specified terms have the following meaning:

  1. Personal data means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by an identifier such as a name, an identification number, location data, an online identifier or by one or more characteristics specific to the physical, the physiological, genetic, psychic, mental, economic, cultural or social identity of that natural person.
  2. Processing of personal data means any operation or set of operations performed on personal data or a set of personal data by automatic or other means such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, distribution or other way in which the data is made available, arranged or combined, restricted, deleted or destroyed.
  3. Restriction of processing means marking stored personal data in order to limit their processing in the future.
  4. Profiling _ means any form of automated processing of personal data, consisting in the use of personal data to evaluate certain personal aspects related to a natural person, and more specifically to analyze or predict aspects related to the performance of the professional duties of that natural person person, their economic status, health, personal preferences, interests, reliability, behavior, location or movement.
  5. Administrator means a natural or legal person, public body, agency or other structure that alone or jointly with others determines the purposes and means of processing personal data; where the purposes and means of this processing are determined by Union law or the law of a Member State, the controller or the special criteria for its determination may be established in Union law or in the law of a Member State.
  6. Personal data processor means a natural or legal person, public body, agency or other structure that processes personal data on behalf of the controller.
  7. Recipient _ means a natural or legal person, public body, agency or other structure to which the personal data is disclosed, whether or not it is a third party. At the same time, public authorities that may receive personal data within the framework of a specific investigation in accordance with Union law or the law of a Member State are not considered "recipients"; the processing of this data by the specified public authorities complies with the applicable data protection rules in accordance with the purposes of the processing.
  8. Third party means a natural or legal person, public body, agency or other body other than the data subject, the controller, the personal data processor and the persons who, under the direct supervision of the controller or the personal data processor, have the right to process the personal data.
  9. With the consent of the data subject means any freely expressed, specific, informed and unequivocal indication of the will of the data subject, by means of a statement or a clear affirmative action, which expresses his consent to the personal data relating to him being processed.
  10. Breach of personal data security means a security breach that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access of personal data that is transmitted, stored or otherwise processed.

IV. PRINCIPLES OF PERSONAL DATA PROCESSING

1. The administrator follows the following principles when processing personal data for natural persons, namely:

  • Personal data is processed lawfully, in good faith and in a transparent manner with respect to the data subject ("lawfulness, good faith and transparency");
  • Personal data are collected for specific, explicitly stated and legitimate purposes and are not further processed in a manner incompatible with these purposes;
  • Personal data is relevant, relevant and limited to what is necessary in relation to the purposes for which it is processed ("data minimization");
  • Personal data are accurate and, if necessary, kept up-to-date ("accuracy");
  • Personal data is stored in a form that allows the identification of the data subject for a period no longer than is necessary for the purposes for which the personal data is processed ("storage limitation");
  • Personal data are processed in a way that ensures an appropriate level of personal data security, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, by applying appropriate technical or organizational measures ("integrity and confidentiality").

V. PERSONAL DATA COLLECTED AND PROCESSED BY THE ADMINISTRATOR

A. Processing of special categories of personal data ("sensitive data")

1. The administrator does not collect or store special categories of personal data, such as: personal data revealing racial or ethnic origin, political views, religious or philosophical beliefs or membership in trade unions, genetic data, biometric data for the sole purpose of identifying a natural person, data on the state of health or data on the sex life or sexual orientation of the natural person. Individuals should not provide such sensitive data to the Administrator. In the event that the natural person intentionally provides sensitive data to the Administrator, the Administrator undertakes to delete them immediately.

B. Personal data collected directly from individuals

Personal data collected directly from individuals when individuals contact the Administrator by telephone

2. Individuals provide personal data to the Administrator when they contact the Administrator by telephone. The telephone number for contacting the Administrator is specified in the Administrator's identification data in this Privacy Policy and in the "Contacts" menu, where the Administrator's contact information is provided. When the person contacts the Administrator by telephone, the Administrator collects and processes only the name and telephone number of the individual, and in some cases the e-mail address of the individual. This data is processed for the purposes of communication with the individual. The processing of this personal data is necessary:

- for the realization of the legitimate interests of the Administrator, which legitimate interests are answering received calls and sending emails in connection with inquiries received by phone.

– for actions preceding the conclusion of a contract and undertaken at the individual's request, namely providing more information about the services offered by the Administrator in connection with the possible conclusion of a contract with the individual.

The administrator uses the services of a telephone service provider, which provider is located in the Republic of Bulgaria.

Personal data collected directly from individuals when individuals contact the Administrator through the contact form on the site to contact the Administrator

3. Individuals provide personal data to the Administrator when they contact the Administrator by sending a message using the contact form on the Administrator's website located at: info@kikilondon-bg.com. When the person sends a message to the Administrator using the contact form, the Administrator collects and processes the individual's name, e-mail address, as well as other information that the person provides in the sent message, such as address. This data is processed for the purposes of communication with the individual and record keeping. The processing of this personal data is necessary:

- to realize the legitimate interests of the Administrator, which legitimate interests are sending a response to the received messages, as well as saving the received messages.

– for actions preceding the conclusion of a contract and undertaken at the individual's request, namely providing more information about the services offered by the Administrator in connection with the possible conclusion of a contract with the individual.

The administrator uses the services of an e-mail service provider to store the received e-mails on the provider's server, which server is located in the Republic of Bulgaria.

Personal data collected directly from individuals when individuals contact the Administrator by e-mail

4. Individuals provide personal data to the Administrator when they contact the Administrator by e-mail. The Administrator's e-mail address is specified in the Administrator's identification data in this Privacy Policy, where the Administrator's contact details are provided, and also in the published general terms and conditions of the website. When the person sends an e-mail to the Administrator, the Administrator collects and processes the e-mail address, as well as the other information that the person provides in the sent e-mail, such as name, phone number, address. This data is processed for the purposes of communication with the individual and record keeping. The processing of this personal data is necessary:

– to realize the legitimate interests of the Administrator, which legitimate interests are sending a reply to the received messages, as well as saving the received messages.

– for actions preceding the conclusion of a contract and undertaken at the individual's request, namely providing more information about the services offered by the Administrator in connection with the possible conclusion of a contract with the individual.

The administrator uses the services of an e-mail service provider to store the received e-mails on the provider's server, which server is located in the Republic of Bulgaria.

Personal data collected directly from individuals when individuals contact the Administrator by sending a message using the Facebook platform

5. Individuals provide personal data to the Administrator when they contact the Administrator by sending a message using the Facebook platform through the Facebook messaging service, accessible through the Administrator's Facebook page at: www.facebook.com/KikiLondonBulgaria . When the person sends a message to the Administrator by using the Facebook platform through the Facebook messaging service, the Administrator collects and processes the name of the individual as well as the other information that the person provides in the sent message. This data is processed for the purposes of communication with the individual and record keeping. The processing of these personal data is necessary to realize the legitimate interests of the Administrator, which legitimate interests are sending a response to the received messages, as well as saving the received messages. The administrator uses the services of Facebook, an independent service provider located in the USA, to receive messages through the Facebook platform. This means that the personal data provided will be stored on Facebook's servers in the USA. For the transmission of these personal data outside the European Economic Area, appropriate guarantees should be provided in accordance with Article 46 of Regulation (EU) 2016/679. Facebook certifies that it complies with the EU-US Privacy Shield Principles. Facebook has its own Privacy Policy and individuals are advised to read it for more information. Facebook's privacy policy is posted at the following address: https://www.facebook.com/policy.php

Personal data collected directly from individuals when individuals register on the website

6. Individuals provide personal data to the Administrator when they register on the Administrator's website in order to create a profile. When registering, the natural person provides the following personal data, which the Administrator collects and processes, namely: name and surname of the natural person and e-mail address. The collection and processing of this personal data is necessary: ​​- to realize the legitimate interests of the Administrator, which legitimate interests are providing the possibility for the individual to maintain a registered profile on the website of the Administrator, to save the goods preferred by the individual and to purchase goods desired by the individual; - with a view to concluding or executing a contract for the purchase of goods. The data of individuals are stored on the server of a hosting service provider, which provider is registered in the Republic of Bulgaria.

Personal data collected directly from individuals when individuals purchase a product

7. Individuals provide personal data to the Administrator when they purchase a product from the Administrator's website. When purchasing or attempting to purchase a product from the Administrator's website, the natural person provides the following personal data, which the Administrator collects and processes, namely: name and surname of the natural person, e-mail address, telephone number and address. The collection and processing of this personal data is necessary: ​​- with a view to concluding or executing a contract for the purchase of goods; – to fulfill legal obligations for the purposes of issuing invoices. The data of individuals are stored on the server of a hosting service provider, which provider is registered in the Republic of Bulgaria.

Personal data collected directly from individuals when individuals subscribe to receive a newsletter

8. Individuals provide their e-mail address when they wish to subscribe to receive a newsletter. When the person subscribes to receive newsletters containing publications and useful information about the goods offered by the Administrator, promotional offers and the like, the Administrator collects and processes the e-mail address of the individual and the name of the individual. This data is processed for the purpose of sending the person newsletters. The basis for processing this personal data is the express consent of the individual.

C. Personal data of individuals provided by third parties

9. The administrator normally does not receive personal data about individuals from third parties. However, in some cases, if the Administrator has reasonable grounds to suspect that a natural person is infringing intellectual property rights and other similar cases, then the Administrator has the right to obtain personal data of the suspected person from public records, such as: register, the register for registered trademarks maintained by the Patent Office of the Republic of Bulgaria and similar. This data may be collected and processed for the purpose of filing an infringement claim against the infringer. The processing of personal data collected from a public register is necessary for the purposes of the legitimate interests of the Administrator, which legitimate interests are the filing of a claim for a committed violation against the offender, and also on legal grounds.

D. Data Collected Automatically

10. When visiting the website, the Administrator automatically collects the following data, namely:

  • Internet Protocol (IP) address of the device from which the individual accesses the Platform (usually used to identify the country or city from which the individual accesses the Platform);
  • Type of device from which the natural person accesses the platform (for example, computer, mobile phone, tablet, etc.);
  • Type of operating system;
  • Browser type;
  • The specific actions that the individual takes, including the pages visited, the frequency and duration of website visits;
  • Date and time of visits.
  • The specific actions that the individual takes, including the pages visited, the frequency and duration of visits to the website, and any actions taken on the website.

VI. COOKIES

1. Individuals can obtain more information about how the Administrator uses cookies by reading the Cookie Policy at: XIX of this Privacy Policy!

VII. PURPOSES FOR WHICH PERSONAL DATA IS PROCESSED

1. The administrator collects and processes the personal data of individuals, which are provided directly by them only for the following purposes, namely:

  • in order to provide services that the Administrator offers and to identify individuals (future and current customers);
  • to make contact with the individual via e-mail, so that the Administrator can respond to the inquiry received by the individual;
  • for the performance of obligations under a contract to which the natural person to whom the data refer is a party, as well as for actions preceding the conclusion of a contract and undertaken at his request;
  • to fulfill a legally established obligation of the Personal Data Administrator, in accordance with the applicable law;
  • to send the goods purchased by the individual;
  • to send newsletters containing information about received new collections, discounts, etc.
  • accounting purposes;
  • statistical purposes.

2. The administrator collects and processes the personal data of natural persons, which have been collected automatically for the following purposes, namely:

 improving the performance and functionality of the website;

 preparing anonymous statistics about the way the website has been used.

3. The administrator has no right to use the personal data of individuals for purposes that are different from the purposes specified in this section of this Personal Data Protection Policy.

VIII. STORAGE PERIOD OF PERSONAL DATA

1. Personal data of persons who have made an inquiry using the contact form on the website: The administrator stores the personal data of the persons who made an inquiry using the contact form on the website for a period of:

  • for persons who did not become clients of the Administrator within one month of sending the request: personal data is stored for a period of three months after sending the request.
  • for persons who have become clients of the Administrator: personal data are stored for a period of 5 years after the execution of the service assigned by the client to the Administrator.

2. Personal data of persons who made an inquiry by telephone: The administrator stores the personal data of the persons who made an inquiry by telephone for a period of:

  • for persons who have not become clients of the Administrator within one month of making the inquiry by telephone: personal data are stored for a period of three months.
  • for persons who have become clients of the Administrator: personal data are stored for a period of 5 years after the execution of the service assigned by the client to the Administrator.

IX. MANDATORY AND VOLUNTARY NATURE OF PROVIDING PERSONAL DATA

1. The personal data that are required to be provided by individuals are in accordance with the services offered by the Administrator and are mandatory. The provision of personal data by individuals is voluntary. In case the provision of personal data is refused:

– The Administrator will not be able to provide the desired service or information about the service offered by the Administrator;

– The administrator will not be able to receive the email from the user if the latter does not fill in the necessary information in the contact form.

X. PROCESSING OF PERSONAL DATA

1. The administrator processes the personal data of natural persons through a set of actions that can be performed by automatic or non-automatic means.

2. The Administrator processes the personal data of natural persons independently or by assigning a data processor on behalf of the Administrator, who is the accountant of the company, which is based in the Republic of Bulgaria.

XI. PROFILING

1. Profiling means any form of automated processing of personal data, consisting in the use of personal data to assess certain personal aspects related to a natural person, and more specifically to analyze or predict aspects related to the performance of professional duties of that an individual, their economic status, health, personal preferences, interests, reliability, behavior, location or movement. When performing profiling, automated methods and algorithms are used.

2. The administrator performs profiling in order to adapt the services provided by the administrator to the needs of individuals, and also to improve the administrator's services. For this purpose, automated methods and algorithms are used to determine the preferences of individuals by performing an initial or ongoing assessment based on the data provided by the individual. In this way, it is established what would be the most suitable offer for the individual concerned, so that the most suitable offer can be prepared and made to the individual.

XII. PROTECTION OF PERSONAL DATA

1. The administrator takes the necessary technical and organizational measures to protect personal data from accidental or illegal destruction, or from accidental loss, from unauthorized access, modification or distribution, as well as from other illegal forms of processing, namely:

– all personal information that the individual provides to the Administrator is stored on secure and reliable servers and folders;

– when exercising the right of access by the individual, the Administrator verifies the identity of the individual before providing him with the requested information.

2. Comprehensive information about the technical and organizational measures taken by the administrator is available in the Instruction on the mechanism of personal data processing and their protection in the maintained registers containing personal data at the Administrator. In case you wish to receive detailed information about the technical and organizational measures, please do not hesitate to contact us at info@kikilondon-bg.com.

XIII RECIPIENTS TO WHOM THE PERSONAL DATA MAY BE DISCLOSED

1. The administrator has the right to disclose the processed personal data to the following categories of persons, namely:

  • of the natural persons to whom the data refer;
  • to individuals, if provided for in a regulatory act, for example state bodies (NAS, Patent Office, Commercial Register, etc.);
  • to persons processing personal data who provide services for the benefit of the Provider's business activities, such as the Administrator's accountant and courier organizations, and such persons are bound by an obligation to observe confidentiality, and also such persons have provided sufficient guarantees for the application of appropriate technical and organizational measures in such a way that processing takes place in accordance with the requirements of the Regulation and ensures protection of the rights of natural persons.

2. The provider does not sell personal data provided by the individual to third parties.

XIV. RIGHTS OF NATURAL PERSONS

RIGHTS OF NATURAL PERSONS

Right of access

1. The natural person has the right to receive from the Administrator a confirmation as to whether personal data relating to him is being processed and, if so, to access the data – the relevant categories of personal data.

Right to rectification

2. The individual has the right to ask the Administrator to correct inaccurate personal data relating to him without undue delay. Considering the purposes of the processing, the natural person has the right to have incomplete personal data completed, including by adding a declaration.

Right to erasure (right to be forgotten)

3. The natural person has the right to request from the Administrator the deletion of the personal data related to him without undue delay, and the Administrator has the obligation to delete the personal data without undue delay when any of the grounds specified in Article 17 of Regulation 2016/679 apply .

Right to restriction of processing

4. The natural person has the right to demand from the Administrator a limitation of processing when one of the conditions specified in Article 18 of Regulation 2016/679 applies. When processing is restricted, such data are processed, with the exception of their storage, only with the consent of the individual or for the establishment, exercise or defense of legal claims or for the protection of the rights of another individual or for important reasons of public interest for the Union or a Member State. When the natural person has requested restriction of processing, the Administrator informs him before canceling the restriction of processing.

Right to data portability

5. The natural person has the right to receive the personal data concerning him and which he has provided to an administrator, in a structured, widely used and machine-readable format, when the processing is based on consent in accordance or of a contractual obligation and the processing is carried out in an automated manner.

Right to object

6. The natural person has the right, at any time and on grounds related to his particular situation, to object to the processing of personal data concerning him. Pursuant to Art. 21, paragraph 4 of Regulation 2016/679, the natural person is expressly notified of the existence of the right to object, which is presented in a clear manner and separately from any other information. To fulfill this obligation, more information about the right to object can be found in the section below entitled "Right to object".

Right to withdraw consent

7. The natural person has the right to withdraw the consent given by him at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent given prior to its withdrawal. The individual may withdraw their consent in the manner specified in section XIV of this privacy policy or by selecting the "unsubscribe" option when receiving the newsletter.

Profiling rights

8. The natural person has the right not to be subject to a decision based solely on automated processing, including profiling, which gives rise to legal consequences for the data subject or similarly significantly affects him.

Right to be notified of a breach of personal data security

9. When the breach of personal data security is likely to pose a high risk to the rights and freedoms of individuals, the individual must be notified without undue delay of the breach of personal data security.

Right to judicial and administrative protection

Right to submit a complaint to a supervisory authority

10. The natural person has the right to submit a complaint to a supervisory authority, in particular in the Member State of habitual residence, place of work or place of the alleged infringement, if the natural person considers that the processing of personal data concerning him violates the provisions of the Regulation .

Right to an effective judicial remedy against a supervisory authority

11. Every natural and legal person has the right to effective judicial protection against a binding decision of a supervisory authority concerning him. Proceedings against a supervisory authority shall be brought before the courts of the Member State in which the supervisory authority is established.

C: Right to an effective legal remedy against a controller or processor of personal data

12. Without prejudice to any available administrative or non-judicial remedies, including the right to lodge a complaint with a supervisory authority, an individual has the right to an effective judicial remedy where they consider that their rights under the Regulation have been infringed as a result of processing of his personal data, which is not in accordance with the Regulation. Proceedings against an administrator or processor of personal data shall be instituted before the courts of the Member State in which the Administrator or processor of personal data has its place of establishment.

Right to compensation for damages suffered

13. Any person who has suffered material or non-material damages as a result of a violation of the Regulation has the right to receive compensation from the Administrator or personal data processor for the damages caused. Legal proceedings in connection with the exercise of the right to compensation shall be instituted before the courts of the Member State in which the Administrator or personal data processor has its place of establishment.

XV. ORDER FOR EXERCISE OF RIGHTS

1. Individuals exercise their right to withdraw consent, the right of access, the right to erasure, rectification, the right to limit processing, the right to data portability, the right to object and the right to profiling, by submitting a written request to the Administrator (or by mail to the address indicated in the Administrator's identification above in this privacy policy or by sending an email), which should contain the following information:

  1. name, address and other identification data of the relevant natural person;
  2. description of the request;
  3. signature, date of submission of request and e-mail address.

2. The request is made personally by the individual. The administrator files the requests submitted by individuals in a separate register.

3. After the individual exercises his right of access to personal data concerning him, the Administrator verifies the identity of the individual before responding to the request. This is necessary to minimize the risk of unauthorized data access and identity theft. In the event that the Administrator cannot identify the individual from the collected personal data, then the Administrator has the right to request a copy of documents that identify the individual (such as an identity card, driver's license, other documents that contain personal data that may identify the natural person).

4. The administrator examines the request and provides the individual with information about the actions taken in relation to the request within one month of receiving the request. If necessary, this period can be extended by another two months, taking into account the complexity and number of requests.

5. The administrator informs the individual of any such extension within one month of receiving the request, indicating the reasons for the delay. When the individual submits a request by electronic means, if possible, the information shall be provided by electronic means, unless the individual has requested otherwise.

6. If the Administrator does not take action on the individual's request, the Administrator shall notify the person without delay and at the latest within one month of receiving the request of the reasons for not taking action and of the possibility of filing a complaint with a supervisory authority and seeking protection under court order.

7. The administrator undertakes to communicate any rectification, deletion or limitation of processing to any recipient to whom the personal data has been disclosed, unless this is impossible or requires a disproportionately large effort. The administrator informs the individual about these recipients if the individual so requests.

XVI. RIGHT OF OBJECTION

1. The natural person has the right, at any time and on grounds related to his particular situation, to object to the processing of personal data concerning him. Pursuant to Art. 21, paragraph 4 of Regulation 2016/679, the natural person is expressly notified of the existence of the right to object, which is presented in a clear manner and separately from any other information. To fulfill this obligation, more information about the right to object will be provided in this section of this privacy policy.

2. The natural person has the right, at any time and on grounds related to his specific situation, to object to the processing of personal data concerning him, in cases where the processing is necessary for the performance of a task of public interest or in the exercise of official powers granted to the Administrator or the processing is necessary for the purposes of the legitimate interests of the Administrator or of a third party, except when the interests or fundamental rights and freedoms of the natural person that require the protection of personal data take precedence over such interests, in particular when the natural person is a child. The administrator undertakes to stop the processing of personal data, unless he proves that there are convincing legal grounds for the processing that take precedence over the interests, rights and freedoms of the natural person, or for the establishment, exercise or defense of legal claims. Individuals exercise their right to object by submitting a written request to the Administrator by mail at the address specified in the Administrator's identification above in this privacy policy or by sending an email.

3. When personal data are processed for the purposes of direct marketing, the natural person has the right at any time to object to the processing of personal data concerning him for this type of marketing, which includes profiling as far as it is related to direct marketing. When the natural person objects to processing for the purposes of direct marketing, the processing of personal data for these purposes is terminated. Individuals exercise their right to object by submitting a written request to the Administrator by mail at the address indicated in the Administrator's identification above in this privacy policy or by sending an email indicating that they do not wish to receive advertising communications.

XVII. LINKS, TOOLS AND CONTENT FROM OTHER COMPANIES

1. The website contains buttons, tools or content that link to services of other companies, such as "Follow us on Facebook", "Follow us on Instagram", "Subscribe to our YouTube channel" buttons. All sites of such companies that can be accessed through this website are independent and the Administrator does not assume any responsibility for damages and losses resulting from the use of these sites. Individuals use these sites at their own risk and are advised to consult the relevant Privacy Policy of the respective company for further information.

XVIII. CHANGES TO PRIVACY POLICY

2. This Privacy Policy may be updated at any time in the future. When that happens, the changed policy will be posted on this website with a new "Last Modified" date at the top of this Privacy Policy and will be effective from the date of posting. Therefore, it is recommended that you periodically check this Privacy Policy to ensure that you are aware of any changes. By using the website after the updated Privacy Policy is posted, you will be deemed to agree to the changes.

XIX. Use of cookies

General
"Cookies" are small text files that are saved on your computer when you visit our website. In the event that you access this web page at another time, your browser sends back the content of the "cookies" to the respective provider and thus enables the re-identification of the terminal device. Reading cookies allows us to design our website optimally for you and makes it easier for you to use it.

Disable and delete cookies
Your browser allows you to delete all cookies at any time. To do this, refer to the auxiliary functions of your browser. This may result in certain functions of our website no longer being available to you.

Overview of the cookies we use
In this section you can find an overview of the cookies we use.

Absolutely necessary cookies
Certain cookies are necessary for us to securely provide our services through the website. This category includes, for example:
- "Cookies" that identify or authenticate our users;
- "Cookies" that temporarily store certain user data, e.g. online form content;
- "Cookies" that store certain user preferences, e.g. search settings or language settings;
- "Cookies" that store data to ensure uninterrupted playback of video or audio content.

Analytical cookies
We use analytical cookies to record user behavior, e.g. clicks on ad banners, entered search queries, and statistically evaluate these actions.

Advertising cookies
We also use cookies for advertising purposes. User behavior profiles created using such cookies, e.g. clicks on advertising banners, subpages visited, search queries entered are used by us to show you advertisements or offers that are tailored to your interests ("interest-based advertising").

Third-party advertising cookies
We also allow other companies to evaluate our users' data through advertising cookies. This allows us and third parties to show users of our website interest-based advertisements that are based on an analysis of your usage behavior, e.g. clicks on advertising banners, sub-pages visited, queries entered, but not limited to our online offers.

"Cookies" upon referral
Our referral tracking partners place cookies on your computer ("referral cookie") in the event that you have reached our website through an advertisement of the relevant partner. These cookies usually expire after 30 days. In the event that you visit certain pages we host and the cookie has not yet expired, we and the relevant conversion tracking partner may see that a particular user has clicked on the ad and been redirected to our page. The information collected through the referral cookie is used to create referral statistics and to determine the total number of users who clicked on the relevant advertisement and were directed to a page that is equipped with a referral tracking tag.

Management by third parties

The website contains buttons, tools or content that connect to third-party services, such as the "Facebook" button, the "Instagram" button, the "YouTube" button, and also links to the payment service providers "Paysera". Information may be collected about the use of these items. Also, when using these buttons, tools or content, information from the website visitor's browser may be automatically sent to the third party. These third party websites have their own cookie policies and may use cookies, so it is recommended that visitors read the relevant third party's Cookie Policy for more information. Visitors use the third party websites at their own risk and the Provider is not responsible for the privacy practices of the third party websites.

This Cookie Policy may be updated at any time in the future. When this happens, the changed policy will be posted on this website and will be effective from the date of posting.

XX. CONTACTS

1. In case you have any further questions regarding this Privacy Policy, please do not hesitate to contact us at info@kikilondon-bg.com

Last updated: 01/07/2022