‘EngiStation’ Ltd. (EngiStation) respects the privacy of its customers and guarantees the maximum protection of their personal data processed with regard to the services provided by the company.
Who processes and is responsible for your personal data?
EngiStation is registered with the public register of the Communications Regulation Commission as a company providing a wide range of IT and electronic communications services / goods.
EngiStation is data controller of personal data within the meaning of the Personal Data Protection Act (PDPA).
You can contact us at:
- telephone +359 888 977 901
- email: email@example.com
- or filling in the electronic form for contact on our website: engistation.com
- What data, for what purposes and what are our legal basis for processing?
1.1. Depending on the specific purposes, EngiStation processes the following data separately or in combination:
A) Data provided by you to identify and execute the contractual obligations of EngiStation and the customer:
- three names, identification number or personal ID of a foreigner, address, telephone and / or e-mail address to contact you or your indicated contact persons;
- three names, identification number, and other data of your attorney, employee and others persons, specified in the document by which you have authorized them to act on your behalf before EngiStation with regard to performance of the contract, access to equipment, access to data centre and etc.;
- data collected with regard to payment made to EngiStation;
- B) Data, which are prepared and generated by EngiStation in the process of providing the services / goods:
- contract number, issue ticket number, customer number, etc.
- data, which are necessary for the issuance of invoices, value of the services used;
information on payment method, payments made and due; information on changes in
usage of services, restrictions and restoration of services etc.;
- video security recording when visiting our datacentre sites, made with video surveillance equipment to ensure security for employees and visitors at our datacentre sites;
- IP address when visiting our website;
- information about the type and content of the contractual relationship, as well as any
other information related to the contractual relationship, including emails sent, information about your requests for troubleshooting, application, requests, complaints and other feedback we receive from you;
1.2. Purposes and legal bases for processing of personal data:
- A) Processing of the data necessary for the conclusion or performance of the contract. EngiStation processes your data for the following purposes:
- Identifying a customer as follows: concluding a new or amending an existing contract for the colocation of telecommunication equipment, signing a contract for the purchase of equipment; execution of requests for information on consumption; paying bills and addressing correspondence.
- Updating your personal data or information in relation to contract services;
- Making proposals for signing contracts, sending a courier shipment with pre-contractual
information and draft contract;
- Technical assistance for creating an account (s) and recovering a forgotten password to
access our website, for electronic service of electronic invoices, inquiries, visit to the
territory of the data centre and access to the collocated equipment;
- Technical maintenance and troubleshooting and any technical problems – on place and
through remote access to service equipment;
- Payment of bills, rescheduling amounts due;
- Verification of a technical possibility to provide a service;
- Processing by the persons charged by us for data processing;
- B) In fulfilment of its legal obligations, EngiStation processes your data for the following purposes:
- Preparing offers for signing contracts and signing contracts outside our premises, sending a courier shipment with pre-contractual information and draft contract, etc.;
- Providing information about the customer and the purchases made by him and / or
services he / she uses on a request / claim / inspection by a competent authority;
- Invoices issuing;
- To perform tax – control by the respective competent authorities;
- C) EngiStation processes your data for the purposes of the following legitimate interests: legal procedures relating to the exercise of rights deriving from services provided by us; transfer of receivables to third party – Cessionary;
- Categories of third parties who access and process your personal data:
2.1. Personal data processing services that, based on an EngiStation contract – process your personal data on behalf of EngiStation or have direct / indirect access to your personal data, could be:
- Transport / courier companies in order to fulfil our contractual obligations for delivering contracts in paper form, equipment and similar;
- Individuals who maintain equipment and software used to process your personal data under EngiStation assignment;
- Individuals providing services for the maintenance of terminal equipment as long as they keep personal data;
- Agencies collecting unpaid customer duties;
- Subcontractors providing services related to the fulfilment of our contractual
obligations, technical assistance in installation and / or maintenance of equipment and
- Banks servicing payments made by you;
- Security companies holding a license to perform private security activities processing
the video recordings from our datacentre sites and / or maintaining other registers in the
process of securing the access regime in the same sites;
- Individuals providing services for the organization, storage, indexing and destruction of
archives in paper and / or electronic form;
- Individuals performing consultancy services in different scope related to our activity.
2.2. Other personal data controllers to whom EngiStation provides your personal data, processing your data on their own behalf:
Cessionary – a party to cession contracts which EngiStation transfers (sells) its receivables, financial organizations for the purpose of crediting and securing funding;
Competent authorities which, by virtue of a statutory instrument, have the power to require from EngiStation to provide information including personal data such as a Bulgarian court or a court of another State, different supervisory / regulatory authorities – the Commission for Consumer Protection, Communications Regulation Commission, authorities with powers to protect national security and public order;
To ensure adequate data protection for the company and its customers, we apply all the necessary organizational and technical measures provided by the Personal Data Protection Act, as well as the best practices of international standards (ISO 27001: 2013, PCI DSS etc.).
- For what term your personal data is stored?
The period of time that your personal data are stored depends on the processing purposes for which they were collected:
- Personal data processed for the purpose of concluding / amending and executing a contract shall be stored for the duration of the contract and until the final settlement of all financial relations between the parties;
- Personal data processed for the purpose of issuing accounting / financial documents for the implementation of the tax and social security controls, but not only – invoices, debit, credit notes, acceptance protocols, service contracts are kept for at least 5 years after expiry of the limitation period for repayment of the public debt, unless the applicable law provides for a longer period.
- EngiStation may store some of your personal data for a longer period of time until the expiration of the applicable limitation period in order to protect any customer claims in connection with the performance / termination of the contract and for a longer period in the case a legal dispute has arisen in relation to the pending issue, its final settlement with a court / arbitration ruling in force.
- Picture (Video recording) – within 30 days from the record.
- What are your rights in relation to the processing of personal data from EngiStation?
As our customer and with relation to your personal data you have the following rights:
- to access your personal data and receive the relevant information. You may request from EngiStation whether and for what purposes we process your personal data with a
written request with content specified in Personal Data Protection Act.
- to request for the removal, correction, blocking or supplementation of your personal data when they are inaccurate, or the processing thereof does not meet the
requirements of the legislation.
- to object before EngiStation at any time against the processing of your personal data, if
there is a legitimate reason.
- to withdraw your consent to the processing of your personal data, but only when your processing is based solely on your consent;
- to file a complaint before the Data Protection Commission.
- Could you refuse to provide to EngiStation your personal data and what are the
consequences of such refusal?
In order to conclude a contract with you and provide you with the requested services in accordance with our legal obligations, EngiStation needs certain data.
Failure to provide the following data prevents EngiStation to conclude contract for service / goods with you:
- names, identification number or personal ID of a foreigner, address, telephone and / or e-mail address to contact you or your indicated contact persons;
- names, identification number, and other data of your attorney, employee and others specified in the document by which you have authorized him / her to represent you before EngiStation;
- data collected on a payment made to EngiStation;
- your account details to access www.engistation.com – username and/or email;
- address for correspondence;
- data about the authorized person and the persons entitled to access the equipment
collocated with us;
- Policy for the “cookies”
Types of cookies
The website may use one or more of the following types of cookies depending on their degree of need;
Systemically Required Cookies – These are cookies without which website operation is impossible or put at high risk. This includes cookies for navigation on the website, saving filled in information when passing between the different steps as well as on login or
registration. Systemically needed are also cookies that provide control over the security of the connection and protection from unwanted external interference. This type of cookies is often referred to as temporary or session because it is temporarily stored and disappears after the browser session is closed.
Function Cookies – This category of cookies serves to make it easier for the user to use the website and consider individual user preferences. Function cookies include device- recognition cookies, preset language and font preference, and more. This type of cookies can be stored for a long time on the device, they can be used in more than one session of the browser and are called permanent.
Third-party cookies, for efficiency, analytics, and advertising –Analytics cookies serve to collect statistical information on the basis of which general conclusions and recommendations can be made about the website’s performance for the purposes of users, as well as for marketing and advertising purposes. Such statistics include the number of users per page, most visited pages, sources of the visit, time spent on the page, errors that occurred, and more. These cookies allow you to collect anonymous information about how users navigate the website and the difficulties they may experience. For better precision, the website uses analytics tools of Google Analytics and Core Metrics. Deactivating cookies as a user, you have the ability to control cookies used, delete cookies saved on your device, and disable cookie’s usage in the future. Keep in mind that blocking cookies will affect the way the website works and may cause malfunctions of the site.
The website may include links to other websites that are beyond our control. We could not be held responsible for the protection of personal data or the content of these websites, but we offer these links to make it easier for our visitors to find more information on specific topics.
This policy was last updated in August 2020 and introduced in relation to the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 with regard to the protection of individuals and with regard to the processing of personal data and on the free movement of such data and revoking Directive 95/46 / EC.