Privacy Statement

This privacy statement was adopted on 10.05.2018 by decision of the Management Board of Nord Holding AD, UIC (Unique Identification Code): 200376038 on the basis of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27th April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and for repealing Directive 95/46/EC (General Data Protection Regulation). 

The privacy statement applies to your personal data which Nord Holding AD collects in order to provide services to you in accordance with the company’s business activity as a licensed Trader within the meaning of § 1, item 45 of the Additional Provisions of the Waste Management Act (WMA), license number 476 of the Executive Environment Agency’s Register of Тraders, and as a registered Waste Collector and Carrier under document № 12-РД-1018-00/27.03.2013 issued by the Regional Inspectorate of Environment and Waters – Sofia.

We apply our Personal Data Protection Policy to data collected from you through paper forms completed at our regional representation offices in person by you or a representative of ours, or via email communication or by concluding a contract, or through any other personal data collection methods permitted by law, as well as to data collected in the Internet space through our website nordholding.bg .

This Privacy Statement aims to inform you about the practices we employ to protect your personal data, and about the rights you have with regard to the personal data collected about you via our website and/or by us using any of the other above-mentioned methods.

In case of objections, please do not use this website and do not disclose any personal details to us or the representatives in our offices, neither in person nor by mail or phone.

General Information

Nord Holding AD, UIC: 200376038 carries out waste collection, transportation, and trade activities as defined in the Waste Management Act, including other waste management-related activities not prohibited by law.

When collecting and processing your personal data, our company complies with a number of laws and regulations which stipulate how these activities should be carried out, for what purposes, and what safeguards for personal data protection should be applied.

Regulations shall include but not be limited to the General Regulation on Data Protection (Regulation (EU) 679/2016), the Law on Personal Data Protection, as well as any bylaws based on them.

1. What personal information do we collect from you?

Nord Holding collects data from you, which are explicitly referred to in the law, or which are necessary for the conclusion of a contract with you.

If we have to collect personal data from you which are not explicitly referred to in the law as mandatory, but our company deems them necessary for the protection of our mutual interests, we will inform you in a clear and transparent manner.

2. Video surveillance

Video surveillance shall be carried out on our sites. Video surveillance is required by the presence of a legitimate interest of our Company, for the purpose of protecting our sites and assets. We have taken the necessary technical and organizational measures to protect your privacy, so that all personal records be stored and destroyed in compliance with the respective legal requirements and our internal instructions which are in accordance with the legislation.

3. Cookies and other passive technologies

The company uses ‘cookies’ and other tracking technologies that collect information from you when you interact with our site. Detailed information about what cookies are and how they function can be found in the ‘Cookie Policy’ section of our website. Please be informed that you can always cancel tracing through cookies by blocking them in your browser settings.

4. Data collected from other sources

We may collect information about you from other lawful sources so that we can provide you with quality services. Such sources are information from our partners (in the event of your consent), or any publicly available information.

This information includes:

  • your contact details;
  • any publicly accessible information such as details of the persons representing your organization.

Other publicly accessible information is collected by us only after we have received an explicit declaration from the person sharing it with us regarding their consent that such information might be shared with us.

When we contact you, we will inform you where we have your personal data from in the event that we have not gathered them personally from you.

5. Why do we collect personal data
and what do we use them for?

You decide whether and how to use the services that our company provides as a collector, carrier, or trader in waste as per the WMA (Waste Management Act). The forms through which we collect your personal data clearly specify whether provision of the data is mandatory or voluntary.

Without the mandatory data, we would be unable to provide the respective service in full or partially, i.e. these are the minimum data required under the regulations governing our activities.

A) Use of our services is possible upon provision of the minimum personal data required under the Waste Management Act and the industry-specific bylaws. These data are your full name and permanent residence address as they appear on your identity card. Although these are the minimum data required by the Bulgarian legislation, the Company also requires your personal identification number (PIN) and phone number and/or e-mail address. Providing us with your PIN guarantees your truthful identification, which is entirely in your interest as a user of our services. We collect your contact details in order to contact you more easily in future should the need arise, as a partner of yours, and to keep you informed in case of significant changes affecting the market, prices, and conditions of the services offered, which we believe is of mutual interest.

B) All workers and employees of Nord Holding have entered into an employment relationship with the Company voluntarily. An employment contract with the Company can be signed upon presenting the minimum set of documents required under the Labour Law of the Republic of Bulgaria, namely:

  • a CV accompanied by a cover letter;
  • an identity document (returned to the applicant immediately);
  • a document/documents proving the acquisition of academic degrees, specializations, qualifications, competences, scientific titles or scientific degrees, where such is required for the position or the work applied for;
  • a document/documents certifying the relevant professional experience obtained when such is required for the position or work applied for;
  • a medical examination report prior to employment and upon termination of employment under an employment relationship lasting over three months;
  • a certificate of criminal records, when certification of criminal records is required by law.

6. Your consent and our legitimate interest

Unless we collect personal data on the basis of a law, contract, legitimate interest, or to protect your vital interest, we will request your consent. We will use your personal data only after you have given us your explicit consent to do so, and only for the specific purpose it has been given. You have the right to withdraw your consent if you decide so at a later stage.

When we must collect personal information because of our legitimate interest or for the purpose of protecting your vital interest, you will be informed in a timely manner thereof, and your rights under the law will be explained to you.

You have the right to raise an objection against our collecting your personal data if you think that we do not have a legitimate interest to do so. We will take additional measures and provide you with additional information and our motives within maximum one month from the date of your request.

7. Disclosure of your data to third parties

The company discloses your personal data:

  • only to public authorities, institutions and persons to whom we are obliged to provide personal data under the law;
  • to persons subcontracted to maintain equipment, software and hardware used for personal data processing and necessary for building the company’s network, and to persons performing various services which support our main business activity.

The Company shall take measures and shall undertake that all abovementioned persons apply the same level of protection to your personal data as our employees, and comply with the Company’s personal data protection policy.

8. Security measures

The company collects, processes, and stores personal data in compliance with all legal requirements by applying adequate technical and organizational security measures. With the aim of maximum security when processing, transferring and storing personal data, we use, if and when needed, additional data protection mechanisms such as encryption, pseudonymisation, and others.

9. Time limits applying to the personal data stored

The Company stores your personal data for the period laid down by law, depending on the purpose of their collection.

In the absence of a legal deadline, the Company accepts to keep your personal data for a reasonable time determined on the basis of additional criteria. The latter are consistent with our desire to provide you with high-quality services and healthy partnership relationships.

We strive to ensure that we store your personal data in such a way that minimum action on your part is necessary for the repeated provision of personal data. When the personal data that we collect are no longer required for the objectives stated, we delete them or destroy them in an appropriate manner.

10. Your right of access to information and receipt of information

You have the right to request access to your personal data at any time.

You have the right to know what data about you we process, what we use them for, and how we store them.

Send us an access request in order to exert your right of access.

In rare circumstances when, due to extreme situations or technical limitations, we are unable to provide access to your personal data for a maximum period of a month, we will provide you with the reasons for not complying with your request.

11. Your rights of correction

Furthermore, you have the right to ask the Company to correct any inaccuracies found in your personal data.

Requests for access to or update of personal data can be sent to the following postal address: Sofia 1220, 1 Elov Dol Street, or electronically to sec-01@nordholding.bg .

12. Your other rights

Beyond the above rights concerning your personal data, you have the right to:

  • ask that your personal data be deleted;
  • ask that a limitation be imposed on processing your personal data for a specified period of time;
  • object to your personal data being processed;
  • request portability of the data.

The rights listed depend on the specific reason why we process your personal data. In some cases we are obliged to store your personal data by law, so we will be unable to delete your personal data from our systems.

In the event of any questions, you may turn to our employees who:

  • will assist you in exercising your rights;
  • will inform you in detail about every single right of yours.

We always strive to fulfil our clients‘ requests, if legitimate and reasonable, and respond to them within the statutory time limit. In rare cases, we may have to extend this period, but it should not be beyond the maximum acceptable period allowed by law.

13. The right of appeal

In the event that you believe your rights have been violated, you may contact us to have the matter investigated. Reports may be sent to our postal address: Sofia 1220, 1 Elov Dol Street, or by e-mail to sec-01@nordholding.bg

Also, you have the right to submit a complaint to the Personal Data Protection Commission at the following address: Sofia 1592, 2 Prof. Tsvetan Lazarov Blvd., Information and Contact Centre, telephone number 02/91-53-518.

14. Update

This statement shall be revised and updated by us regularly to make sure that we are as clear, precise, and transparent as possible, and that any newly occurring changes have been reflected therein.

Last updated: May 2022