Privacy

PRIVACY POLICY

This privacy policy has been compiled to better serve those who are concerned with how their Personal Data or 'Personally Identifiable Information' (PII) is being used online. Personal data is any information, which can identify you as a person directly or indirectly, according to the definitions of the European data protection legislation. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of what Personal data we collect, why we collect it, what we do with it and what rights you have in protecting your privacy, as well as how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.


This Privacy Policy applies to your Personal Data when you visit www.11.me or send us information through gust.com, f6x.com, email, skype or through another channel. By using any of these channels you agree to have read and understood this Privacy Policy.

WHO WE ARE

The company, administrating personal data is Eleven Bulgaria Ltd., represented by its managers Daniel Tomov and Ivaylo Simov.
Please, address all issues, connected with your personal data, as follows:
address: Sofia, Bulgaria, 37 Benkovski Str., 1st floor.
email: [email protected]

PERSONAL DATA WE COLLECT AND HOW WE USE IT

We take your right to privacy seriously and work continuously to keep the data we process minimized. Nevertheless, in order to be able to develop our network effectively in your favour, we need to process some personal data. We are unable to include you in our network and keep our engagements towards you unless we process some of your personal data as described herein.


We may process your personal data for the following purposes:

  1. Names, birth date, education, qualifications, work experience, skills, place of project development as well as any other information, which our candidates may choose to include in their CV or accompanying documentation, such as diplomas, certificates, videos, pictures, etc. - this information is necessary for the evaluation of your project, providing our input and finding appropriate funding.
  2. Email addresses, phone number, skype ID, Google + ID of our candidates – these are necessary for keeping in touch with them and for providing feedback, support, news and notifications on the development and funding of their projects.
  3. Names, email addresses and phone numbers of our mentors, investors and partners – these are necessary for keeping in touch with them and providing them with news and notifications on the projects, which they are involved in or may be interested in. All such notifications shall be strictly associated to project-related activities. We shall not be using your contacts to promote third part products or services.

As you are well aware, evaluation, developing, supporting and financing a project as well as developing the perfect network and environment is a time-consuming process, so we shall keep your data for a period of ten years.

METHOD OF COLLECTION

We shall not use any personal data, unless it has been voluntarily provided, entered or uploaded by you personally. Our candidates are not allowed to enter third party personal data, including sign up a third party (partners, mentors, advisors, employees, etc.), without due authorization by such third party. It is the candidates’ sole responsibility to provide and guarantee that the processing personal data activities performed and the provision of third party personal data are compliant with the requirements of the applicable data protection legislation.

HOW WE PROTECT YOUR INFORMATION

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential and that they are properly trained and authorised. We also take appropriate technical and organisational measures to protect your personal data against loss or other forms of unlawful processing.

SUBPROCESSORS

For providing effective communication we engage from time to time third party service providers - processors, carefully selected according to their capacity for personal data protection and processing in compliance with applicable data protection legislation. None of our processors has the right to use your personal information beyond what is necessary to assist us in making our work possible. When we cooperate with third parties and they process your personal data on our behalf, we make sure your personal data is being handled with the same integrity and security as we do. Some of our service providers are base out of the EU and more specifically in the USA, but we have made sure that they are compliant with the EU-U.S. and Swiss-U.S. Privacy Shield Framework. European Commission has deemed the EU-U.S. Privacy Shield Framework adequate to enable data transfers to USA under EU law. For communication purposes we use the platforms of MailChimp and Pipedrive. For structuring project information, we use the platforms of Gust and F6X. For email exchange and document storage we use the platform of Google. We may replace our processors from time to time following above rules of strict selection. Updated information about the list of current processors may be found at all times in our Privacy policy and we may inform you about such updates via our newsletters.

INFORMATION WE SHARE

We do not share personal information with companies, organizations and individuals unless one of the following circumstances applies:

  1. At your instructions – as we are entrusted with the development and funding of projects, candidates contacts, such as names, phone number and email address may be provided to the respective mentors and investors, who may contribute.
  2. For making some services possible – to third party processors, as described above.
  3. For legal reasons - we will share personal information, if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
    1. meet any applicable law, regulation, legal process or enforceable governmental request.
    2. including investigation of potential violations.
    3. detect, prevent, or otherwise address fraud, security or technical issues.
    4. protect against harm to the rights, property or safety of our team, company or affiliates, as required or permitted by law.

We may share non-personally identifiable information publicly and with our partners. For example, we may share information publicly to show trends about the general development of our activities.


We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information.

MINORS

We allow our network to be used only by persons aged 18 and over. If we obtain actual knowledge that we have collected personal data from a person under the age of 18, we will promptly delete it, unless we are legally obligated to retain such data. Please, contact us, if you believe that we have mistakenly or unintentionally collected information from a person under the age of 18.

YOUR RIGHTS

You have the right to request a copy of your personal details at any time, to check the accuracy of the information held and/or to correct or update this information. You may ask your personal information to be deleted completely, if no enquiry from you is in progress. You also have the right to complain when your personal data protection rights have been violated. We will make commercially reasonable efforts to provide you with reasonable access to any of your personal information we maintain or correct it within 30 days as of receipt of your request. We will comply with your instructions for deletion of personal data as soon as reasonably practicable and within a maximum period of 30 days, unless EU or Bulgarian law requires further storage. Please, note that we may keep that information for legitimate business or legal purposes or be required (including by contract or GDPR) to keep certain of information and not delete it (or to keep this information for a certain time, in which case we will comply with the deletion request only after we have fulfilled such requirements). Please, note that after deleting your information, you shall not be able to use our network any more.


If you wish to access, delete (when applicable) or correct your personal information please, address your requests and complaints to: Sofia, Bulgaria, 37 Benkovski Str., 1st floor or [email protected] Please state clearly in the subject that your request concerns a privacy matter, and more specifically whether it is a request to access, correction, deletion or else. Bear in mind that we may ask for additional information to determine your identity.


We may reject requests that are unreasonably repetitive, require disproportionate technical effort, risk the privacy of others, or would be extremely. Where we can provide information access and correction, we will do so for free, except where it would require a disproportionate effort.

SUPERVISORY AUTHORITY

If you think we have infringed your privacy rights, you can lodge a complaint with the supervisory authority of Bulgaria, which is the Commission for personal data protection. More information can be found at: www.cpdp.bg
You can also lodge your complaint in particular in the country where you live, your place of work or place where you believe we infringed your right(s).

US REGULATIONS

California Online Privacy Protection Act
CalOPPA is the first state law in the USA to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. - See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf


COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online. We do not specifically target children under the age of 13 years old, as stated above.


Fair Information Practices The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. We collect your email address in order to send required information, respond to inquiries, and/or other requests or questions.
If at any time you would like to unsubscribe from receiving future emails, you can email us at [email protected] and we will promptly remove you from correspondence, when applicable.