Privacy Policy (GDPR)

This Privacy Policy (hereinafter referred to as the “Privacy Policy” or just the “Policy”) relates to the personal data that Innovation Starter Box Ltd., registered in the Commercial Register and the Register of Non-profit Legal Entities with Unified Identification Number 202912458, with a seat in Sofia and registered address at: 2 Apostol Karamitev Street, Entr. A, Floor 6, App. 24 (hereinafter referred to as “Innovation Starter Box Ltd.”), collects for you in order to provide you with the services (hereinafter the “Services”) in accordance with its object of business through the website https://newday.bg/.

  1. This Policy covers all related subpages and functionality of the https://newday.bg/ website.
  2. This Policy does not apply to the collection of information through channels, other than the https://newday.bg/ website.
  3. By using our website, you consent to the collection, use and disclosure of your information as set forth below in this Policy.
  4. If you do not agree to the terms in this Privacy Policy, you should immediately discontinue using the https://newday.bg/ website.

The Privacy Policy covers the processing and protection of personal data in accordance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council from 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the “Regulation”). In collecting your personal data, we are subject to a number of legal rules which prescribe how these activities are to be carried out, for what purposes and what safeguards for the protection of personal data are to be applied.

ETHICAL PRINCIPLES IN DATA PROCESSING

We understand the importance of privacy and are committed to earning the trust of our customers by adopting high standards for the protection of personal information. Our policies describe the types of personal information we collect and receive, the circumstances under which we collect or receive personal information, the policies and procedures we have established outlining its use and retention, and the sharing of certain types of personal information in certain limited circumstances, the procedures you should follow, if you have any questions or queries regarding your personal information or our policies and procedures, and details of the person to whom such questions or queries should be directed and details of the person to whom such questions or requests should be directed and the means by which to communicate with that person. We endeavour to process your personal data lawfully, fairly and transparently; for the purpose for which we collected it; in the minimum amount necessary and while maintaining its accuracy and timeliness; for specified periods of time depending on the purpose of the specific processing activity; and by applying appropriate technical and organisational security measures, consistent with the level of risk to your rights and freedoms.

  • Below you will find information:
  • about the person responsible for processing your data;
  • what categories of personal data we process;
  • under what conditions we process the data;
  • the purposes and legal grounds for the processing;
  • storage periods and data security measures;
  • how to exercise your rights under the GDPR;
  • and in which cases and how we share your data with third parties.

RESPONSIBLE ORGANISATIONS

For the purposes of the GDPR, the Responsible Entity is: Innovation Starter Box Ltd., represented by Leona Aslanova, in her capacity as Managing Director. For questions related to data protection, you can contact the company’s director by email via:

Leona Yurieva Aslanova, Managing Dirctor of Innovative Starter Box Ltd, contact telephone number: +359 88 222 41 23, e-mail: leona@innovationstarterbox.bg, address: Sofia, No. 2 Apostol Karamitev Street, Entr. A, Floor 6, App. 24.

DEFINITIONS

“Our Website” and “Innovation Starter Box Website” refer to https://newday.bg/ (including any and all subpages).

WHAT TYPES OF INFORMATION AND DATA WE COLLECT

  • Contact information: first name, last name, email address, phone number, company/institution, location, gender, age in case you subscribe to the paid version of the news on Our Website.
  • Payment information: credit/debit card number, IBAN and any other information contained in invoices issued by Innovation Starter Box Ltd. and payments thereon, in case you become a Subscriber/Customer of our product or service.
  • Information about the use of the Website: you can learn more on the information about your interaction with the site, as well as the settings and its management below in this Policy, namely in the Use of Cookies section.
  • When you visit Our Website, our server temporarily records details of your access in its logs. These log files contain the following data and are stored until they are automatically deleted:
  • The IP address of the requesting computer;
  • The date and time of your request;
  • The requested URL;
  • The amount of data transferred in response;
  • Whether or not the request was successfully processed;
  • Identifying details of the browser and operating system you are using;
  • The referring website from which you submitted the request;
  • The name of your internet service provider;
  • The purpose of recording this data is to enable you to consume the website (by establishing a TCP/IP connection), to provide our servers, the technical administration to our infrastructure, and the optimisation of our services;
  • Your IP address would only be analysed in case of unauthorized access or attacks to our infrastructure.

No additional information is required from you to access Our Website.

WAYS OF COLLECTING INFORMATION

  • Information you provide in case you subscribe to the paid version of our website and/or in case you send an email to our email addresses indicated on the Website;
  • Automatic collection of information through cookies, in accordance with the law currently in force (we use tracking technologies such as cookies to collect information about you, on an anonymous basis);
  • From third parties, such as social networks, advertising and analytics service providers.

WHY DO WE COLLECT YOUR DATA?

  • In case you give your explicit consent, your data will be used to provide you with information about news related to our activities, promotions and other interesting information related to our services, including the terms of subscription to the Website.
  • We use information to respond to your enquiries. We will use the information to provide the services you have requested or to respond to your question, recommendation, complaint.
  • We use information to improve the Website and services. We may use your information to improve the services we offer.
  • We use information to analyse the effectiveness of the site. We may process your information on an anonymous basis to improve site performance.
  • We use information for marketing purposes. We may send you information about new services and offers. If you subscribe to the paid version of Our Website, you will receive our promotional emails.
  • Before we start marketing activity, we obtain your consent according to the law currently in force. Below you can read more about your consent and how you can control it.
  • We use information to communicate with you. We may contact you regarding your enquiry.
  • We also use information in other ways permitted under applicable law.

WHAT MEASURES DO WE TAKE TO PROTECT THE COLLECTED DATA?

To ensure the protection of your data, we have put in place technical and organisational measures that comply with the GDPR and require the same from the third party service providers we use.
Where we use third parties to provide services, for example email and infrastructure service providers, access to information is only granted to third parties after a detailed review of the documentation and whether they meet the requirements of the GDPR. This review carefully examines the competence of each third party as well as the technical and organisational measures for data protection. The results of this review are recorded in writing and a data processing agreement that complies with Article 28 of the GDPR is executed with the third party.
Your data is only stored on secure servers accessible only by authorised personnel. When you use a form on our website to submit data to us, this transmission is only made via an encrypted TLS connection.

ACCESS TO DATA BY THIRD COUNTRY SERVICE PROVIDERS IN COUNTRIES OUTSIDE THE EUROPEAN UNION

In order to provide our services, we use the services of third parties located outside the European Economic Area. In order to protect your personal data in this case, we have signed special data processing agreements with these service providers that include guaranteed protection measures.

USE OF COOKIES

In addition to the data listed above, cookies will be stored on your computer when you use Our Website. “Cookies” are small pieces of textual data stored on your hard drive by your web browser through which Innovation Starter Box Ltd., by determining the contents of the cookie, can collect certain information about you. Cookies cannot execute code or transfer viruses to your computer. We use them to anonymously or pseudo-anonymously analyse website usage and to provide you with better services.

This Website uses the following types of cookies, the scope and functionality of which are detailed in the following two paragraphs:

  • Temporary (session) cookies are automatically deleted when you close your browser. They are especially used as session cookies. They save a so-called “session ID”, which is used to link subsequent requests made by your browser to each other. This enables your computer’s recognition when you return to Our Website. These session cookies are deleted when you log out or close your browser.
  • Persistent cookies are deleted only after a predefined duration, which may be different for each cookie. You can delete these persistent cookies at any time through the “Settings” configuration of your browser. We inform you that if you do so, not all functionalities of this Website will be accessible.


The placement of cookies on your computer can be prevented by the appropriate settings on your internet browser. Pre-set cookies can also be deleted via your browser settings. Please be advised that preventing cookies from being placed on your computer may mean that not all features of Our Website are available without restriction.

WEBSITE REGISTRATION/SUBSCRIPTION

The data subject may register on the Website. In order for this to take place, the data subject is required to enter their data in a registration form. The data we require for registration on the Website in connection with a paid annual subscription will be used solely for the purposes of registration and will not be passed on to third parties, unless Innovation Starter Box Ltd. has a legitimate reason to do so. In the course of registering on Our Website, your IP address, date and time of access will be logged to prevent possible misuse. During, or after registration, the data subject is free to modify their personal data. It is also possible for the data subject to cancel their registration completely so that all personal data is deleted.

Facebook
Innovation Starter Box Ltd. has integrated Facebook into the present Website.
The organisation responsible for Facebook is:
Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States.
Where the data subject resides outside the USA or Canada, and Facebook undertakes processing of personal data of the aforementioned data subject, the responsible organization is:
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

When the User of the https://newday.bg/ website clicks on the Facebook button, the person will make contact with the Facebook website and the acquisition and processing of personal data will no longer be carried out by the https://newday.bg/ website, but by Facebook. In this way, Facebook will receive information that the respective user has visited the https://newday.bg/ website. More details about the types of plug-in that Facebook uses can be found at https://developers.facebook.com/docs/plugins.
If the user is logged into a Facebook profile/account (even if it is not his/her personal profile/account) and at the same time accesses the https://newday.bg/ website, Facebook will additionally receive notification that the respective user has visited the https://newday.bg/ website. Facebook collects this information and it is theoretically possible to link it to the respective account. The same also applies to the “Like” button or the use of the Facebook comment form; Facebook can link this information to the Facebook account to which the respective User is logged into.
To prevent this, you can log out of the respective Facebook account before visiting the website of Innovation Starter Box Ltd. You can do this by visiting the Facebook website first. For more information about Facebook’s processing of personal data, please see: https://facebook.com/about/privacy.

LinkedIn
Innovation Starter Box Ltd. has integrated LinkedIn into the current Website.
The organisation responsible for LinkedIn is:
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
If a user is logged into a LinkedIn profile/account (even if it is not his/her personal profile/account), and at the same time accesses the website https://newday.bg/, LinkedIn will additionally receive a notification that the respective user has visited the Innovation Starter Box Ltd. website. LinkedIn collects this information and it is theoretically possible to link it to the respective account.
To prevent this, you can log out of the respective LinkedIn account before visiting the Innovation Starter Box Ltd. website. You can do this by visiting the LinkedIn website first.
For more information relating to data processing and LinkedIn, please see: https://www.linkedin.com/legal/privacy-policy.

The references to the Facebook and Linkedin websites published in this paragraph have been verified and are valid as of the date of adoption of this Policy, namely as of 1 January 2025.

AMENDMENTS TO THIS PRIVACY POLICY

Innovation Starter Box Ltd. reserves the right to update this Privacy Policy without notice. Any amendments are effective when an updated Policy is posted on our Website. We encourage you to check the Privacy Policy regularly. We may provide you with notices of amendments to this Privacy Policy, if you are a registered user.

DELETING PERSONAL DATA

Innovation Starter Box Ltd. only stores and processes personal data for as long as it is necessary. When the purpose of the data processing has been fulfilled, your personal data will be deleted in accordance with our data retention policy unless we are legally obliged to retain it.

LEGAL BASIS FOR PROCESSING PERSONAL DATA

In order to process personal data, there must be an underlying legal basis for that. A number of permitted legal grounds for processing are listed in Article 6 of the GDPR.
One of the grounds for processing personal data is Article 6(1)(a) GDPR, which is the data subject’s freely given consent to do so. This consent is related to a specific purpose. A second ground for processing personal data is to fulfil the requirements of a contract as set out in Article 6(1)(b) GDPR. However, this clause must be understood as involving the initiation of a commercial relationship with the relevant data processing. This ground applies to Innovation Starter Box Ltd. in case the user uses our contact form. Article 6(1) GDPR allows the processing of personal data where there is a legal requirement to do so. It is also possible to process personal data on the basis of Article 6(1)(f) GDPR. This is the so-called ‘legitimate interests’ ground, which is interpreted with reference to recital 47 of the GDPR.

YOU HAVE THE RIGHT TO WITHDRAW YOUR CONSENT

  • You can opt-out of receiving marketing emails. To stop receiving our promotional emails, you may unsubscribe from the newsletter in any promotional communication you receive from us. Even if you unsubscribe from promotional messages, you may still receive messages in connection with transactions, including responses to your enquiries.
  • You can manage cookies and tracking technologies. To learn how to manage cookies and other similar tools, please review this Privacy Policy under the Using Cookies section.
  • You can control the tools on your mobile devices. You can turn off location or push notifications from the mobile device you are using. These settings depend on the type of device that you use.

RIGHTS OF DATA SUBJECTS UNDER THE GDPR

Under the provisions of the GDPR, you, as data subjects, have the following rights:

  • Right of access to your personal data – in exercising this right, you have the opportunity to obtain confirmation from us as to whether personal data about you is being processed and, if this is the case, you have the right to access your personal data and information.
  • Right to rectification of personal data – in exercising this right you have the right to correct/rectify the personal data we process about, you if it is inaccurate;
  • Right to erasure of personal data (‘right to be forgotten’) – in exercising this right, you have the right to request and obtain the erasure of your personal data, if it has been processed unlawfully or you have withdrawn your consent (if the processing of personal data is based on consent), as well as under the existence of certain other legal prerequisites;
  • Right to restrict processing – if you doubt the accuracy of your personal data or have objected to our legitimate purpose for processing your personal data, or in other circumstances, you have the right to request that we restrict the processing of your personal data until a solution is found.
  • Right to object to processing – in exercising this right, you may object to the processing of your personal data on grounds relating to your particular situation, if certain circumstances apply, such as if you doubt our legitimate interest in processing your personal data;
  • Right to data portability – in exercising this right, you have the option to request that we provide your personal data in a machine-readable format for transfer to another data controller, if it is processed by automated means under your consent or for the performance of our contractual relationship;
  • The right to lodge a complaint with a supervisory authority.

STANDARD SECURITY MEASURES

  • Users under 18 years of age. This Website is intended for adults only. We do not intend to collect personally identifiable information about persons under the age of 18 without the permission of their parent or guardian. It is important for us to take extra precautions to protect and keep children safe. For this reason, persons under the age of 18 may not subscribe to the paid version of the Website without the express consent of their parent/guardian. We will delete any account that is created by a person under the age of 18 without the permission of a parent/guardian as soon as we are informed of it. If you are under 18, please do not send or post any information about yourself, including, but not limited to, name, address, telephone number, email address, etc.
  • SSL certificate: your information is encrypted using the Website’s SSL certificate. However, we cannot guarantee that your use of the Website will be completely secure. Any transmission of data by you to Our Website is at your own risk.
  • Links to third-party websites. We are not responsible for third party websites to which we link, or for their policies. If you click a link to a third-party website, please read the privacy policy of this other website carefully and choose, whether or not to continue using it.
  • Data retention: we keep information, according to legal regulations, for the period necessary to carry out the activities described in this Privacy Policy.

HOW CAN YOU CONTACT THE COMPETENT SUPERVISORY AUTHORITY?

Notwithstanding the above, you have the right to contact the Commission for the Protection of Personal Data (“CPPD”) in case of complaints:

  • in person, at the following address: Sofia 1592, No. 2 Prof. Tsvetan Lazarov Boulevard;
  • by letter, at the following address: Sofia 1592, No. 2 Prof. Tsvetan Lazarov Boulevard;
  • by fax: 02/9153525;
  • by CPPD’s email address: kzld@cpdp.bg;
  • through the website of the CPPD at: https://www.cpdp.bg/.

If you have any questions about our Privacy Policy or wish to make a request and exercise rights regarding your personal data, please contact the Data Protection Officer:

Innovation Starter Box Ltd. – Leona Aslanova,
Tel.: +359 88 222 41 23,
e-mail: leona@innovationstarterbox.bg

Effective from 1 January 2025.