Terms and conditions
Personal Data Protection Policy
Although CMDR COE is an international organization, accredited by NATO North Atlantic Council and as such the Center does not follow automatically the orders of the EU General Data Protection Regulation (EUGDPR), we respect the principles and requirements of EUGDPR in order to guarantee the better protection and privacy of personal data while establishing Personal Data Protection Policy.
Personal data protection policy is a set of principles and regulations to ensure the legal protection of the citizens’ personal data. These regulations provide opportunity for the citizens to have more rights, as the right for receiving information if and when the personal data is worked out, the categories of personal data, the data information transferred to other companies and third parties, the right for data access, the right “to be forgotten”, etc.
Current policy is on effect upon 25 May 2018. It is going to be updated periodically as and when appropriate on this website.
If you agree to be registered in the CMDR Community of Interest (COI) you will be able to operate personally your data and to decide what information to be publically shared. In case you decide not to participate in the COI any more, you will be able to close your profile and then all your personal data will be deleted form the site and server where it has been stored by that time.
Administrators: Ivelina Ivanova, e-mail: firstname.lastname@example.org; Orlin Nikolov, e-mail: email@example.com
What data do we collect and operate with?
The data we collect during registration for events is necessary for the provision of products and services, developed by CMDR COE, as well as for the establishment and maintenance of the CMDR Community of Interest.
The data collected from all users is employed to achieve improved quality and security of our services as well as to avoid mischievous activities, for example – to avoid misappropriation of somebody’s personality, to protect from hackers’ attacks, etc.
What is the data collected for all users?
In the website the CMDR COE maintains, the information about all the users we collect and store includes:
- E-mail addresses.
- Position occupied.
- Telephone number.
- Information submitted by the user in order to be recognizable by the community. In this case the user will be provided with a user name and a password, changeable whenever decided. We recommend the password to be changed every three months.
We collect your personal data each time you use our services or when you are in contact with us by telephone, e-mail and all contemporary communication means.
Who is given access to your personal data?
Data collected and stored when using our website is not provided to other entities or companies, except for in case it is necessary for our subcontractors that are obligated to follow high levels of security and privacy. However, even in such situation, their personnel work under our monitoring and control.
We can provide some legal information when its access, use, storage and disclosure is legally required by state authorities or entities that are authorized by law to require and collect information containing personal data, following the normative regulations or when such information has been disclosed to competent authorities in order to maintain the legal interests of CMDR COE or other users in case of legal dispute.
Is it possible for third parties to gain access to your data?
The data you provide is not shared with third parties.
How do we protect your data?
Access to information which can identify you is limited to employees of CMDR COE, and is physically, electronically and procedurally refined to the level needed for them to be able to fulfill their engagements.
We crypt many of our services via SSL. An overview of our practices for collecting, storing and processing information, including physical security measures, is carried out to prevent unauthorized access to the systems. This, however, is not always sufficient to deter malicious attacks and crashes.
How long do we retain the data?
For registered users, data is retained from the registration until its expiration or within the timeframe required to protect CMDR COE and our other users against legitimate claims, as well as in order to be able to respond to legitimate queries from the competent authorities or until the user decides to terminate his/her participation in the Community of Interest.
Data and activities are retained for all users for the amount of time required to ensure the functionality and security of the services provided.
All our events require registration. Should you wish to participate, yet you do not wish to be part of the Community of Interest, your data will be automatically deleted by the system within 60 days of completing the event.
What are your rights regarding the data we process?
We are obligated to provide access to our own personal data on request. Once you have contacted us, it may be necessary to clarify additional facts to ensure that the data is truly provided to you.
If a correction is required, the order for correcting the data entered during registration is described in the account menu. If the available options are not sufficient , you can contact us.
The deletion of personal data is made under the following hypotheses:
Personal data is no longer necessary for the purposes it was collected or otherwise processed.
You withdraw your consent on which the processing of the data is based and there is no other legal basis for the processing - for example, you decide to delete your registration account. Then all data related to you is hidden, and after the expiry of the retention period, is completely
deleted from our systems.
You object to the data processing and there are no legitimate grounds for processing that can overrule the case.
Personal data has been tampered with.
Personal data must be deleted to comply with a legal obligation.
You have the right to receive the personal data concerning you which you have provided to us in a structured, widely used and machine readable format and you have the right to transfer this data to another administrator when the processing is based on consent or a contractual obligation and processing is done in an automated manner.
If you raise an objection to the processing of your personal data, we are obliged to terminate the processing, which will result in the failure to provide some of our services. The only basis on which we can proceed is for the purpose of establishing, exercising or protecting legal claims. In case of objection to the processing of personal data for the purposes of direct marketing, the processing is terminated immediately.
You have the right to refuse to be subject of profiling which has legal consequences for you or in a similar way affects you considerably. If we offer a service that you believe falls within this category, you will be asked in an appropriate way so that you can accept or decline it.
If you believe that your personal data protection rights have been violated, you have the right to appeal to the national supervisory authority or to seek legal protection before the relevant competent national court.