PRIVACY POLICY FOR PERSONAL DATA OF Finsoft Solutions Limited

What is the purpose of this document?
For Finsoft Solutions Limited, the protection of your privacy and the security of your personal data are a top priority.
We guarantee a maximum protection level for your personal data.
It is important to read this policy carefully to understand how and why we use your personal information.
This privacy policy has been developed and is based on the Bulgarian legislation on data protection and is in line with the General Data Protection Regulation (Regulation 2016/679 of 27.04.2016), the GDPR.
The privacy policy will explain to you what personal data we collect, process, and store, for what purposes we use it and what are your rights, as a subject of personal data.
It applies to you if you are an individual or representative of a legal entity that is a customer or supplier of Finsoft Solutions Limited, and/or has registration on: https://bizwise.pro/.
All amendments and additions to the Privacy Policy will be applied only after we have posted the actual content available through our website: www.bizwis.pro

Who are we?
Finsoft Solutions Limited is an education company, registered in the Commercial Register at the HK.
Finsoft Solutions Limited is an administrator of personal data under the Law on Personal Data Protection Act (PDPA). This means that we collect, process, and store your personal data under the terms of this Privacy Policy.

I. Principles of data protection
We comply with the data protection legislation according to which personal data must:
1. be processed in a lawful, conscientious, and transparent manner;
2. to collect only for valid purposes that we have clearly explained and not to be used in any other way that is incompatible with these purposes;
3. be appropriate, relevant, and not exceeding the necessity of the purposes we have indicated;
4. be accurate and up-to-date;
5. be stored within a time limit not longer than it is necessary for the purposes we have specified;
6. be properly protected.

II. What information do we have for you?
“Personal data” or “personal information” means any information about an individual through which that person is or may be identified.
There are special categories of more sensitive personal data that require a higher level of protection.
We will collect, store, and use the following categories of personal data for you:

1.      Name, passport number, address, phone number, and email address to contact you or a contact person you specify;

2.      data from contact forms on our website;

3.       information and other data you provide to us when you voluntarily participate in our research or other feedback you provide us about the purchased and used products and services or about your preferences for the products and/or services we provide you;

4.      address when visiting our website.

Please be aware that the type of data processed cannot be fully determined in advance.

III. How do we collect your personal information?
We collect your personal data in a variety of ways and through different channels selected by you:

1  by telephone, email, or otherwise, using our contact details;

2. by filling in paper forms or online when they are needed in connection with the service you want;

3.  otherwise defined as appropriate for the specific case;

We will use your personal data only when permitted by law. Most often we will use your personal data for the following reasons:
1. for concluding and implementing our contract with you;
2. to comply with a legal obligation;

3. when it is necessary to protect our legitimate interests;
4. when it is necessary to protect your legitimate interests;

V. Purposes, for which we will use your personal data:
We will use the categories of personal data listed above, mainly to fulfill our contractual obligations with you and to comply with legal obligations.

The situations in which we process your personal data include:

–         implementing and developing our business in accordance with your legal interests;

–        Providing documentation and messages you have requested;

–        providing quality products and services, which depend on the quality and completeness of the information you provide, including personal data;

–        sending messages about our products and services and their delivery;

–        evaluating, improving, and developing our products and services to get the best possible quality service;

–        protection against fraud and other threats;

–        for direct marketing purposes;

Finsoft Solutions Limited may process your personal data or data of individuals related to your business to provide you with information about products, services, and offers that may be of interest to you or your business. We can send marketing messages by mail, e-mail, phone or text message. The personal data we process for this purpose consists of information you provide to us and data we collect and/or analyze when you use our services. We may use your personal data to promote our products and services only if we have your explicit consent to do so or when you are a customer of Finsoft Solutions Limited  within the specified legitimate interest. You have the right to object at any time to the processing of your personal data for marketing purposes by contacting us and requesting it to be stopped. If you request it, Finsoft Solutions Limited will continue to use your contact information only to provide you with important information related to the contractual obligations. We also inform you that if the Company has processed personal data based on your explicit consent, you should bear in mind that such processing carried out prior to its withdrawal is lawful.
For some of the activities listed above, we may have more than one legal basis for processing your personal information.
By providing your personal information, you should keep in mind that the Company does not sell or provide your personal data to third parties unless your or our legitimate interests or obligations require such disclosure.
In our practice, we do not use the available personal data for automated decision-making designed to assess the personal characteristics of individuals, including profiling.

VI. No provision of the personal data we require
No provision of personal information requested by us may prevent us from drafting a contract with you and delaying/impossibility to perform the service or deliver the product.
VII. Change of purpose
We will only use your personal data for the purposes for which we have collected it unless we reasonably believe that we should use it for any other reason, and that reason is compatible with the original purpose. If we need to use your personal information for another purpose, we will let you know and we will explain to you what the legal basis for this use is.

VIII. How will we use sensitive personal data?
We don’t collect nor process sensitive personal data, such as data concerning racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data, data concerning health, or data concerning a natural person's sexual orientation.

IX. Do we need your explicit consent?
We have no legal obligation to obtain your consent when processing personal data to fulfill its obligations under a Normative act, except in the cases provided for by the law in which your explicit, voluntary, unambiguous, and informed consent will be requested based on the information provided here.
X. Data Sharing
We may share your personal data with third parties. We require all third parties to respect data security and comply with data protection legislation.
It is possible to send personal data to countries outside of the European Economic Area (EEA), but you can expect a similar level of protection for your personal data.
We will share your personal data with third parties when required by law when it is necessary to administer our relationships or when we have another legitimate interest in doing so.
These third parties may include: hosting providers, companies providing accounting and legal services, payment processors, and others.

XI. Data security
We have implemented appropriate technical and organizational measures to prevent accidental loss, use, or unauthorized access, modification, or provision of your personal data. In addition, we restrict access to your personal data to those employees and third parties for whom there is a need to obtain this information. They will process personal data only on the basis of this policy and its obligation of confidentiality.
We hope you realize that no transmission over the Internet is completely secure and that we can not be held responsible for unauthorized or unintended access beyond our control. For this reason, we expect you to take measures to protect your personal data when you provide it to us and after you receive it from us.
XII. How long will we use your personal information?
We will only store your personal data for the period of time we are required to meet the purposes we have collected, including to comply with the requirements of accounting law that prescribes 10 (ten) years of limitation.
To determine the appropriate storage period, we take into account the quantity, nature and sensitivity of personal data, the potential risk of harm resulting from unauthorized use or provision of the data, the purposes we are processing, or whether we could achieve these goals by other means, as well as the applicable legal requirements.
Upon termination of your contractual relationship with us, we will preserve your information in accordance with our policy and legal requirements and will destroy it in a safe manner after the retention period described here and governed by law expires.

XIII. Right of access, correction, deletion, and limitation
Your obligation to let us know about a change:
It is important to keep your personal information accurate and up to date. Please notify us whenever you change your personal information.
Your rights in relation to your personal information:

–        access to information: this right allows you to obtain a copy of the personal data we hold for you and to verify that we have a legitimate reason for processing it.

–        correction: this right allows us to ask us to correct any incomplete or inaccurate information about you.

–         deletion: this right allows us to require us to delete or remove your personal information when we have no valid reason to continue processing. You also have the right to request your data to be deleted or removed when you have exercised your right to object to their processing.

–        objection to processing: in cases where we rely on our legitimate interests as a basis for processing, you can object to this processing.

–        limitation of processing: this right allows you to require us to temporarily suspend the processing of your personal data if, for example, you want us to determine the accuracy of the data or the reasons for its processing.

–        data portability: this right is limited to cases where data is provided by us for the purposes of a contract and allows you to require us to provide your data stored in electronic form to a third party.

If you want to exercise any of your rights described above, please get in contact using the contacts listed below.

Upon such a request from you, you may need to provide us with information confirming your identity. This requirement is part of our data protection measures and aims to ensure that personal information is not provided to a person who is not entitled to receive it. We also reserve the right to collect a fee, for example, if your application is manifestly reasonless or excessive. We will respond to your request within the applicable deadlines – within 1 month of receipt of the notice, which may be extended by a further two months, taking into account the complexity and the number of requests. In the event of an extension, we will notify you and give you reasons.
You have the right to submit a complaint at any time to the Personal Data Protection Commission, the Bulgarian data protection regulator, or to legally request protection of your rights.

XIV. Right to withdraw your consent
If you have given your explicit consent to the processing of your personal data for a particular purpose, you have the right to withdraw that consent. To withdraw your consent, please get in contact using the contacts listed below.
Upon receipt of your request, we will discontinue the processing of the data for the purpose (s) you initially agreed to, unless we have any other legal basis to continue the processing, which we will notify you of in due course.

XV. Data Protection Officer
For requirements, additional information, and complaints regarding this Privacy policy you can get in contact with us  e-mail: [email protected]

XVI. Changes to this notification
We reserve the right to change and update this policy at any time.
This policy was last updated on 03.02.2025.