Coming Soon

Privacy Policy Scope

This Privacy Policy applies to data processing carried out by EVNISOFT EOOD, headquartered in Sofia, Bulgaria (hereinafter referred to as "EVNISOFT").
EVNISOFT strives to protect the privacy of visitors to this website and will collect and process personal data only in accordance with the provisions of this Privacy Policy.
The purpose of this Privacy Policy is to specify the categories of personal data that EVNISOFT collects through the website evnisoft.com and the EVNIVERSE series of platforms.
All questions regarding the processing of personal data may be directed to the email address privacy@evnisoft.com.
EVNISOFT reserves the right to change this Privacy Policy at any time and to the extent permitted by law, without notice, in order to comply with legal obligations and/or to improve its services to you. Therefore, we recommend reviewing this Privacy Policy regularly.

What Personal Data Do We Process?
Personal data is defined by the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) as "any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier." Simply put, personal data refers to any information about you that allows you to be identified. Personal data includes obvious information such as your name and contact details, but also less obvious information such as identification numbers, electronic locations, and other online identifiers.

In this section we have defined the general categories of personal data we may process, the purposes for which we may process personal data, and the legal bases for processing. Depending on how you use our website, we may collect some or all of the following personal data:

Personal Data
Personal data, including first name, last name, and email address, will be collected if you use our registration forms, contact forms, or the platform itself. This data will be processed lawfully, fairly, and transparently. When collecting data, we will adhere to clear, legitimate purposes that are not incompatible with the original purpose. We will collect only the minimum necessary data and keep it accurate and up to date. Data will not be stored longer than necessary, and appropriate measures will be taken to protect against unauthorised or unlawful processing, accidental loss, destruction, or damage.

Usage Data
We may process data regarding your use of our website, such as your browser type and version, IP address, geographic location, referral source, visit duration, page views, website navigation paths, and data on the time, frequency, and pattern of your website use. The source of this usage data is our data analytics system. We may use this data to analyse website usage. Our legal basis for processing this data is our legitimate interests: monitoring and improving the services provided by our website. However, we will seek your consent when collecting usage data through non-essential cookies.

Enquiry Data
We may process any information included in your enquiry related to our company or services ("enquiry data"). The purpose of processing enquiry data may include scheduling a demonstration, making an offer, marketing, and selling the relevant services. Our legal basis for this processing is our legitimate interest.

Notification Data
Information you provide when subscribing to our email notifications and/or newsletters ("notification data") may be processed in order to send you the relevant notifications and/or newsletters. Our legal basis for this processing is your consent, which you may withdraw at any time using the "unsubscribe" link.

What Are My Rights?
We adhere to your rights under GDPR, which include:
- The right to be informed about the collection and use of your data. Our Privacy Statement provides the necessary information, but you may contact us if you have additional questions.
- The right to access the personal data we hold about you.
- The right to request correction of your data if it is inaccurate or incomplete.
- The right to request erasure of your data, also known as the "right to be forgotten."
- The right to restrict the processing of your data.
- The right to object to the processing of your data.
- The right to data portability, which allows you to obtain and reuse your data for your own purposes across different services.
- The right not to be subject to automated decision-making and profiling.

If we process your data on the basis of your consent, you have the right to withdraw it at any time. This will not affect the lawfulness of processing carried out prior to the withdrawal.

These rights may be exercised in accordance with legal requirements by sending a letter to EVNISOFT at the following email address: privacy@evnisoft.com.

If you believe that our processing of your personal information violates data protection laws, you have the legal right to lodge a complaint with the supervisory data protection authority. You may do so in the EU member state where you normally reside, work, or where you believe the infringement has taken place. However, we would appreciate it if you contacted us first so that we can resolve any concerns you may have.

Transfer of Personal Data
4.1. Use of Data Processors
As a data controller, we may engage a data processor who will process personal data on our behalf. A data processor is a natural or legal person who processes your data at our request and on our behalf. The data processor is responsible for maintaining the security and confidentiality of personal data and will always act in accordance with our instructions. We may engage a data processor for various purposes, including hosting, administration, marketing, analytics, and communication.

4.2. Disclosure of Personal Data to Third Parties
In addition to the disclosure of personal information mentioned in this section, we may disclose your data where necessary to comply with a legal obligation or to protect your vital interests or those of another person. We may also disclose your data where necessary to establish, exercise, or defend legal claims, whether in judicial, extrajudicial, or administrative proceedings.

If you give your consent on our website, your data and cookies may be sent to Google for personalisation and analytics purposes. For more information, we recommend reviewing Google's privacy and terms website.

International Data Transfers
We will store your information within the European Economic Area (EEA), which includes all EU member states, Norway, Iceland, and Liechtenstein. This ensures that your data will be fully protected by data protection laws and regulations, including the General Data Protection Regulation, or equivalent standards required by law.
In some cases, however, it may be necessary to store or transfer some of your data to countries outside the EEA, referred to as "third countries," which may not have the same level of legal data protection as the EEA. To ensure the same level of protection for your data, we will take additional measures, including the following:
a) We will transfer your data to third countries for which the European Commission has determined that they provide an adequate level of data protection. For more information, please visit the European Commission's website.
b) We will use specific contracts with external third parties that have been approved by the European Commission for the transfer of personal data to third countries. These contracts will require the same level of data protection as required by data protection laws.

Data Retention Period
We will retain your data only for as long as necessary, having regard to the purposes for which it was originally collected. Your data will be retained until you delete your account or as required by law. The following retention periods apply to the storage of your data:
Personal Data
The General Data Protection Regulation requires that personal data be retained only for as long as is necessary for the purposes for which it was collected. We understand that the retention period for personal data should be determined based on the purposes for which it was collected, and we ensure this is always the case. Our data retention policies and procedures have been developed in accordance with the GDPR requirements for limited personal data retention periods. We regularly delete or destroy data that is no longer needed.

Enquiry Data In this section, we may retain your data where necessary to comply with a legal obligation applicable to us, or to protect the vital interests of you or another natural person.

Third-Party Websites
Our website may contain hyperlinks to and information about third-party websites. We have no control over those third-party websites and are not responsible for their privacy policies.

This data protection policy is effective from 20 July 2023.