Personal data protection policy

1. Introduction

The Charitable Foundation "Helping the Good" (hereinafter referred to as "the Foundation") is registered and operates in accordance with the laws of the Republic of Bulgaria. The Foundation is committed to protecting the personal data of its donors, employees, volunteers and all interested parties. This Personal Data Protection Policy (hereinafter referred to as the "Policy") defines the ways and principles by which the Foundation collects, processes and protects personal data, in accordance with the requirements of the General Data Protection Regulation (GDPR) of the European Union and Bulgarian legislation.

2. Definition of personal data

Personal data is any information that can identify a particular individual, including but not limited to name, address, telephone number, e-mail address, photographs and other data collected by the Foundation about our donors, employees, volunteers and other interested parties.

3. Collection of personal data

The Foundation collects and processes personal data after receiving the express and clear consent of the relevant data subject or if there is another legal basis for the processing. Personal data is collected and used exclusively for specific and legitimate purposes and is stored for a period necessary to achieve these purposes. The storage of personal data is carried out in accordance with the terms provided for achieving the purposes for which they were collected, and in accordance with the legal storage obligations. After the expiration of the necessary period, the Foundation takes appropriate measures for safe and reliable destruction of personal data.

4. Processing of personal data

The Foundation complies the processing of personal data with the requirements of the GDPR and implements appropriate technical and organizational measures to protect personal data from unauthorized access, loss or destruction. Only persons who have the right to process them and who undertake to preserve their confidentiality have access to personal data.

5. Use of personal data

Personal data collected by the Foundation is used only for the purposes for which it was collected and in accordance with legal requirements. They can be used for the following purposes:

• To manage and maintain donor relations with individuals and legal entities.
• For communication with data subjects in connection with the activities of the Foundation.
• For accounting and financial purposes, including processing payments and donations.
• To perform tasks related to the activities and goals of the Foundation.

6. Security of personal data

The Foundation takes measures for the security of personal data, including limiting access to them, encryption and regular updating of systems and protection measures. The Foundation also trains its employees on data protection issues and creates information security policies and procedures.

7. Rights of data subjects

Data subjects have certain rights in relation to their personal data, including:

• Right of access: Data subjects have the right to obtain information about what personal data is stored about them.
• Right to rectification: If personal data are inaccurate or incomplete, data subjects have the right to request their rectification.
• Right to erasure: Data subjects may request the erasure of their personal data when they are no longer necessary for the purposes for which they were collected or if the subject withdraws consent.
• Right to restriction of processing: Data subjects may request restriction of processing of their personal data in certain circumstances.
• Right to portability: Data subjects have the right to receive their personal data in a structured, common and machine-readable format and to provide it to another controlling authority.

8. Processing of personal data of children

The Foundation does not collect personal data of children under the age of 16 without the express consent of their parents or legal representatives.

9. Transparency and information

The Foundation informs data subjects about the purposes of processing their personal data and provides them with information about their data rights. The information is provided in fair and clear language and is updated as necessary.

10. Policy changes

The Foundation may update this Privacy Policy as necessary, in accordance with applicable legislation. Any changes will be published on our website and, if necessary, communicated to data subjects.