Privacy Policy

One of our main priorities is protecting the privacy of our visitors and users. This Privacy Policy outlines the types of information we collect and store, and how we use it.

1. Definitions

The terms used in this Privacy Policy will have the following meaning:

  • “Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is an identifiable person, directly or indirectly, in particular by an identifier such as name, identification number, location data, online identifier or one or more features specific to the natural, the physiological, genetic, mental, intellectual, economic, cultural or social identity of that individual.
  • “Subject of Personal data” – users or visitors of the Website to whom certain Personal data relates (hereinafter “you”).
  • “Data Controller” or “Controller”– “POPIE GROUP” EOOD
  • “Processor of Personal Data” means a natural or legal person, public authority, agency, or any other body which processes personal data on behalf of the Controller.
  • “Processing of Personal Data” means any operation or set of operations carried out with personal data or a set of personal data by automatic or other means such as collecting, recording, organizing, structuring, storing, adapting, or modifying, retrieving, consulting, using, disclosure by transmission, dissemination or other means of making the data available, arranging or combining, restricting, deleting or destroying it.

2. Who we are?

“POPIE GROUP” EOOD, UIC 206606149, VAT Number BG206606149, with headquarters and address of management: 8 Stefan Stambolov boul., Sofia 1000, Bulgaria (hereinafter “we” or referred to by its market name “The Samsung Photography”) acts as a Controller within the meaning of the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, (General Data Protection Regulation), hereinafter “GDPR”.

This Privacy Policy applies only to our online activities and to visitors to our website concerning the data they provide to and/or collect from The Samsung Photography. This policy does not apply to information collected offline or through channels other than this website.

3. Consent to the Privacy Policy

By using our website, you consent to our Privacy Policy and agree to its terms.

4. Personal data we collect:

When making an order from The Samsung Photography Website, regardless of whether through a User Account or without registration, each user provides the following Personal data:

  • first name and surname;
  • e-mail of the User.

In addition to the above Personal data, when registering a User profile, each user provides the following Рersonal data:

  • Order history;
  • Downloads history;
  • frequency of visits;
  • action records (logs) and cookies – More information about the cookies we use and how to manage them can be found in Section 11. Cookie Policy below.

If you contact us directly, we may obtain additional information about you, such as your name, email address, phone number, the content of the message and/or attachments you send us, and any other information you provide to us.

We cooperate with third parties – payment service providers, who are independent data controllers with their protection systems and policies. We do not store complete details of your payments as the full numbers of your debit or credit cards. We encourage you to read the privacy policies of our payment service providers.

We process and use only data that you have provided to us voluntarily and we rely on the fact that this data is provided by you lawfully.

Each user is responsible for not providing us data to third parties in violation of their rights to personal data protection. If you choose to provide us with such Personal Data, you are responsible for your right to use the provided data, and we encourage you to inform third parties about the processing we perform.

5. How we use your Personal data:

We use the Personal data we collect in a variety of ways, including:

  • Provide, operate, and maintain our website.
  • Improve, personalize, and enhance our website
  • Understand and analyze how you use our website
  • Develop new products, services, features, and functionality
  • Communicate with you, either directly or through one of our partners, such as for customer service, to provide you with updates and other information related to the website, and for marketing and promotional purposes
  • To send you e-mails
  • To detect and prevent fraud

Your consent is voluntary and we will not use your contacts to advertise our products if we didn`t receive your consent. In this case, your contacts will be used only with your explicit consent. You can withdraw your consent to receive marketing information, as well as to process your Personal data from us at any time using the contact form on our Website.

6. Legal basis for the Processing

We collect and process your Personal data on the following legal basis:

  • Article 6, para. 1, letter “A” of the GDPR – the Data subject has consented to the processing of his Personal data for the receipt of commercial communications;
  • Article 6, para.1, letter “B” of the GDPR – the processing is necessary for the performance of a contract to which the data subject is a party, or for taking steps at the request of the data subject before concluding a contract;
  • Article 6, para (1), letter “F” of the GDPR – the processing is necessary for the purposes of the legitimate interests of the Controller, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Personal data provided by you due to specific cases in the course of using our Website may also be processed on various basis, for which we will provide you with information when the specific basis for processing arises.

7. Time limits for storage and Processing of Personal data

Your Personal Data, depending on the category, basis, and purposes of processing are stored within the time limits set by the requirement of national or Community law so that we in the capacity of the Controller can perform the obligations imposed on us by law.

Your Data provided during your registration on our Website is stored and processed for the period of registration until you request deregistration and deletion of your account.

When you consent to the use of your Personal Data for marketing purposes, we store and process this personal data until the withdrawal of your consent.

Your Personal Data provided in connection with the service you use is stored for the period for which you can file complaints or other claims against us, and we may exercise our right to protection (limitation periods under applicable law).

Your Personal Data, provided through one of our contact forms, including incomplete registration on our Website, is stored for a period of 6 months for security and to facilitate subsequent communication with you, if there is no reason to apply for a longer period.

If the reason on which we store your Personal Data ceases to exist (for example, if we cease to have a legitimate interest in storing your Personal Data, if the statutory period for storing your personal data has expired, or if you have withdrawn your consent to store your personal data) we will delete or destroy it safely.

8. Third parties

In most cases, we do not provide your data to third parties, but we use subcontractors – professionals in the field, through which we provide additional security of your data and who at some point may have access to our database system, including payments systems, for maintenance of our Website, for use of secure servers, etc.

In other cases, when required by law or contract, your data may be provided in connection with accounting or legal processing, making payments, collection of debts, etc., in which case the data is processed for us only based on our explicit instructions and in accordance with our Privacy Policy with due care and security.

Your Personal Data may be stored in the European Union (EU) or the European Economic Area (EEA) or elsewhere due to the online nature of the services we provide to you. If your personal data is transferred or stored outside the territory of the EU and/or the EEA, special security measures will be taken to ensure that this transfer is carried out by this Privacy Policy and applicable law for the protection of personal data.

The services provided by us may contain links to Web sites managed or owned by third parties. We are not responsible for the processing of Personal data performed by such Web sites. Therefore, we invite you to inform yourself about the privacy policies of the Controllers of the respective Websites.

9. Your Rights

For your convenience, we offer a detailed description of your rights as Data subjects:

Right of access: At any time, you have the right to request information about your Personal data that we store, the reason, the purposes, the terms of processing and storage, whether they have been provided to a Personal Data Processor, whether they have been destroyed, etc.

Right to rectification: You have the right to request correction of your Personal data if they are incorrect, including the addition of incomplete personal data.

Right to erasure/ right to be “forgotten”: You have the right to want to delete all Personal data processed by us and our Personal data processors at any time, except when the processing is necessary for at least one of the following purposes:

(a) to exercise the right to freedom of expression and the right to information;

(b) to comply with a legal obligation requiring processing provided for in Community law or the law of a Member State applicable to us;

(c) for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes by Article 89(1) GDPR in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or;

(d) for the establishment, exercise, or defense of legal claims.

Right to restriction of processing- You have the right to request us to restrict the processing of your Personal data in the following circumstances:

(a) the accuracy of the Personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the Personal data;

(b) the Processing is unlawful, and the Data subject opposes the erasure of the Personal data and requests the restriction of their use instead;

(c) the Controller no longer needs the Personal data for the purposes of the processing, but they are required by the Data subject for the establishment, exercise, or defense of legal claims;

(d) the Data subject has objected to processing under Article 21(1) GDPR pending the verification of whether the legitimate grounds of the Controller override those of the Data subject.

Right to data portability: When we process your Personal Data in an automated manner based on your consent or the basis of a contract, you have the right to receive a copy of your data in a structured, widely used, and machine-readable format transferred to you or another party. This includes only the Personal Data you have provided to us.

Right to object to the processing based on legitimate interest: You have the right to object to the processing of your Personal Data based on our legitimate interest. We will not continue to process your Personal Data unless it is proven that there are compelling legal grounds for doing so that take precedence over your interests and rights or due to lawsuits.

Right to be informed about a personal data breach under Article 34 of the GDPR: When there is a possibility that the breach of personal data security poses a high risk to your rights and freedoms, then weI, without undue delay, notify the Data subject of the personal data breach, which describes the nature of the breach of personal data security. We will publish a notice on our Website so that Data subjects are equally effectively informed when we have fulfilled any of the following conditions:

(а) the Controller has implemented appropriate technical and organizational protection measures, and those measures were applied to the Personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorized to access it, such as encryption;

(b) the  Controller has taken subsequent measures which ensure that the high risk to the rights and freedoms of data subjects referred to (a) is no longer likely to materialize;

(c) it would involve a disproportionate effort. In such a case, there shall instead be a public communication or similar measure whereby the data subjects are informed in an equally effective manner.

10. How to exercise your rights

We take the protection of Personal data very seriously. You can always contact us at the following e-mail: …………………………. or using the contact form on our Website.

Please note that when your requests are manifestly unfounded or excessive, in particular, because of their recurrence, we may:

1. to impose a fee, taking into account the administrative costs of providing the information or communication or taking the requested action, or

2. to refuse to take action on the request.

We will use reasonable efforts to comply with your request within two months of receiving your request. If necessary, this period may be extended by another month, taking into account the complexity and number of requests.

11. Our Cookies Policy

11.1. Log Files:

We use log files by default. These files log visits to websites. All hosting companies do this, and it is part of the analysis of hosting services. Information collected in log files includes internet protocol (IP) addresses, browser type, internet service provider (ISP), date and time stamp, referring and leaving pages, and possibly the number of clicks. This data is not linked to personally identifiable information. The purpose of this information is to analyze trends, administer the site, track users’ movements around the site, and gather demographic information.

11.2. Cookies and Web Beacons:

Like any other website, The Samsung Photography Website uses “cookies” to personalize your online experience. By using The Samsung Photography WebSite, you consent to the use of cookies as required.

A cookie is a text file that is placed on your hard drive by a web server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.

We may use cookies to collect, store and track information for statistical or marketing purposes to operate our website when we have received your consent to optional cookies. You have the option to accept or decline optional cookies. Some required cookies are necessary for the operation of our website. These cookies do not require your consent as they always work. Please note that by accepting required cookies, you are also accepting third-party cookies that may be used through third-party services when you use such services on our Website, such as a video viewing window provided by third parties and integrated into our website.

These cookies are used to store information such as visitor preferences and the pages on the website that the visitor has accessed or visited. This information is used to optimize the user experience by customizing the content of our website based on the visitor’s browser type and/or other information.

11.3. Third-party cookies

Some of the pages of our Website display content from external providers, e.g. YouTube, Facebook, Twitter, etc. To view this third-party content, you first have to accept their specific terms and conditions. This includes their cookie policies, which we have no control over. But if you do not view this content, no third-party cookies are installed on your device.

Here is a list of our Third-party providers of cookies:

These third-party services are outside of our control. Providers may, at any time, change their terms of service, purpose, and use of cookies, etc. We recommend that you regularly inform yourself about the cookies policies and terms and conditions used by these third parties.

As we mentioned above, Google is one of the third-party vendors on our website. It also uses cookies called DART cookies to serve ads to visitors to our website based on their visit to www.website.com and other websites on the Internet. However, visitors can opt out of the use of DART cookies by visiting the Google Ads and Content Network Privacy Policy at the following URL: https://policies.google.com/technologies/ads.

11.4. Browsers Cookies settings

You can turn off cookies by changing your internet browser settings. There are many different browsers and versions of browsers. Some of the most common browsers are listed below. Click on the name of browser you use to learn how to disable and manage cookies.

12. Claims

If you want to exercise your rights of Data Subject you can contact us via e-mail: refunds@thesamsungphotography.com or using the contact form on our Website.

Exercising the above rights does not deprive you of the right to appeal. You can submit one to the supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement. Here you can find a list of supervisory authorities’ contacts in the EU.

This is a staging enviroment