2. The information we collect
2.1. As part of operating the Website, we collect your Personal Information. "Personal Information" means any information from which you can be personally identified, including your name, email address, home or business address and telephone number. Please see paragraph 5 for exhaustive list of personal data collected.
3. Information we collect through Cookies and similar technologies
3.1 We collect information through "Cookies" and other similar technologies (e.g. pixel tags or links). This helps us to remember you when you visit the Website, and to improve your experience.
3.2 We also use information collected through "Cookies" and other similar technologies to detect any abuse of our Website and Services, and to help verify your age upon entry of site.
4. Information collected from third parties and how we use it
We will only use information from third-party recruitment firms, if so instructed by yourself but limited to processing in Bulgaria only.. See 5.2
5. How we use your Personal Information
5.1. In accordance with data protection laws, we will only process your Personal Information where we have a lawful basis for doing so. In respect of your Personal Information, these bases are:
I. Via the email submission, we will collect your CV (which contains full name, contact number, email address, education, work experience etc.) that you submit for an application for open position with CSMS.
5.2. The following are a list of the "Purposes" for which we (CSMS employees) process your Personal Information, and the lawful basis on which we carry out such processing:
6. Disclosure of your Personal Information
6.1. We may, for the identified stated purposes, disclose your Personal Information to any of the following recipients:
6.1.1. any third party which assists CSMS in fulfilling the stated purposes, including (but not limited to) providing support through Human Resources team;
6.1.2. any third party which can which assists CSMS in verifying the accuracy of your Personal Information, including financial institutions and credit reference agencies,
6.1.3. any third party which assists CSMS in monitoring use of our website, including the detection and prevention of fraud and collusion,
6.1.4. any contractors or other advisers auditing any of our business processes or who have the need to access such information for the purpose of advising CSMS;
6.1.5. any law enforcement body which may have any reasonable need to access your Personal Information;
6.1.6. any regulatory body or authorised entity (e.g. a sporting body or law enforcement agency) which may have any reasonable requirement to access your Personal Information; and
6.1.7. any potential purchaser of our business or any investors in it or in any company within our Group (including in the event of insolvency).
6.2. If at any time you wish us to stop processing your Personal Information for the above Purposes (stated in paragraph 5), you should contact us and we will take the appropriate steps to stop doing so, if there are no regulatory requirements. Please contact Privacy@csms.bg
7. Marketing Preferences
7.1. CSMS will not send you unsolicited information regarding any third party's products or services.
8. Transfer of your Personal Information outside of the EEA
Your Personal Information is not transferred outside of Bulgaria.
9. Updating your Personal Information
You may request an update or deletion of your Personal Information at any time via Privacy@CSMS.bg
10. Your rights
10.1. You have the following rights in relation to your Personal Information:
10.1.1. a right to access your Personal Information as held by us (also known as a subject access request);
10.1.2. a right to receive certain Personal Information in machine-readable format;
10.1.3. a right to object to processing where the lawful basis is that it is in our legitimate interests, but please note that we may still process your Personal Information where there are other relevant lawful bases or where we have compelling grounds to continue processing your Personal Information in our interests which are not overridden by your rights, interests or freedoms;
10.1.4. a right to have inaccurate Personal Information rectified;
10.1.5. a right to have certain Personal Information erased where it is no longer necessary for us to process it, where you have withdrawn your consent pursuant to paragraph 10.1.8, where you have objected pursuant to paragraph 10.1.3, where your Personal Information has been unlawfully processed, or where erasing your Personal Information is required in accordance with a legal obligation;
10.1.6. a right to request an explanation of the logic involved where we make decisions about you solely through automated means;
10.1.8. where we have specifically requested your consent to process your Personal Information and have no other lawful conditions to rely on, you have the right to withdraw this consent; and
10.1.9. a right to object to direct marketing, which can be done by opting out of direct marketing via the communication itself. You also have a right to object to any profiling to the extent that it relates to direct marketing only.
10.2. If you are unsure about your rights or are concerned about how your Personal Information may be processed, you should contact your national data protection regulator.
10.3. If you would like to exercise any of your rights, then you can do so by contacting us as described below. Please be aware that while we will try to accommodate any request you make in respect of your rights; they are not absolute rights. This means that we may have to refuse your request or may only be able to comply with it in part.
10.4. Where you make a request in respect of your rights, we will require proof of identification. We may also ask that you clarify your request. We will aim to respond to any request within one month of verifying your identity. If we receive repeated requests or have reason to believe requests are being made unreasonably, we reserve the right not to respond.
11. Retention of your Personal Information
We will retain your Personal Information for the period necessary for us to provide you with our Services and to comply with our legal and regulatory responsibilities. Accordingly, please refer to paragraph 5 for the retention periods. Where it is no longer necessary for us to process your Personal Information, we will delete it sooner as stated in section 5.2.
12. Contacting us
The cookies used on this Website are either set by us or by our third-party service providers, and fall into the following categories:
1) Strictly Necessary - these cookies are essential in order to enable you to move around the Website and use its features. If you remove or disable these Cookies, we cannot guarantee that you will be able to use our Websites or benefit from all our security features.
2) Performance - these Cookies collect information about how visitors use our Website. They allow us to recognise and count the number of visitors and to see how visitors move around our Website.
3) Functionality - these Cookies are used to provide services or to remember choices you make so we can personalise our content for you. We use this information to customise your experience of our Website to meet your preferences for content layout, text size etc. You can manage these Cookies using your browser settings. However, if you block them we may not be able to offer you certain services that you have chosen
4) Targeting - these Cookies record the fact that you have visited our Website, including which web pages you have accessed, which device you have accessed them from, and which links you have followed. We use this information to make our Website relevant to your interests and for fraud and website abuse detection purposes, including detecting players who have abused bonus schemes or other promotions.
Some of these are "session cookies", which stay in place only for the duration of your visit to our website and are deleted at the end of your browsing session. Others are "persistent cookies", which remain on your device for a period of time after you have left the Website.
Some of these are "session cookies", which stay in place only for the duration of your visit to our website and are deleted at the end of your browsing session. Others are "persistent cookies", which remain on your device for a period of time after you have left the Website. See 13.5 for retention periods of each cookie.
13.2. Most browsers have cookies enabled by default, but you are able to change your cookies settings, which are usually found in the 'options' or 'preferences' menu of your internet browser. You can block any cookies from any website by activating the setting on your browser that allows you to refuse the setting of some or all cookies. However, if you block all cookies you may not be able to access all or part of our Website. You can also use your browser settings to delete cookies. For more information about how to disable cookies in your browser please visit .
13.3. As part of the Website's operation, our Website automatically logs internet IP addresses. We do NOT log any e-mail address of visitors to the Website.
13.4. While the Website may contain links to websites operated by parties other than us, we are not responsible for the privacy practices or content of such websites.
Please review the Cookies in use and their purposes in the below table:
14.1. We are committed to ensuring that your Personal Information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the Personal Information that we collect.
14.2. All the Personal Information that you provide us is stored in a secure computing environment protected by secure firewalls to prevent unauthorized access. We control access so that only people who need to access the Personal Information can. All staff are provided security training and are required to adhere to a comprehensive set of security policies, procedures, and standards related to their jobs.
14.3. When you access any area of our Website, we use encryption. This means that all the information sent between your computer and our server architecture is encrypted so that no one can read it in transit.