Loading...
Advanced
Price Range From To
Other Features

Privacy Policy

“RADIANT ESTATES” Ltd. (“the Company,” “Administrator,” “We”) recognizes the need to implement adequate protection of the personal data of data subjects (“You,” “Your”), and seeks to respect the privacy of Your personal life. This Privacy Policy (“Policy”) has been created to help You understand how We collect, use, and protect Your personal data, including when You agree to use Our website.

For the purposes of its activity as an intermediary in real estate transactions, the Company processes Your personal data in strict compliance with Regulation (EU) 2016/679 (General Data Protection Regulation) (GDPR), the Personal Data Protection Act, other applicable laws, and this Policy.

Under the GDPR:

  • “Personal data” means any information relating to an identified or identifiable natural person (“data subject”).
  • “Processing” means any operation or set of operations performed on personal data or sets of personal data by automated or other means.
  • “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • “Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
  • “Recipient” means a natural or legal person, public authority, agency or another body to which the personal data are disclosed, whether a third party or not.

This Policy provides information on:
1. The data identifying the Administrator and its contact details
2. Data subjects whose personal data are processed
3. Categories of personal data
4. Purposes of processing
5. Legal bases for processing
6. Recipients of personal data
7. Storage periods for personal data
8. Data subjects’ rights and how to exercise them
9. Consent and withdrawal of consent
10. Right to lodge a complaint with the supervisory authority
11. Security measures for personal data

1. Administrator’s Identity and Contact Details
The controller of personal data is “RADIANT ESTATES” Ltd., with registered address: 33 “Sixth September” St., Floor 1, Sofia, Bulgaria; email: info@radiantest.com; website: www.radiantest.com; phone: +359 89 339 6361.

2. Data Subjects
The Administrator processes personal data of the following categories of data subjects:

  • Clients;
  • Personnel (current and former employees);
  • Job applicants;
  • Applicants, petitioners, complainants, and claimants;
  • Partners.

3. Categories of Personal Data
The Company processes the following categories of personal data, ensuring their accuracy:

  • Full name, unique civil number, date and place of birth, identity card number and date of issue, address, telephone number, email address, bank account, income, photographs, marital status, comments;
  • Personal data contained in CVs and L-1 visas;
  • Special categories of personal data relating to the health status of the Company’s employees.

4. Purposes of Processing
When You provide personal data to the Company through any contact form, We may contact You to make offers or provide services in which You have expressed interest. The Administrator also processes personal data for the following purposes:

  • Provision of real estate consultancy services;
  • Fulfilment of labour and social legislation requirements concerning employees;
  • Conclusion of contracts;
  • Compliance with legal obligations under accounting, tax, anti-money-laundering, and other laws requiring the processing of personal data in real estate transactions;
  • Marketing and advertising;
  • Maintenance and security of the Company’s website and IT systems;
  • Protection of the Company’s legitimate interests.

5. Legal Bases for Processing
The Company processes personal data on the following lawful bases:

  • Consent of the data subject for one or more specific purposes;
  • Processing necessary for the performance of a contract to which the data subject is a party, or to take steps at the data subject’s request before entering into a contract;
  • Processing necessary for compliance with a legal obligation applicable to the controller;
  • Processing necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where overridden by the interests, fundamental rights, or freedoms of the data subject which require protection of personal data.

We process special categories of personal data on the following basis:

  • For preventive or occupational medicine purposes, and to assess the employee’s capacity to work.

6. Recipients of Personal Data
We may share Your personal data with:

  • State institutions and authorities with sovereign powers, including but not limited to the State Agency for National Security, the National Revenue Agency, the National Social Security Institute, notaries, etc.;
  • Commercial entities providing the Company with accounting, IT security, website maintenance, translation, and other services;
  • Our partners who provide consultancy in real estate transactions.

The Company implements appropriate technical and organizational measures to ensure data integrity and confidentiality, including: pseudonymization and encryption, ensuring ongoing confidentiality, integrity, availability and resilience of processing systems, ability to restore data availability and access in case of incident, and regular testing and evaluation of these measures.

The Company does not transfer personal data to third countries outside the EU, except after prior written notice to the data subject and on the basis of a legal transfer mechanism.

7. Storage Periods
“RADIANT ESTATES” Ltd. stores Your personal data on paper and electronic media in accordance with the storage limitation principle. In particular:

  • Clients’ personal data: 5 years from the termination of the relevant contract (statute of limitations).
  • Job applicants not hired: 1 year from the end of the recruitment procedure, after which data are returned or securely destroyed. Longer retention for sending job notifications only with explicit consent.
  • Employees’ personal data: in accordance with the Labour Code, Social Security Code, Tax and Accounting Acts, and related regulations.
  • Data based on consent: 1 year from consent, with notification to renew consent.
  • Personal data in accounting documents:
    • Payroll records: 50 years from January 1 of the year following the reporting period;
    • Accounting registers and financial statements (including tax and audit documents): 10 years from January 1 of the year following the reporting period;
    • Other accounting information: 3 years from January 1 of the year following the reporting period.

8. Data Subjects’ Rights and How to Exercise Them
You have the following rights regarding the collection, processing, and storage of Your personal data:

  • Withdrawal of consent at any time by submitting a “Notice of Withdrawal of Rights Exercise” in accordance with GDPR Art. 12(4). The Company may verify Your identity.
  • Right of access: request confirmation of processing and a copy of Your personal data under GDPR Art. 15.
  • Right to rectification: correct or complete inaccurate or incomplete data under GDPR Art. 16.
  • Right to erasure (“right to be forgotten”) under GDPR Art. 17, when grounds apply (data no longer needed, consent withdrawn, unlawful processing, legal obligation, etc.). Exceptions: freedom of expression, legal obligations, public interest archiving, scientific/historical/statistical research, or legal claims.
  • Right to restriction of processing under GDPR Art. 18, when accuracy is contested, processing is unlawful but You oppose erasure, data no longer needed but required for legal claims, or pending objection review.
  • Right to data portability under GDPR Art. 20: receive data You provided in a structured, machine-readable format and transmit them to another controller where technically feasible.
  • Right to information about recipients of Your data if rectification, erasure, or restriction took place, under GDPR Art. 19.
  • Right to object under GDPR Art. 21, including to profiling and direct marketing.
  • Rights in the event of a personal data breach: notification without undue delay under GDPR Art. 33, unless disproportionate effort, if protective measures already in place, or breach unlikely to result in high risk.
  • Right to lodge a complaint with the supervisory authority (Commission for Personal Data Protection), Sofia, 2 “Prof. Tsvetan Lazarov” Blvd., or via www.cpdp.bg.

9. Security Measures
The Administrator takes necessary security measures:

  • Paper documents with personal data are kept in locked cabinets, accessible only to authorized personnel; offices are protected by alarm systems to prevent unauthorized access.
  • Access to IT systems is via unique user accounts and passwords; staff receive training on confidentiality and are prohibited from sharing data with unauthorized persons.

Compare listings

Compare