Find out all the details about the admission process at Montessori School Otkrivatel
“PRIVATE MONTESSORI KINDERGARTEN OTKRIVATEL” OOD (the “Kindergarten”, the “Controller”) acknowledges the need for implementation of adequate protection of the personal data of the data subjects and strives to respect their privacy. This Personal Data Protection Statement (the “Statement”) is provided to held the data subjects understand in what way and for what purposes the Kindergarten processes, uses and protects their personal data.
For the purpose of its operations the Kindergarten processes personal data in strict compliance with Regulation (EU) 2016/679 (“General Data Protection Regulation”, “GDPR”), the Personal Data Protection Act and other applicable regulations and the Statement.
This Statement provides information regarding:
Scope of this Statement
Data identifying the Controller and the Controller’s contact information
Contact data of the data protection officer
Personal data categories
Data subjects the personal data of whom is processed
Purposes for which personal data is processed
Grounds on which personal data is processed
Recipients of personal data
Periods of time over which personal data is stored
Rights of the data subject and how these rights can be exercised
Giving and withdrawing consent
Right to file a complaint with the supervisory body
Security measures concerning personal data
“Personal data” means any information relating to an identified or identifiable natural person who can be identified, directly or indirectly;
“Processing” means any operation or set of operations, which is performed on personal data or on set of personal data, whether or not by automated means or otherwise;
“Controller” means “Private Montessori Kindergarten Otkrivatel” OOD, which, alone or jointly with others, determines the purposes and means of the processing of personal data;
“Processor of personal data” means a natural or legal person, public authority, agency or other body, which processes personal data on behalf of the controller;
“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not;
“User” means a natural person that is user of the website and has subscribed for a “visit” or “registration” thereon;
“Data subject” means a website user or a child that has been enrolled and admitted to the Kindergarten;
“Website” means the website – montessorischools.bg
This Personal data protection statement is applied in the relations between “PRIVATE MONTESSORI KINDERGARTEN OTKRIVATEL” OOD on one hand and the website users on the other, as well as upon admission of children to the Kindergarten. The statement is intended to inform the data subjects as to their rights in accordance with art. 12 and the following of Regulation “EU” 2016/679.
The personal data Controller is “PRIVATE MONTESSORI KINDERGARTEN OTKRIVATEL” OOD, UIC 202466386, having its address at: city of Sofia, Vitosha Region, Boyana Residential Estate, 15C, Siri Dol str., e-mail: email@example.com, tel. +359 877 202 640.
The data protection officer at “PRIVATE MONTESSORI KINDERGARTEN OTKRIVATEL” OOD is “GDP Management” OOD, having its address at: city of Sofia, Ovcha Kupel Region, 42, Voyvodina Mogila str., ground floor, ap. 1; e-mail: firstname.lastname@example.org; telephone: 0879323259, contact person – Teodora Dimitrova.
The Controller collects directly from the data subjects the following categories of personal data:
Registration on the website is made for the purpose of admission of the child to the Kindergarten. Subscription is made in the “registration” section. When data subject is registered on the website, they provide to the Controller the following personal data categories: first and family name of the child, date of birth, first and family name of the legal representative of the child, telephone number, e-mail, address, IP address.
Visits to the Kindergarten are made via subscription in the “visits” section. Visits are made so that the parents would get acquainted with the Montessori education methods. When the users fill-in of the visit form the Controller processes the following personal data categories: First and family name, telephone number, e-mail, age of the child, comments, IP address.
Each user may submit an enquiry using the contact form available on the website. An enquiry may be made over the telephone as well. In these cases the Kindergarten processes the following personal data categories: name, e-mail, telephone number, comments and IP address.
Upon admission of children in the Kindergarten for whom there is an education agreement signed with a parent / guardian, the Controller processes the following categories of the children’s personal data: names, personal ID number, data on the health condition, data on the psychological condition of the child.
Upon the signing of an education agreement the Kindergarten processes the following categories of personal data of the children’s parents: names, personal ID number, personal ID card number, address, telephone number, e-mail, marital status, bank account, signature.
Upon the use of the information system of the Kindergarten the Controller processes the following types of personal data of the parents and the children: names, date of birth, group, address, telephone, e-mail, photographs / images, information regarding the child’s progress, data on the health condition of the child.
In case of legal disputes the Controller may process the following categories of personal data, more specifically: names, e-mail passport data and other data from the registration form.
The Controller may process personal data for marketing purposes when applicable. In this case the Controller collects from the data subjects, in an appropriate manner, names, e-mail, telephone number.
When personal data is provided by the data subject to the personal data Controller without legal grounds under art. 6, paragraph 1 of Regulation (EU) 2016/679 or in contradiction with the principles of art. 5 of the above-mentioned Regulation, the Kindergarten returns such data within one month as of the time it becomes aware of this fact, and if this is impossible or would involve a disproportionate effort, the Kindergarten erases or destroys such personal data. Erasure and destruction are documented.
The Controller processes personal data of the following categories of data subjects:
The Kindergarten processes personal data for the following purposes:
The Kindergarten processes personal data of the data subjects based on the following legal grounds:
The Kindergarten processes special category of personal data on the following legal grounds:
The Kindergarten may share personal data of the data subjects with the following categories of recipients:
The website may offer links to third party websites, add-ons and applications. Clicking on or activating such links may allow third parties to collect or share data for the data subject. The Controller does not control such third party websites and is not responsible for their personal data protection statements. When the data subject leaves the website they should read carefully the personal data protection statement of each website they visit.
The Kindergarten implements appropriate technical and organisational measures for protection, in order to ensure the rights and freedoms of the data subjects in compliance with the “integrity and confidentiality” principle. In particular, the Controller selects suitable recipients that have undertaken the guarantees necessary to protect the personal data provided to them, and in view of the existing risks to ensure the relevant security level, including, where appropriate:
The Controller may provide personal data to countries outside the European Union. In such case the provision of personal data may be made in compliance with the requirements of Chapter V of Regulation (EU) 2016/679 and the applicable international treaties between the European Union and third countries (for example, Privacy Shield).
“PRIVATE MONTESSORI KINDERGARTEN OTKRIVATEL” OOD stores personal data in compliance with the “storage limitation” principle. More specifically for the above mentioned purposes the Kindergarten:
Data subjects the personal data of whom is processed by the Controller:
The rights listed above may be exercised by sending a request in an electronic format to email@example.com, signed with a qualified electronic signature in accordance with the Electronic Documents and Electronic Certification Services Act. Written request may also be filed on site at the office of the Kindergarten in: city of Sofia, Vitosha Region, Boyana Residential Estate, 15C, Siri Dol str.
The Kindergarten may require consent by the data subjects as legal grounds for the processing of their personal data for one or more purposes. Some of these purposes may include, for example, posting photographs and videos on the website, in social media, etc. In this case the Kindergarten shall request the consent of the data subject in order to have legal grounds to process their personal data, for which the Kindergarten shall notify the data subject in due time and in an appropriate manner. Personal data may include more categories of those listed above, and the consent shall list explicitly the personal data categories that have to be processed for the respective purpose.
Consent should be expressed freely, specifically, in an informed manner and by means of an unequivocal instruction as to the will of the data subject. Consent may be withdrawn at any time in the manner set out herein above in the section dealing with the exercising of the rights of the data subjects.
In accordance with the General Data Protection Regulation and the Personal Data Protection Act the data subjects have the right to file a complaint to the Commission of Personal Data Protection at the following address: city of Sofia, 2, Professor Tsvetan Lazarov blvd.
The Controller undertakes the personal data security measures required. All documents in the form of printouts, containing personal data, are stored in locked cabinets in the office of the Kindergarten, and only authorised staff members have access thereto. Data in electronic format are stored in compliance with the requirements for information security and restricted access.
Anna-Maria Yotsova – General manager