Privacy Policy

1. General Information
A) Preamble
This Privacy Policy is intended to inform you about how BUSINESS INSTITUTE LTD protects your personal data as the Data Controller, and how you can manage your preferences and settings regarding this processing.
Our primary mission is to be of service to you by providing information about the training courses we organise in the form of workshops and educational programmes, as well as by developing methodologies and tools in the areas of management, entrepreneurship, and innovation.
The information below is designed to inform you of how we care for and protect your personal data, and to explain your rights under the General Data Protection Regulation (GDPR) and other applicable data protection laws.
B) Data Controller
We, BUSINESS INSTITUTE LTD (hereinafter referred to as "The Business Institute"), registered in the Commercial Register of the Bulgarian Agency for Registrations with EIK 203719316, with our registered office and management address at 99 Knyaz Boris I Boulevard, Sofia, and our correspondence address at 23A Frederic Joliot-Curie Street, Sofia 1113, act as the Data Controller in accordance with the GDPR and are therefore responsible for the processing of data as explained below.
For any enquiries or requests regarding data processing, please contact us at office@thebusinessinstitute.eu or +359 882 924 710.
C) Data Protection Officer
You may contact our Data Protection Officer at any time using the following contact details:
BUSINESS INSTITUTE LTD, Sofia, 23A Joliot-Curie Street,
Data Protection Officer, Tel: +359 882 924 710, +359 894 590 530; Email: office@thebussinesinstitute.com
2. Purposes, Basis, and Principles of Processing Your Personal Data
a) Registration for Training or Participant Registration for an Event
We will process the personal data collected via the training registration form for the purpose of sending you information about an upcoming training session and to respond to any queries you may have. Should you indicate a desire to participate in a specific training, we will use your data to enter into a contract and issue an invoice.
Or
The purpose of this operation is to administer the registration process for participants in events and games, and to send prizes for games held. Given the limited scope of the personal data collected, a Data Protection Impact Assessment is not required.
b) Subscription to our Business Notes Newsletter or Registration Form for the Business Notes Email Newsletter
We will process the personal data collected via the subscription form in order to send you our newsletter containing engaging business stories and valuable content regarding upcoming training sessions and events, as well as special offers, promotions, promo codes, news, and new functionalities, for clients who have indicated that they wish to receive it.
Or
By entering your details (name, email address) in the email newsletter registration form, you agree that we may contact you and send you our Business Notes newsletter. The processing of your data for sending the newsletter is based on your explicit consent – Article 6(1)(a) of the GDPR.
c) Marketing Analysis and Customer Analysis
We will process all of your personal data collected via the customer registration form for the purposes of managing our relationship with you and for customer analysis. This includes market research, feedback and customer satisfaction surveys, customer analysis, segmentation, and profiling, so that we may offer training, promotions, and proposals that are of interest to our clients, as well as analysing purchases – that is, client purchases, repeat purchases of certain goods, and purchase dates. This processing is based on our legitimate interest in improving our services and our relationship with you, which is a key factor in our business success. The data we collect and store helps us learn more about your interests and needs.
d) Contact Form
By filling in the fields in the contact form, you indicate your consent for us to process the personal data you provide (name, email address) for the purpose of following up with you and providing the information and/or service you have requested. The information you submit via the contact form will be stored for a period of 1 year. We do not use this information for marketing purposes.

e) We Adhere to the Following Principles When Processing Your Personal Data:

• Lawfulness, fairness, and transparency;
• Purpose limitation;
• Data minimisation and proportionality relative to the purposes of processing;
• Accuracy and up-to-dateness of the data;
• Storage limitation in relation to the achievement of the purposes;
• Integrity and confidentiality of the processing, ensuring an appropriate level of security for your personal data.

3. What Personal Data Do We Process?
a) For the purposes of registration for future training, we process the following data:

• Client’s first and last name, email address, telephone number, company, and job position.

b) For the purposes of marketing and customer analysis:

• Client’s name, company, job position, email, SMS, Viber, telephone, or postal address.

4. What Personal Data Do We Not Process?
The Data Controller does not collect or process personal data that relates to:

• Racial or ethnic origin;
• Political, religious, or philosophical beliefs, or membership of trade unions;;
• генетични и биометрични данни, данни за здравословното състояние или данни за сексуалния живот или сексуалната ориентация.

Personal data is collected by the Data Controller from the individuals to whom it relates. The Data Controller does not conduct automated decision-making using the data. The Data Controller does not collect data on individuals under the age of 18.

5. Recipients of Data
We do not provide your personal data to third parties. We do not sell, trade, or in any way grant access to your personal information to other parties.

6. Duration of Data Retention
Your personal data will be stored until the termination of our relationship, except in cases where we are legally required to retain your data for additional purposes, such as for submission to public authorities (for example, tax authorities). This retention and transfer of your personal data to public authorities for the purpose of fulfilling a legal obligation is based on Article 6(1)(c) of the GDPR.

7. Your Rights
As a data subject, you may contact our Data Protection Officer at any time in writing, using the contact details provided above, to exercise your rights under the GDPR. These rights include:

• The right to obtain information about the processing of your data and a copy of the processed data.
• The right to request the rectification of inaccurate data or the completion of incomplete data.
• The right to request the deletion of personal data, and, in cases where personal data has been disclosed publicly, information regarding other deletion requests.
• The right to request the restriction of data processing.
• The right to receive the personal data concerning you in a structured, commonly used, and machine-readable format and to request the transmission of these data to another Data Controller.
• The right to withdraw your consent at any time, thereby stopping the processing of data based on your consent. Withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.
• Правото да оттеглите дадено съгласие по всяко време, за да спрете обработката на данни въз основа на Вашето съгласие. Оттеглянето няма да засегне законосъобразността на обработката въз основа на съгласието преди оттеглянето.
• The right to lodge a complaint with a supervisory authority (the Commission for Personal Data Protection) if you believe that the processing of your data infringes the GDPR or any applicable data protection legislation.

Should any changes in the law require an amendment to this Data Protection Notice, we will inform you promptly via the contact details you have provided – such as your business telephone, postal address, or business email. If changes affect processing based on your consent, we will, if necessary, request your renewed consent.

8. Cookie Policy

What are Cookies?
A "cookie" is a short text string sent to your browser by a website you visit. It helps the website remember information about your visit and your settings. This can make your next visit easier and more personalised.
Cookies are used for various purposes – to remember your preferences and settings for display, font, and language, to offer you advertisements relevant to your interests, to track website traffic statistics, to remember that you are logged in, and more.

Types of Cookies

Session Cookies
Session cookies allow you to be recognised during a single visit to the website, so that any personalisations or changes made on one page are remembered on other pages. Session cookies are temporary and expire when you close your browser or log out of the site.remember that you are logged in, and more.

Persistent Cookies
Persistent cookies remain on your computer for a specified period after your session has ended, allowing your preferences and settings to be "remembered" when you revisit the site.

Third-Party Cookies
These are cookies that store information to measure the effectiveness of the website and advertisements based on demographics, interests, session duration, etc. This site uses services such as the Google Analytics tag, Meta (Facebook) Pixel, and LinkedIn Insight Tag for web analysis. All this information is used solely for statistical purposes. No information is disclosed to third parties. These cookies are not used for any purposes other than those stated here.

How to Control Cookies
You can control and/or delete cookies at any time. For further information, please visit AllAboutCookies.org. You can delete all or selected cookies that are already stored on your computer, and you can also configure most browsers to block them. However, if you do so, you may need to manually adjust some settings each time you visit a website, and some services and functions may not work.