Without our users’ data, ClaimCompass Ltd. would not be able to function. That’s why we take the privacy of our users’ data very seriously and we have set a privacy protection policy in place that is robust, secure, and is in compliance with all applicable regulations. Below you will find more information on the types of data we collect and how we use it. 

ClaimCompass Ltd. is incorporated in the European Union and registered with the Bulgarian Commercial Registry under the unique identifying number 203643295. ClaimCompass is also an authorised and registered data controller and administrator under the Commission on the Protection of Personal Data with a registration number 417505. 

 

Legal basis for processing your personal data

We are processing your personal data based on the following grounds: 

The following paragraphs contain detailed information on the ways we process your personal data based on these grounds. 

 

For the execution of a contract or in the context of pre-contractual relations:

We process your personal data in order to fulfill our contractual and pre-contractual obligations to you.

Objectives of the personal data processing:

 

Data we process based on these grounds:

Based on the contract concluded between ClaimCompass Ltd.and you, we process data about the type and content of the contractual relationship including:

The processing of the above-listed data is necessary in order to enter into a contract with you and to fulfill it. Without providing the aforementioned data, we wouldn’t be able to perform our contractual obligations. 


Providing personal data to third-parties:

We are providing your personal data to third-parties with the main objective to provide quality and efficient service. We are not sharing your personal data to third-parties before we are sure that all technical and organisational measures have been taken in order to protect your data. We are striving to exercise strict control over the execution of this objective and we remain responsible for the confidentiality and safety of your personal data.  

We are providing personal data to the following types of recipients (administrators of personal data): 

 

Deletion of the data that’s collected based on this objective:

The personal data we collect based on a contractual ground is deleted 5 years after the termination of the contract regardless of the termination reason (expiration of the contract, revocation or for other reasons).

In the event that you contacted our Customer Support representatives and did not end up entering into a contract with ClaimCompass, your personal data will be deleted within 6 months of the inquiry. 

 

Fulfilment of statutory obligations 

It is possible that the law requires ClaimCompass to process your personal data. Some of these obligations arise from: 


Deletion of data collected on these grounds:

The data that we collect based on an obligation by law is deleted when the obligation for collecting and storage is fulfilled or dropped. For example: 

If required by law, we can share your personal data with international and local authorities, courts,and other third-parties.

 

After giving your consent

We process your personal data on these grounds only after an explicit, unambiguous, and voluntary consent on your part. We will prevent any unfavorable consequences to you in the event you decline the personal data processing. 


The consent is a separate permission to process your personal data and the purpose of the processing is specified therein, and it is not covered by the aims listed in this policy. If you provide the respective consent and until its withdrawal or until the termination of any and all contractual relationships with you, we prepare product/service offers which are appropriate for you.

 

Data we process on these grounds: 

On these grounds, we process only the data for which you have given your explicit consent to ClaimCompass. The particular data are specified for every individual case. The data usually consists of an e-mail address and a name.

Provision of data to third-parties:

For marketing purposes, ClaimCompass may provide your personal data to Facebook, Google, or other similar entities.

In connection with the technical securing of our advertising activity, ClaimCompass may provide the data to Microsoft, Mailchimp, Typeform, Unbounce, SendGrid, or other providers of similar services.

Consent withdrawal: 

The granted consents may be withdrawn at any time. The consent withdrawal has no impact on the fulfillment of contractual obligations. If you withdraw your consent for the personal data processing for any or all ways described above, ClaimCompass will not use your personal data and information for the purposes set out above. The consent withdrawal does not affect the lawfulness of the processing based on a granted consent prior to its withdrawal. In order to withdraw the granted consent, you only need to use our website or simply use our contact information.

When is the data collected deleted on these grounds:

We delete the data collected on these grounds upon  a request from youor when 12 months have elapsed from the initial collection of the data. Prior to the expiration of the 12-month period, ClaimCompass will send you information regarding the forthcoming deletion and give you the opportunity to provide your consent for 12 more months. If you decline or do not express an explicit consent, ClaimCompass will delete your data and no longer send messages to you.

 

Anonymised data processing

ClaimCompass processes user data for statistical purposes, which means for analyses for which the results are only summarised and, as a consequence, the data are anonymous. 
The identification of a specific person of such information is impossible.
Your data may also be anonymised. The anonymisation represents an alternative to the deletion of the data. In the event of anonymisation, all personal and identifiable element(s) enabling user identification will be irreversibly deleted. There is no normative obligation for the deletion of anonymised data since they do not represent personal data.

 

How personal data is protected

For the purpose of ensuring adequate protection of the data of the company and of our clients, ClaimCompass implements all necessary organisational and technical measures set out by the Law for Protection of Personal Data.

The company has set rules for prevention of misuse and security breaches and has designated a Data Protection Officer who supports the processes of protection and ensures the security of your data.

For the purpose of maximum security while processing, transmission, and storage of data, ClaimCompass may use additional protection mechanisms, such as encryption, pseudonymisation, and others.

 

User rights

Every website user enjoys all personal data protection rights as per the Bulgarian Legislation and the laws of the European Union.

The user may exercise their rights through the contact form or by way of sending a message by e-mail to ClaimCompass.

Every user has the right to:

The user may request deletion if one of the following conditions is met:

The user has the right to restrict the processing of its personal data by the controller when:

 

Right to portability 

The data subject is entitled to receive the personal data which concern them and which they have provided to the controller in a structured, commonly used and machine-readable format, and has the right to transfer these data to another controller,without hindrance from the controller to whom the personal data were provided when the processing is based on consent or on a contractual obligation, and the processing is carried out in an automated manner. When exercising the right to portability, the data subject is entitled to receive a direct transfer of the personal data from one controller to another when this is technically feasible.

 

Right to objection

The users have the right to object to the processing of their personal data by the controller. The data controller is obliged to terminate the processing unless compelling legal grounds for the processing exists and is proven, and which override the interests, rights, and freedoms of the data subject, or for the purpose of establishment, exercise, or defence of legal claims. In the event thef objection to the processing of personal data for the purposes of direct marketing, the processing shall be terminated immediately. 

 

Complaint to the supervising authority 

Every user has the right to lodge a complaint against unlawful processing of their personal data with the Commission for Personal Data Protection or with the competent court.

 

Record-keeping

ClaimCompass maintains a register of the processing activities for which they are responsible. This register contains the entire information as set out below: