Information under Art. 19 of the Persnal Data Protection Act

Personal data, within the meaning of the Personal Data Protection Act, shall refer to any information relating to an individual who is identified or identifiable, directly or indirectly, by reference to an identification number or to one or more specific features.

UniCredit Bulbank AD with registered seat and management address: Bulgaria, city of Sofia, Sofia Municipality – Vazrazhdane District, 7 Sveta Nedelya Sq., UIC: 831919536, is registered as a personal data administrator under No. 0017830 in the electronic register of the Commission for Personal Data Protection.
The protection of the personal data of persons whose data are processed is a top priority for UniCredit Bulbank AD.

UniCredit Bulbank AD processes personal data in order to provide services to the persons whose data are processed or in order to consider the possibility of providing such services. Personal data are provided voluntarily. In case personal data are refused to be provided, UniCredit Bulbank AD will not be able to provide the requested banking product or service.

The persons whose personal data are processed by UniCredit Bulbank AD have the right to access and the right to request correction of the personal data relating to them that are processed by UniCredit Bulbank AD as well as to object to the processing of their personal data for the purposes of direct marketing on 0700 18484.

UniCredit Bulbank AD, in order to ensure the best possible protection against accidental or unlawful destruction or against accidental loss, unlawful access, change or distribution as well as against other unlawful forms of processing, uses the necessary technological and organizational measures that meet the requirements of the legislation of the Republic of Bulgaria.

The personal information provided by persons to UniCredit Bulbank AD upon submission of requests for providing of a banking product or service is used for the purposes of analyzing whether they meet the requirements for providing of the particular product or service. The data can be used by the bank in case UniCredit Bulbank AD wishes to contact the persons in relation to the submitted request for a banking product or service.

As there is a chance the persons who have applied for a banking product or service to provide false and/or untrue information, UniCredit Bulbank AD conducts detailed examination of the information received through the requests so as to prevent unlawful processing of such information. In case the bank finds in the course of examination any data that give rise to reasonable doubts about committed violation, the bank communicates that to the competent authorities. UniCredit Bulbank AD can disclose the personal data of the persons who have submitted a request for use of a banking product or service only to persons and authorities specified in a regulatory deed, for the purpose of fulfilling its legal obligations.

In case it is found out, with or without the assistance of the competent authorities, that a third party’s data are filled in by the applicant in the request for the banking product or service and that such data are provided without the consent and/or knowledge of their holder or in another unlawful way, UniCredit Bulbank AD will delete the personal data and make the due efforts to immediately communicate this to the holder of such data, as long as this is possible.”