We value a respectful and transparent approach to handling your personal data. This document provides information on how Noser Bulgaria handles your personal data when you:
If you are an employee of Noser Bulgaria, you will find information and details on how Noser Bulgaria processes employee personal data in the «Employee Information on Data Protection» document. This document is usually attached to the employment contract and can be accessed via the intranet.
When «we» or «us» is mentioned in this privacy policy, it refers to Noser Bulgaria.
1.1 NOSER BULGARIA EOOD (Noser Bulgaria), UIC: 204763906, with registered company address at Sofia, 1504, Tsar Osvoboditel Blvd., 17A, App. 6, info@noser-bulgaria.com is responsible for your personal data.
1.2 The Data Protection Officer can be reached at the aforementioned address (see section 1.1) or via email at datenschutz@nosermanagement.ch.
1.3 As far as Noser Bulgaria requires a representative in Switzerland for data protection purposes, Noser Management AG, Herostrasse 12, 8048 Zurich will act as their Swiss representative.
2.1 Categories of Personal Data
When you access the website, information is automatically sent from your browser to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected and stored until automated deletion:
Additionally, we automatically use cookies during your visit to the website, which are necessary for the smooth functioning of the website. Our Cookie Policy informs you about which cookies we use and when they are deleted.
2.2 Purpose of Processing
We process the aforementioned data to ensure a smooth connection setup and user-friendly use of the website, to ensure network and information security, to evaluate system security and stability, and for administrative purposes and consent management (selected cookie settings). Additionally, we analyze the data of our users in anonymized form. This allows us to better tailor our content and offerings to the needs of our users.
You are not legally or contractually obligated to provide us with your personal data. However, the data is necessary for us to provide you with the full functionality of our website.
2.3 Legal Basis of Processing
The legal basis for data processing is the protection of our legitimate interests. The legitimate interest arises from the aforementioned purposes of data collection. We do not use the data to draw conclusions about your identity.
2.4 Cookies
We use cookies and tracking services on the website. We aim to ensure that our website is designed according to your needs and is continuously optimized. We inform you in this context that you can adjust your browser settings to exclude tracking. To do this, you need to enable the "Do not track" feature of your browser.
Automatically, only the cookies and tracking technologies necessary for the smooth functioning of our website are applied. You can set or completely disable the remaining cookies and tracking technologies yourself. You can change the choice at any time. More detailed explanations can be found in our Cookie Policy.
2.5 Newsletter Subscription
If you have consented to receiving our newsletter, as well as invitations to events and other relevant information, we use your name and email address to send you this information electronically. Typically, we first ask you to confirm your details via email (double opt-in).
You can revoke your consent at any time with effect for the future and unsubscribe from our newsletter. To do this, use the link at the end of each newsletter or alternatively the email address of the Data Protection Officer mentioned above (section 1.3). As a result, we will no longer continue the data processing based on this consent in the future and will delete the corresponding data (reserving the right to use your data for another legitimate purpose).
2.6 Use of Our Contact Form
For any questions, we offer you the opportunity to contact us via a form provided on the website. This requires the provision of data such as a valid email address, name, country, company, etc., so that we know from whom and where the inquiry originates and can respond accordingly. Additional information is voluntary. Typically, we first ask you to confirm your details via email before contacting you (double opt-in).
The data processing for the purpose of contacting us is based on your consent.
The personal data collected by us for the use of the contact form is stored in our marketing tool and our customer management system and assigned to the relevant department. This ensures the prompt and professional handling of your inquiry. After the purpose for which you contacted us has been fulfilled and as fas as there is no further legal basis for processing, your information will be deleted.
2.7 Social Plug-ins
It is in our legitimate interest to use social network plug-ins on our website for advertising purposes. The plug-ins are marked with the image/icon of the respective platform. The responsibility for the data protection-compliant operation lies with the respective provider. The plug-ins are only activated when you click on the corresponding buttons. The plug-ins establish a direct connection between your browser and the servers of the respective social network (Facebook, X [formerly Twitter], Google, etc.). We have no influence on the nature and extent of the data that the plug-in transmits to the servers of the respective social network.
If the plug-in is clicked, the respective network will be informed that you are visiting our website. It is possible that your IP address will be stored by the network. If you are logged into your respective network account (Facebook, X [formerly Twitter], Google, etc.) while visiting our website, the mentioned information will be linked to it.
Further information on how the individual plug-ins work and what information is collected can be found on the website of the respective provider.
3.1 Categories of Personal Data
We primarily process the following personal data:
3.2 Source of Data
We receive your data directly from you or from the company that employs you. We also retrieve data from public registers or databases (such as commercial registers, the internet). As far as permitted, we also receive data about you from other companies in the Noser Group (recommendations, referrals, etc.), from authorities, and other third parties.
3.3 Purpose of Processing
We use the collected personal data to conduct our business activities. This includes, in particular, the following areas:
3.4 Legal Basis of Processing
In most cases, you are not legally obligated to share your personal data with us. However, in some cases, failure to provide certain data may result in a breach of contract.
The primary legal basis for processing your personal data is the negotiation, fulfillment, and execution of contracts concluded with you or your employer.
Additionally, we are legally required to collect and process certain data, such as for accounting and billing purposes.
Furthermore, processing your data may become necessary to protect our legitimate interests. This may include instances where we:
Before processing data based on our legitimate interests, we ensure that your right to privacy is not outweighed by our legitimate interests.
If you submit your application via the website (job portal), please also refer to the information concerning the processing of your personal data in connection with the website visit (see section 2 of this privacy policy).
4.1 Categories of Personal Data
We primarily process the following personal data:
The provision of this data is required for the fulfillment of your employment obligations.
4.2 Purpose of Processing
All data is stored for the purpose of processing the application procedure regarding your potential employment. Where permissible, it is used for communication with you, to verify qualifications and suitability, for a possible interview, and to assess whether an employment relationship will be established or not.
For this purpose, the stored data is processed in the applicant management system we use. From there, the HR department and the line managers or their deputies responsible for the application process have access to your data. Your application data is processed and stored within our internal applications (Office Management System, Client or Applicant Management System, etc.), which may also include cloud applications.
If you send us a speculative application via email or contact form, we will process your application as we would an application received through the job portal.
4.3 Legal Basis for Processing
The legal basis for processing your personal data is the preparation and evaluation of an employment relationship (implementation of pre-contractual measures) that takes place at your request, as well as our legitimate interest in conducting efficient applicant management. If we include your data in our talent pool, we do so with your consent, which you can withdraw at any time.
By submitting an application, you voluntarily provide us with your data, and only as much data is requested as is necessary for processing your application. Mandatory fields are marked with an asterisk (*), all other information is optional.
If you provide us with references as part of the application process, we assume that you have obtained their consent for us to process their data if this information contains personal data of another individual. We will request these references only with your consent, which we will obtain separately.
4.4 Deletion
If the application process does not lead to employment, we will delete your data no later than one year after notifying you of the conclusion of the application process, unless a legal deadline requires a longer retention period, or we are permitted to store your data to fulfill legal obligations or to defend or assert legal claims. The period of one year is necessary in order to prevent certain claims under contracts with our recruiting partners.
If you have consented to further processing of your data, such as inclusion in a talent pool, we will store and process your data according to the consent you have given.
If the application process leads to employment, your data will be transferred to the personnel database and a personnel file and processed according to the legal requirements for the employment relationship.
The disclosure of personal data constitutes data processing. Therefore, we only disclose your personal data to third parties if there is a corresponding legal basis for doing so (as described in Sections 2 to 4, the legal bases we use are typically a contract with you, a legal obligation, our legitimate interest, or your consent). In our operations, we utilize professional support from external service providers who offer various consulting, IT, or other services necessary for our activities. We carefully select our service providers, and they are bound by our instructions.
Your personal data may be shared with the following service providers, companies, and authorities:
Additionally, your personal data may be disclosed in the following cases:
We primarily process and store personal data in Switzerland and the European Economic Area (EEA). However, it is possible that we may need to transfer personal data to business partners or service providers located outside the EEA, including in the USA, or that data may be processed in a country outside the EEA, including the USA.
If we process or transfer personal data abroad, this is done only when the required data protection conditions are met, ensuring an adequate level of protection for personal data (through an adequacy decision, standard contractual clauses, an applicable data protection framework like the EU-US Data Protection Framework, explicit consent of the data subjects, etc.). Detailed information about this, including a copy of the specific safeguards in place, can be obtained at any time from the contact person mentioned in Section 1.3.
Your data will be retained for as long as (i) necessary for the purpose of processing and/or (ii) required by legal obligations, such as statutory retention periods for business records, and/or (iii) necessary for the establishment, exercise, or defense of legal claims. Once we no longer need your personal data for any of the above purposes, it will be deleted or anonymized as far as practicable. Additional details on retention periods and deletion procedures can be found in the information provided for individual data categories (described in Sections 2 to 4).
The data protection law applicable to you and the specific data processing grants you certain rights. These rights may differ between Switzerland, the EU, and other countries. If you have any questions regarding the existence or exercise of these rights, you can contact the person mentioned in Section 1.3 at any time.
Generally, as a data subject, you have the following rights:
We use appropriate technical (such as securing IT systems and building security) and organizational (such as internal policies, training, and procedures) security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction, or unauthorized access by third parties. Our security measures are continuously adjusted according to technological developments.
This privacy policy is currently valid and was last updated in September 2024. As our business activities evolve or as legal or regulatory requirements change, it may be necessary to amend this privacy policy. Therefore, we recommend regularly checking this privacy policy on our website.