Management Financial Group (MFG) is an international financial institution with a global forward looking ambition.
Go to about us »
Go to Portfolio »
For us, „Management Financial Group” JSC (the Company), the protection of your personal data is of primary importance. Therefore, we would like to inform you on what grounds, for what purposes, within what periods and by what means your personal data are processed when you visit our website: www.managementfinancialgroup.com. We strictly adhere to the applicable data protection regulations in each operation of personal data processing. The General Data Protection Regulation 2016/679 (“GDPR”) on the protection of natural persons with regard to the processing of personal data shall apply to the territory of the EU, including Bulgaria, with effect from 25 May 2018). It provides you with enhanced data protection rights, to which our more detailed obligations also correspond; more information on this issue may be found below in this Personal Data Protection Policy (the Policy.
In this Personal Data Protection Policy MFG, “we”, “us” or “our” shall mean „Management Financial Group” JSC , and “you”, “your” and “user” shall mean visitors to our website – www.managementfinancialgroup.com.
This Personal Data Protection Policy shall explain and govern:
Please carefully read this Personal Data Protection Policy. By accessing and using our website and services, you confirm that you have had an opportunity to read this Policy, that you understand it and that you agree to be bound by it. If you fail to do so, you must immediately cease using our website and any services provided by us.
We may amend this Policy from time to time in order to comply with applicable laws and regulations or meet changing business requirements. You are encouraged to periodically review this page for the latest information on our privacy practices and amendments to our Personal Data Protection Policy. Every time we make an amendment to the Policy, we will notify you of possible effects of the amendment without delay and in summary on our website www.managementfinancialgroup.com and at the Company’s office located in the City of Sofia, Lyulin District, 7 Lyulin residential complex, Silver Center, 28 Jawaharlal Nehru Blvd., Floor 2, Office № 40-46.
– “Personal Data” – means any information relating to a natural person, which separately or in combination with other information, may result in their identification or may identify them.
– “Data Subject” – means any alive natural person who is identified or identifiable by means of processed personal data.
– “Personal Data Processing ” – means any action that we carry out or may carry out with your personal data, including but not limited to their collection, analysis or destruction.
– “Data Controller – with regard to personal data it controls, this is MFG. We define the purpose of your personal data processing, on any of the legal grounds to this effect; in principle, we also define the methods for such processing – for example, the technical infrastructure and applications used for the processing. We assume the responsibilities with regard to the security and protection of your personal data.
– “Data Processor” – this is a third party that processes your personal data upon our assignment, whereas MFG has strictly defined the purpose and methods of processing and has verified whether the entity meets the requirements of GDPR. For example, such data processor may be an agency, which is responsible for a marketing campaign of MFG in social media and issues reports for its success.
– “Personal Data Breach” means any breach of security, which results in accidental or unauthorized destruction, loss, change, unauthorized disclosure of or access to personal data that are transferred, stored or processed otherwise.
– “Digital Archives” – the website www.managementfinancialgroup.com, all landing pages supported by the Company, web, native and mobile applications accessible to customers.
MFG is a company, whose objects of activities include granting of loans with funds, which have not been raised through public attraction of deposits or other repayable funds, Financial leasing; acquisition of credit claims; provision of investment management services, management, consultancy, including business management consulting, investment and transaction consulting, risk analysis and management, market research, project management, and any other non-lawful activity, acquiring participations in any other financial institution, acquiring loan receivables, carrying out any other financial activity as permitted pursuant to Article 3 of the Credit Institutions.
MFG has its seat and registered office situated in the City of Sofia, Lyulin District, 7 Lyulin residential complex, Silver Center, 28 Jawaharlal Nehru Blvd., Floor 2, Office № 40-44 contact telephone: 0882 659 103. You can contact us by visiting us at the Company’s address specified above and on our website: www.managementfinancialgroup.com.
Data Protection Officer (“DPO”), e-mail: email@example.com.
Your personal data will be processed by MFG only in accordance with the applicable data protection regulations. When you communicate with us through any of the communication channels, you acknowledge that the data you have provided are accurate, correct and up-to-date.
We should inform you that any consent to processing your personal data may be withdrawn at any time by submitting a request in writing to the Company’s registered office situated in the City of Sofia, Lyulin District, 7 Lyulin residential complex, Silver Center, 28 Jawaharlal Nehru Blvd., Floor 2, Office № 40-46, and by sending an e-mail to: firstname.lastname@example.org. The withdrawal of your consent to processing of your data will in no way have any adverse effect in case of entering into Contract for Services offered by the Company.
Personal data shall be stored for the time periods required to achieve the purposes for which they have been collected. After achieving the purposes for which personal data have been collected, we will destroy them immediately.
MFG shall take all necessary technical and organizational measures for the destruction of data that are no longer necessary, except in cases where there are legitimate grounds for MFG to process them for a longer period of time; when you make a request for restricting processing in accordance with your rights detailed below; or with a view to or compatible with the original purpose for processing of which you will be informed in a timely manner.
MFG shall store collected personal data within the following periods:
After the expiration of the said time periods, if there are no other grounds for the processing of the data, they will be erased. For the purpose of obtaining and analyzing information related to the products and services used by you, and improving customer service, the Company may erase only part of the data. In such cases, it shall continue to store such part of the data that does not allow natural persons to be subsequently identified.
The following categories of persons, that may be processors on the grounds of contracts entered into with the Company, may also have access to your personal data, namely:
The Company is obliged to provide personal data on its customers to competent authorities and institutions pursuant to applicable law and when such data are lawfully requested.
MFG does not transfer personal data to a third country or international organization outside the European Union.
To ensure adequate protection of the data of the Company and our customers, we apply all necessary organisational and technical measures provided for in the Personal Data Protection Act and the General Data Protection Regulation.
The Company has established structures designated to prevent misuse and security breaches, and has also appointed a Data Protection Officer supporting the processes related to protecting and ensuring the security of your data.
For the purposes of ensuring maximum security when processing, transferring and storing your data, we may use additional protection mechanisms such as encryption, pseudonymization, etc.
As a data subject, whose data are processed by MFG, you shall have rights described in details below.
You should take into consideration that the provision of personal data is voluntary – it is necessary for the conclusion of a contract with the Company. In the event that data are not provided, the Company will not be able to provide a product or service.
MFG shall meet your requests without delay, within 30 calendar days after submitting them. By our decision, we provide or refuse access and/or information requested by the applicant, but we always justify our response. For the purpose of the website of the Company, there is a link to this Policy published on a clearly visible and accessible position.
Applications concerning the exercise of your rights shall be submitted:
The exercise of rights shall be free of charge and shall cover all structured and unstructured data, as well as all databases supported by the Company.
Exceptions to the time period intended for satisfying the rights and the free of charge basis are allowed in cases of requests made by the same customer of data with a frequency greater than 3 times a year and requiring mobilization of a significant administrative resource on part of the Company. In this case, we may charge a reasonable fee with a view to the administrative costs incurred.
Where the data subject submits a request by electronic means, the information shall be provided, where possible, by electronic means, unless the data subject has not requested otherwise.
When the Company has reasonable concerns in relation to the identity of the natural person who makes a request for the exercise of their rights under this section, the directly responsible person shall immediately consult with the Data Protection Officer in view to the identification of the customer.
You should also consider that the withdrawal of consents provided does not affect the lawfulness of the processing of your personal data before such withdrawal. Despite the withdrawn consent, your personal data may be processed by the Company, if there are grounds for processing the data other than those referred to in Section 5.
You shall have the following rights:
As a data subject, you shall have a right to obtain information on important features of the processing of your personal data, including, but not limited to its purpose, period and grounds, on the recipients and the categories of recipients of the personal data, etc.
In addition to the above information, you should consider that you are not a subject of automated decision making, including profiling.
In accordance with the applicable personal data protection laws, you have the rights specified below, and we are obliged to respond to each of your requests within 1 month of receipt of the request and for no extra charge. In case of any difficulties for the timely fulfillment of such requests, the period may be extended by another 2 months, of which you will be notified within 1 month of receipt of the request.
You may request information on what personal data concerning you we process, and whether we process such. You may request access to such data.
We will provide you with a statement of personal data that are being processed. For additional statements we may adopt a reasonable fee on the basis of administrative costs. When you submit a request through electronic means, we will provide the information, where possible, in a widely used electronic form unless you have requested otherwise.
If we process incomplete or incorrect personal data concerning you, you have the right to have such data rectified and completed at any time.
You may request to have your personal data erased in the following cases:
Note that there may be other reasons that can thwart the immediate erasure of your data, such as statutory obligations for storage, pending proceedings, the establishment, exercise or defense of legal claims, etc.
You have the right to obtain restriction of processing, if:
If you request restriction of processing, we will inform you prior to revoking the restriction of processing.
You may request from us to provide you with the personal data concerning you that we process in a structured, commonly used and machine-readable format and which can be transmitted to another financial institution for example. This shall apply, provided that
You have the right, at any time and on grounds relating to your particular situation, to object to processing of your personal data.
When you have given your consent to the processing of data for the purposes of direct marketing, you have the right at any time to object to the processing of personal data without having to specify any grounds.
Please contact us if you think that we have violated any applicable law on the protection of personal data in the processing of your data and as a result we have affected your rights. Surely, you also have the right to lodge a complaint with the Personal Data Protection Commission , which is a supervisory authority in respect of personal data protection, to the following address: city of Sofia 1592, 2 Prof. Tsvetan Lazarov Blvd., tel. 02/91-53-518, e-mail: email@example.com.