Privacy policy

This document has been prepared in accordance with the requirements of the General Data Protection Regulation, which has been in effect since May 25, 2018 (GDPR). Together with the Personal Data Protection Act, it provides enhanced protection of personal data. The main principles of the new regulations are accountability and transparency regarding the processing of your personal data.

The purpose of this document is to inform you about the most important aspects of the processing of your personal data and the main rights and obligations under the GDPR.

What Information Do We Need?

In the process of providing our services, we collect information about you:

• Identification and contact information;
• Information regarding your financial status, profession, experience, and knowledge to ensure the suitability of the investment products and services we offer.

In some cases, we may use your data even if you are not our client, for example, if you are the beneficial owner or a member of the management/supervisory board of our client.

We do not process your personal data for the purposes of automated individual decision-making, including profiling.

If you do not provide the necessary information, it may prevent us from providing the requested service or continuing to provide it to you.

How Will This Information Be Used?

We collect your data to fulfill our legal obligations, to fulfill our contractual obligations, in connection with our legitimate interest in the services we provide, and to improve the services offered to you and our clients in general.

We will not disclose your personal data, but we may provide it to:

• Courts and other competent authorities – in accordance with or as prescribed by law;
• Companies within the Elana group;
• Service providers necessary for carrying out our business activities;
• Any person you may authorize, or who may be authorized under the terms of our contract.

We require any organization to which we disclose your information or that may receive it on our behalf to ensure its confidentiality and to process it in accordance with the Personal Data Protection Act and the General Data Protection Regulation (GDPR).

How Will We Store Your Confidential Information?

Your information will be kept on our secure computer systems and paper files. We have systems and procedures in place to prevent unauthorized access, improper modification or disclosure, misuse, or loss of information.

How Long Do We Keep Your Data?

The duration for which we retain your data depends on regulatory deadlines applicable to our activities.

Your Rights under the General Regulation

According to the General Regulation, you can:

• Request a copy of the personal information we hold about you.
• Ask for factual inaccuracies in your stored information to be corrected.
• Object to the processing of your personal data for legitimate interest purposes.
• Object to the processing of your personal data for direct marketing purposes.
• Request the deletion of your personal data, the processing of which does not comply with regulatory requirements.
• Request information about the logic involved in any automated processing of your personal data.

If you wish to exercise your rights as a data subject, you can contact us at:

Email: privacy@elana.net
Address: 5 Lachezar Stanchev Str.
Sopharma Business Towers, Tower B, Floor 12
Sofia 1797