top of page

Privacy Policy

Privacy Policy for Alisev LTD.
 

 

1. Identity of the data collector manager

The person responsible for collecting your personal data is Alisev LTD. registered with the Bulgarian Trade and Companies Register under number 206119999, having its registered office at 17A Brabcha, Sofia, 1000. Alisev LTD. ("the Company," "we,", "SekMed" or "us") is committed to protecting the privacy of our users ("you" or "user") when using our supplement application or website. This online privacy statement (the “Statement” or “Policy”) describes how we collect, use, disclose, and the security of the personal information we gather about you through our Website, https://www.sekmed.co/, Application, or our Platform (the "App", the "Website" or together the “Services”).  

2. Purpose of this charter

The purpose of this charter is to inform you about the means that we implement to collect your personal data, in the strictest respect of your rights. We indicate to you on this subject that we comply, in the collection and the management of your personal data, to law n ° 78-17 of 6 January 1978 relating to data processing, files, and freedoms, in its current version (hereinafter: the "Data Protection Act"), as well as Regulation (EU) 2016/679 of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter: the "GDPR").

3. Information Collection and Use

When you use the App, we collect the following information:

Personal information: When you sign up for the App, we collect your name, email address, and payment information (if applicable). If you choose to take the health assessment questionnaire, we will collect information about your health needs, goals, habits, and personal preferences. As part of the test available on our Site to determine your personalized recommendations according to your needs, we collect health data (such as the existence or not of deficiencies, allergies, pregnancy, tiredness, a problem with digestion, skin problems, trouble concentrating or seeing things, or having diabetes or joint problems). These data are only collected with your express consent via the checkbox available at the start of the questionnaire. You can withdraw your consent at any time by writing to us at the contact details described below. 

4. Usage information - purpose (s) and legal basis (s):

We collect information about how you use the App, including the supplements you choose, how often you take them, and any progress you track. We use this information to provide you with personalized recommendations for supplements, nutrition, and tests that match your needs, as well as general health and wellness tips. We may also use your information to analyze trends and improve the Service.
Legal basis:
Execution of pre-contractual measures taken at your request
Execution of a contract concluded with you or your explicit consent for the collection of health data
Retention periods:
For customers: data is kept for the duration of the subscription and increased by a period of 3 years from the termination or end of your subscription.
However, your health data is kept only for the duration of your subscription or one-time assessment.
In addition, your account is automatically deleted if it remains suspended or inactive for a period of 2 years.
For prospects: data is kept for 3 years from their collection or from the last active contact, with the exception of health data which is kept for 1 year from their collection.
Your data may be anonymized for statistical purposes.

Execute your order, carry out operations relating to customer management concerning contracts, orders, deliveries, invoices, loyalty programs, and monitoring of the relationship with customers:
Legal basis: Execution of a contract that you have subscribed to
Retention periods:
Personal data is kept for the duration of the subscription and increased by a period of 3 years from the termination or end of your subscription.
In addition, your account is automatically deleted if it remains suspended or inactive for a period of 2 years.
Personal data may be archived for probative purposes for a period of 5 years.
Regarding the data relating to your bank card, they are kept by our payment service provider for the duration of your subscription.
The data relating to the visual cryptogram or CVV2, written on your bank card, are not stored.

Managing people's opinions on products, services, or content:
Legal basis: Our legitimate interest in developing and promoting our business
Retention periods:
Personal data is kept for the duration of the subscription and increased by a period of 3 years from the termination or end of your subscription.
Your data may be anonymized for statistical purposes.
Create a file of customers and prospects:
Legal basis: Our legitimate interest in developing and promoting our business
Retention periods:
For customers: data is kept for the duration of your subscription and is deleted after a period of 3 years from the termination or end of your subscription.
If you suspend your account or it remains inactive, your data will be deleted after a period of 2 years.
For prospects: data is kept for a period of 3 years from your last active contact.

Send newsletters, solicitations, and promotional messages:
Legal basis:
Our legitimate interest in developing and promoting our activity, when you are already a customer of our services
Your consent, if you are not yet a customer
Retention period: The data is kept for 3 years from your last active contact.

Manage requests to exercise rights:
Legal basis: Our legitimate interest in complying with our legal obligations
Retention periods:
If we ask you for proof of identity: we keep it only for the time necessary to verify identity. Once the verification has been carried out, the proof is deleted.
If you exercise your right to object to receiving prospecting: we keep this information for 3 years.

Respond to your requests for information:
Legal basis: Our legitimate interest in providing you with quality service
Retention period: The data is kept for the time necessary to process your request for information and deleted once the request for information has been processed.

Respond to your support requests via the help center:
Legal basis: Our legitimate interest in providing you with quality service
Retention period: The data is kept for the time necessary to process your support request and deleted once the request has been processed.

Develop commercial statistics and traffic to our services:
Legal basis: Our legitimate interest in improving our services
Retention period: The data is kept for the duration of the subscription.

When collecting your personal data, we inform you if certain data must be entered or if they are optional. Mandatory data is necessary for the operation of the services. Regarding optional data, you are entirely free to indicate it or not. We also tell you what are the possible consequences of a failure to respond.

5. Information Sharing

We will not sell, rent, or share your personal information with third parties for marketing purposes. We may share your information with our team and other staff of our company, the departments responsible for control (auditor in particular);
our subcontractors: our hosts, our CRM and newsletter sending tool, our payment service providers, our customer support tool provider, our service provider collection of opinions, our visualization tool, and our telephony tool.

We may also share your information with third-party service providers who help us provide the Service, such as payment processors, hosting providers, and analytics providers. These service providers are contractually obligated to keep your information confidential and use it only for the purpose of providing the services we have requested. 


Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process the personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Public bodies may also be recipients of your personal data, exclusively to meet our legal obligations, court officials, ministerial officers, and bodies responsible for debt collection.

6. Security

We inform you to take all useful precautions, and organizational and technical measures appropriate to preserve the security, integrity, and confidentiality of your personal data and in particular, to prevent them from being distorted, damaged or that unauthorized third parties having access to them. We will also use secure payment systems that comply with the state of the art and applicable regulations.

Right to data portability

You have the right to demand that we hand over any data we automatically process on the basis of your consent or in order to fulfill a contract be handed over to you or a third party in a commonly used, machine-readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.

SSL and/or TLS encryption

For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line. If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.

7. Hosting
We inform you that your data is kept and stored within the European Union for the duration of its conservation.

We are hosting the content of our website at the following provider:
WIX
The provider is Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel (hereinafter: “WIX”).
WIX is a tool for creating and hosting websites. When you visit our website, WIX analyses user behavior, visitor sources, region of website visitors, and visitor numbers. The WIX stores cookies on your browser, which are necessary for the presentation of the website and to ensure security (necessary cookies).

Date recorded via WIX may be stored on a variety of servers around the globe. Among other locations, WIX servers are also located in the USA.
Details can be found in the privacy policy of WIX: https://wix.com/about/privacy.
According to WIX, the transfer of data to the United States as well as other non-EU countries is based on the standard contract clauses of the EU Commission or comparable warranties pursuant to Art. 46 GDPR. For details, please go to: 
https://wix.com/about/privacy-dpa-users.


The WIX is used on the basis of Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable presentation of our website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.


In the context of the tools that we use (see Article 5 on recipients concerning our subcontractors), your data may be transferred outside the European Union. The transfer of your data in this context is secured using the following tools:
Either these data are transferred to a country that has been deemed to offer an adequate level of protection by a decision of the European Commission; Either we have concluded a specific contract with our subcontractors governing the transfers of your data outside the European Union, on the basis of standard contractual clauses between a data controller and a subcontractor approved by the European Commission. Either appropriate guarantees as listed in the GDPR have been put in place to regulate said data transfer.

8. What are your rights over your personal data?
You have the following rights with regard to your personal data:
Right to information: this is precisely why we have drawn up this charter.
Right of access: you have the right to access all of your personal data at any time.
Right of rectification: you have the right to rectify your inaccurate, incomplete, or obsolete personal data at any time.
Right to limitation: you have the right to obtain the limitation of the processing of your personal data in certain cases defined in article 18 of the GDPR.
Right to erasure: you have the right to demand that your personal data be erased and to prohibit any future collection.
Right to lodge a complaint with a competent supervisory authority (in France, the CNIL), if you consider that the processing of your personal data constitutes
a violation of the applicable texts.
Right to define guidelines for the retention, erasure, and communication of your personal data after your death.
Right to withdraw your consent at any time: for purposes based on consent, you can withdraw your consent at any time. This withdrawal will not call into question the legality of the processing carried out before the withdrawal.
Right to portability: under certain conditions, you have the right to receive the personal data you have provided to us in a standard machine-readable format and to require its transfer to the recipient of your choice.
Right to object: you have the right to object to the processing of your personal data. Note, however, that we may continue to process them despite this opposition, for legitimate reasons or the defense of legal rights.
You can exercise these rights by writing to us at the contact details below. We may ask you on this occasion to provide us with additional information or documents to prove your identity.

 

9. Complaints

You have the legal right to lodge a complaint with the local supervisory authority regarding the processing of your personal data. On the territory of the Republic of Bulgaria, the contact details for the data protection supervisory authority are as follows:

Personal Data Protection Commission

Address: Sofia, Tsvetan Lazarov Blvd. No. 2

Tel. +359 2 915 3580; fax: +359 2 915 3525

E-mail: kzld@cpdp.bg

Website: http://www.cpdp.bg/

Without limiting in any way your legal right to contact the supervisory authority at any time, we ask that you contact us in advance and we promise that we will do our best to resolve any issues that arise amicably.


10. Point of contact for personal data
Contact email: a.ikonomova()sekmed.co
Contact address for writing enthusiasts: 17a Vrabcha, Sofia 1000,  Bulgaria

11. Amendments
We reserve the right, at our sole discretion, to modify this charter at any time, in whole or in part. These changes will come into force as of the publication of the new charter. Your use of the Site following the entry into force of these modifications will constitute recognition and acceptance of the new charter. Otherwise and if this new charter does not suit you, you will no longer have to access the Site.

12. Entry into force
This charter entered into force on March 29, 2023

bottom of page