User rights

User Rights

Every User of the website is entitled to all rights for the protection of personal data under Bulgarian law and the law of the European Union.

The User may exercise their rights by sending a message to our email: office@madihealth.com

Each User has the right to:

  • Be informed (regarding the processing of their personal data by the controller);

  • Access their own personal data;

  • Rectification (if the data is inaccurate);

  • Erasure of personal data ("right to be forgotten");

  • Restriction of processing by the controller or the data processor;

  • Data portability between individual controllers;

  • Object to the processing of their personal data;

  • Not be subject to automated decision-making, including profiling, which produces legal effects concerning the data subject or similarly significantly affects them;

  • Legal or administrative protection, in cases where the data subject’s rights have been violated.

A User may request data erasure if any of the following applies:

  • The personal data is no longer necessary for the purposes for which it was collected or otherwise processed;

  • The User withdraws their consent on which the processing is based, and there is no other legal ground for the processing;

  • The User objects to the processing, and there are no overriding legitimate grounds for the processing;

  • The personal data has been unlawfully processed;

  • The personal data must be erased for compliance with a legal obligation under Union or Member State law applicable to the controller;

  • The personal data has been collected in relation to the offer of information society services to a child and the consent was given by the person holding parental responsibility.

Right to Restrict Processing

The User has the right to restrict the processing of their personal data when:

  • They contest the accuracy of the personal data – the restriction applies for a period enabling the controller to verify the accuracy;

  • The processing is unlawful, but the User does not wish for the data to be deleted and requests restriction of use instead;

  • The controller no longer needs the personal data for processing purposes, but the User requires it for the establishment, exercise, or defense of legal claims;

  • The User has objected to processing pending the verification of whether the legitimate grounds of the controller override those of the User.

Right to Data Portability

The data subject has the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format and has the right to transmit that data to another controller without hindrance, where:

  • The processing is based on consent or on a contract; and

  • The processing is carried out by automated means.

Where technically feasible, the data subject has the right to have the personal data transmitted directly from one controller to another.

Right to Object

Users have the right to object, at any time, to the processing of their personal data. The data controller must cease the processing unless it demonstrates compelling legitimate grounds that override the interests, rights, and freedoms of the User or for the establishment, exercise, or defense of legal claims.

If the objection concerns processing for direct marketing purposes, the processing must cease immediately.

Lodging a Complaint

Each User has the right to lodge a complaint regarding unlawful processing of their personal data with the Commission for Personal Data Protection or the competent court.

Record Keeping

We maintain a record of processing activities for which we are responsible. This record contains the following information:

  • The name and contact details of the controller;

  • The purposes of the processing;

  • A description of the categories of data subjects and of the categories of personal data;

  • The categories of recipients to whom the personal data has been or will be disclosed, including recipients in third countries or international organizations;

  • Where possible, the envisaged time limits for erasure of the different categories of data;

  • Where possible, a general description of the technical and organizational security measures in place.

Product added to wishlist

We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept all" , you consent to our use of cookies.