-15% on non-promotional services for new clients • -50% on laser hair removal • -30% on single and package treatments for face and body with NuEra Tight • GIFT laser hair removal for women whole arms area when purchasing a whole legs area • GIFT laser hair removal for women armpit area purchasing an intimate area • GIFT laser hair removal for women chin area purchasing an upper lip area • GIFT laser hair removal for men nostril area purchasing a beard shaping area • GIFT laser hair removal for men chest area purchasing an abdomen area • GIFT laser hair removal for men armpit area purchasing an shoulders area -
KEEP TIME
BOOK NOW
SHOP NOW
  • diyana aesthetics

Privacy Policy

Mandatory information on the rights of persons on personal data protection

We at Diyana Aesthetic House have a long-term commitment to respect the privacy of every user and customer with whom we have a relationship, and therefore it is very important for us to be transparent about how we manage your personal data.

Diyana Aesthetic House also processes personal data outside of our diyana.com pages, for which a separate privacy notice is required. That is why we clarify:
In connection with the implementation of Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016, Diyana Aesthetic House adopts and implements an updated policy for the protection of your personal data that you have provided to us as a user of our website.

Mandatory information on the rights of persons on personal data protection (Privacy notice)

Information about the company that processes your data:
Name “DN Innovation” OOD EIK/BULSTAT 206564732
Headquarters and management address, Sofia, Totleben Blvd. No. 31, floor 1, apartment 3
Correspondence address, Sofia , “Totleben” Blvd. No. 31, fl. 1, apartment 3
Phone: 0887 604 641
E-mail: diyanaaesthetic@gmail.com
Website www.diyanahouse.bg

Information about the competent supervisory authority for the protection of personal data

Name Commission for the protection of personal data
Headquarters and address of management city Sofia 1592, blvd. “Prof. Tsvetan Lazarov” No. 2
Correspondence address Sofia 1592, blvd. “Prof. Tsvetan Lazarov” No. 2
Phone 02 915 3 518
Website www.cpdp.bg

Diyana Aesthetic House (hereinafter referred to as “Administrator”) carries out its activities in accordance with the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons in relation to the processing of personal data and on the free movement of such data. This information is intended to inform you about all aspects of the processing of your personal data by the Company and the rights you have in relation to this processing.

Basis for collecting, processing and storing your personal data

The administrator collects and processes your personal data in connection with the use of Facebook chatbot on the basis of Art. 6, para. 1, Regulation (EU) 2016/679 (GDPR), and more specifically based on the following grounds:
• Expressly obtained consent from you;
• Compliance with a legal obligation that applies to the Administrator;
• For the purposes of the legitimate interests of the Administrator or a third party;

Purposes and principles in the collection, processing and storage of your personal data

We collect and process the personal data you provide to us for the purposes of functioning of diyana.com, including for the following purposes:
• improving the presentation of publications on the platform;
• statistical purposes for improving the bulletins;
• protection of information security.

We observe the following principles when processing your personal data:
• legality, good faith and transparency;
• limitation of processing purposes;
• relevance to the purposes of the processing and minimization of the collected data;
• accuracy and timeliness of the data;
• limitation of storage in order to achieve the goals;
• integrity and confidentiality of processing and ensuring an appropriate level of personal data security.

What types of personal data does our company collect, process and store

The company performs the following operations with the personal data provided by you as users of the chatbot platform for the following purposes:

• Registration and participation in an event
For participation in events organized by the Company, we collect personal data from persons who wish to participate and attend, to establish their identity and identify them in the list of participants in the event. If you wish, we can send you information about future events that would be of interest to you. Registration for participation in the event is carried out on site at the Company’s office or by e-mail before its start, according to the conditions for its holding.
Conclusion of the impact assessment: Given the small volume of natural persons whose data is processed, and given the limited volume of personal data that is collected, the Personal Data Protection Officer considers that conducting an impact assessment is not necessary for the current operation .

• Organizing games and sending prizes – For users who have won prizes by participating in any of our games, raffles, contests and others, we collect and process the data you provide in order to send you the won prize. The prize can be sent by us or our partner, as well as by a courier company. If you wish, we can keep the data you provided for the delivery of the prize in the future. The provision of data for sending the prize takes place after we send you a notification that you have won, requesting the necessary information.
Conclusion of the impact assessment: Given the small volume of natural persons whose data is processed and given the limited volume of personal data that is collected, the Personal Data Protection Officer considers that conducting an impact assessment is not necessary for the current operation.

The administrator processes the following categories of personal data and information for the following purposes and on the following grounds:
• Data: Your individualizing data (e-mail, social network profile (Facebook), Nickname/Username, etc.)
• Purpose for which the data is collected:
Establishing a connection with the user and sending information to him.
• Basis for processing your personal data: – You have provided express consent for the processing of your personal data for one or more specific purposes – 6, para. 1, b. (a) of the GDPR at the time of subscription.
• Grounds for data processing: You have given express consent to the processing of his personal data for one or more specific purposes – 6, para. 1, b. (a) of the GDPR at the time of subscribing to the Platform.
• Grounds for data processing:
The administrator does not collect or process personal data relating to the following:
• reveal racial or ethnic origin;
• reveal political, religious or philosophical beliefs, or membership in trade unions;
• genetic and biometric data, health data or data on sex life and sexual orientation.
The Company does not perform automated data decision making.
Social Network Tracking Data
When you interact or communicate through social network channels/pages/promotions and blogs (eg when you click “like” or “share”, when you post and share comments and submit ratings and reviews), your personal data are processed.

The personal data we collect includes the publicly available information provided by you in the context of social networks, from the relevant social network provider through a third party that carries out social network monitoring, such as: name, gender, date of birth or age, initial page, profile picture, time zone, postal address, country, interests and comments and content you have posted/shared.

We use this personal data to get a general idea of people’s opinion of us and our brand, to gain insight into relevant online opinion leaders, to resolve issues and/or improve Diyana Aesthetic House’s products and services/or to initiate a conversation with you for promotional purposes (based on questions/requests you have made to us or our competitors).

We consider that the processing of social network tracking data in the context of the above is based on a legitimate interest of Diyana Aesthetic House and is lawful according to Article 6 f) of Regulation (EC) 5419/16.

How do we take care of the security of your personal data?

We strive to use reasonable organizational, technical and administrative measures to protect personal data within our organization. Unfortunately, no data transfer or storage system can be 100% secure. If you have reason to believe that your interactions with us are no longer secure, please inform us immediately.

For what period of time is personal data stored?

We will retain your personal data for as long as is necessary or permitted in relation to the purposes for which it was collected.

Transmission of your personal data for processing

The administrator may, at its own discretion, transfer part or all of your personal data to processors of personal data for the fulfillment of the processing purposes to which you have agreed, subject to the requirements of Regulation (EU) 2016/679 (GDPR).

The administrator notifies you in case of intention to transfer part or all of your personal data to third countries or international organizations.

Your rights in the collection, processing and storage of your personal data

Withdraw consent to the processing of your personal data

If you do not wish all or part of your personal data to continue to be processed by the Company for specific or all processing purposes, you may at any time withdraw your consent to processing by means of a request in free text.

Right of access

You can at any time see in your profile what data is stored and processed for you.

Upon request, we will provide you with additional information relating to the collection, processing and storage of your personal data and, if you wish, a copy of the processed personal data relating to you in electronic or other appropriate form.

Providing access to the data is free of charge, but the Administrator reserves the right to impose an administrative fee in case of repetitive or excessive requests.

Right to erasure

You have the right to ask the Administrator to delete part or all of your personal data, and the Administrator has the obligation to delete them without undue delay, when any of the following grounds are present:
• the personal data are no longer necessary for the purposes, for which they were collected or otherwise processed;
• You withdraw your consent on which the data processing is based, and there is no other legal basis for the processing;
• You object to the processing of your personal data, including for direct marketing purposes, and there are no overriding legal grounds for the processing;
• personal data were processed illegally;
• personal data must be deleted in order to comply with a legal obligation under EU law or the law of a Member State that applies to the Administrator;
• the personal data were collected in connection with the provision of information society services.

The administrator is not obliged to delete personal data if it is stored and processed:
• to exercise the right to freedom of expression and the right to information;
• to comply with a legal obligation that requires processing provided for in EU law or Member State law applicable to the Administrator, or for the performance of a task in the public interest, or in the exercise of official powers granted to him;
• for reasons of public interest in the field of public health;
• for the purposes of archiving in the public interest, for scientific or historical research or for statistical purposes;
• for the establishment, exercise or defense of legal claims.

In case of exercising your right to be forgotten, the Company will delete all your data, except for the following information:
• information that is necessary to certify that your right to be forgotten has been fulfilled.
• technical information about the functioning of the platform, which information cannot be connected in any way to your person.

To exercise your right to be forgotten, you need to take the following steps:
• To submit a request through your account on the platform.

Upon completion of the procedure, a copy of the request is sent to the email address you provided.

Once the procedure has been completed and we have verified the identity of the person making the request and the person to whom the data relates in accordance with the steps above, we will delete all data we process about you in accordance with para. 3.

Right to limitation

You have the right to request the Administrator to limit the processing of the data related to you when:
• you dispute the accuracy of the personal data, for a period that allows the Administrator to verify the accuracy of the personal data;
• the processing is illegal, but you do not want the personal data to be deleted, but only to have its use limited;
• The administrator no longer needs the personal data for the purposes of processing, but you require them to establish, exercise or defend your legal claims;
• You have objected to the processing pending verification of whether the legal grounds of the Administrator take precedence over your interests.

Right of portability

You can at any time download the data that is stored and processed for you in connection with the use of the platform by requesting it from the administrator.

You may request the Administrator to directly transfer your personal data to an administrator specified by you, when this is technically feasible.

Right to object

You can object at any time to the processing of personal data by the Administrator that relates to you, including if it is processed for the purposes of profiling or direct marketing.

Your rights in the event of a breach of the security of your personal data

If the Administrator detects a violation of the security of your personal data, which may create a high risk for your rights and freedoms, we will notify you without undue delay about the violation, as well as about the measures that have been taken or are about to be taken.

The administrator is not obliged to notify you if:
• he has taken appropriate technical and organizational measures to protect the data affected by the security breach;
• has subsequently taken measures to ensure that the breach will not result in a high risk to your rights;
• notification would require a disproportionate effort.

Other provisions

The administrator does not transfer your data to third countries.

In the event of a breach of your rights under the above or applicable data protection legislation, you have the right to lodge a complaint with the Commission for Personal Data Protection as follows:

Name Commission for the protection of personal data
Headquarters and address of management city Sofia 1592, blvd. “Prof. Tsvetan Lazarov” No. 2
Correspondence address Sofia 1592, blvd. “Prof. Tsvetan Lazarov” No. 2
Phone 02 915 3 518
Website www.cpdp.bg

You can exercise all your rights regarding the protection of your personal data by making your requests in any form that contains a statement to that effect and identifies you as the data owner.

Injection procedures

Laser hair removal

Apparatus facial treatments

Apparatus body treatments

Intimate aesthetics

Search all

PROMO
PRICES
BLOG
CONTACT
Facebook Instagram Tiktok
  • follow us:
Product Image

bought

0
    0
    Cart
    Your cart is emptyКъм магазина
    Continue