Your message was successfully sent!
Thank for contacting us.
Last Updated 21 February 2022
KPMG IT Service OOD (KPMG IT Service), UIC 203572873, having registered seat and business address at: Republic of Bulgaria, 1404 Sofia, Triaditsa district, 45/А Bulgaria blv. (hereinafter referred to as “KPMG”), a Bulgarian limited liability company, a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited, duly represented by Kalin Georgiev Hadjidimov and Svetoslav Rumenov Spasov in their capacity as Managing Directors.
1. Who are we?
2. Who can you contact for privacy questions or concerns?
Postal address: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592
Telephone: +359 (2) 91-53-518,
The other EU member state regulator contacts may be found here
3. How do we collect personal data?
4. What categories of personal data do we collect?
5. What lawful reasons do we have for processing personal data?
We may rely on the following lawful reasons when we collect and use personal data to operate our business and provide our products and services:
6. Why do we need personal data?
We aspire to be transparent when we collect and use personal data and tell you why we need it, which typically includes:
7. Do we share personal data with third parties?
We may occasionally share personal data with certain recipients to help us deliver efficient and quality services. These recipients are contractually bound to safeguard the data we entrust to them. We may engage with several or all of the following categories of recipients:
8. Do we transfer your personal data outside the European Economic Area?
We store personal data on servers located in the European Economic Area (EEA). We may transfer personal data to KPMG International, KPMG member firms, and reputable third party organizations situated inside or outside the EEA when we have a business reason to engage these organizations. Each organization is required to safeguard personal data by means of contracts we have in place with those organizations outside the EEA, containing standard data protection clauses which are in a form approved by the European Commission.
Your data protection rights are highlighted here. To submit a data request please follow this link.
10. What are your data protection rights?
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your other rights. This helps us to ensure that personal data is not disclosed to any person who has no right to receive it. No fee is required to make a request unless your request is clearly unfounded or excessive. Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds.
11. What about personal data security?
We have put appropriate technical and organisational security policies and procedures in place to protect personal data from loss, misuse, alteration or destruction. We aim to ensure that access to your personal data is limited only to those who need to access it. Those individuals who have access to the data are required to maintain the confidentiality of such information. We may apply pseudonymisation, de-identification and anonymisation techniques in efforts to further protect personal data.
Please be aware that the transmission of data via the Internet is not completely secure. Whilst we do our best to try to protect the security of your personal data, we cannot ensure or guarantee the security of your data transmitted to our site; any transmission is at your own risk.
12. How long do we retain personal data?
We retain personal data to provide our services, receive services or goods from our suppliers and sub-contractors, stay in contact with you and to comply with applicable laws, regulations and obligations that we are subject to. We also make reasonable efforts to retain personal information only for so long i) as the information is necessary to comply with an individual’s request, ii) as necessary to comply with legal, regulatory, internal business or policy requirements, or iii) until that person asks that the information be deleted. The period for which data is retained will depend on the specific nature and circumstances under which the information was collected. We will dispose of personal data in a secure manner when we no longer need it.
13. Do we link to other websites?
Information about Job Applicants
By submitting your CV and the supporting documentation thereto under this advertisement for a job at KPMG IT Service, you give us – KPMG IT Service your consent to process your personal data in the course of the current recruitment campaign. KPMG IT Service processes your personal data in the course of the current recruitment campaign for the following purposes:
When you apply for a job at KPMG IT Service, we process the following categories of personal data:
If you have a social media profiles with provider facilitating professional communication, such as LinkedIn or on your current employer’s website, we may review it. We will not inspect any purely personal social media activities of yours.
If you are a selected candidate for employment, KPMG IT Service will require additional personal details, as is necessary for the conclusion of an employment contract and you becoming a KPMG person.
The personal data you provided shall be processed for the purposes of the current recruitment campaign and will be deleted not later than 1 (one) month as of its completion, unless you are a selected applicant. If in the course of the current recruitment campaign you provided original or notarized copies of documents, these documents will be returned to you within the term stated above.
Any internally required documentation concerning you, which was created by KPMG IT Service in the course of the current recruitment campaign on the basis of the information and documents you provided, may be stored by KPMG IT Service for a period of 3 years as of the completion of the campaign in order to defend the legal rights and interests of KPMG IT Service in the course of any administrative or court proceedings as per applicable legislation in force.
KPMG IT Service, upon your request, may keep your personal data and use the in the course of subsequent recruitment campaigns to inform you of available positions and include you application in the selection process. Under this scenario, we will stored your personal data for a period of another 2 years as of the end of the current campaign. After that your personal data will be permanently deleted.
Granting your consent is necessary to complete the recruitment process of KPMG IT Service. You may refuse to grant your consent, but in this case KPMG IT Service will not be able to include your application in the recruitment procedures.
You may withdraw your consent at any time by sending us an email at email@example.com or by post at: 1766, Mladost 4 r.a., Business park Sofia, building 15A, floor 3.
The withdrawal of consent does not affect the lawfulness of the processing completed prior to receiving the withdrawal.
Furthermore, the General Data Protection Regulation guarantees you a certain set of rights that you may exercise in relation to your personal data processed by us. In summary, you have the following data protection rights: to access, rectify, update or request deletion of your personal information or the restriction of their processing, as well as the right of data portability. You are also entitled to lodge a complaint with the Bulgarian Commission for Personal Data Protection. Please refer to the “What are your data protection rights?” section for further details.