Welcome to NEXT BASKET. Your privacy is critically important to us. This Privacy Policy explains how we collect, use, and protect your personal information when you use our website and services.

By using the the website and the services you are accepting and consenting to the practices described in this Policy. Please note that this includes consenting to the collection and processing of any personal information you provide, as described below.

We may collect the following types of information:

Personal details such as name, email address, phone number, and address when you register, make purchases, or contact us.

We process this kind of Personal Data, under art. 6, para. 1 of the GDPR, based on:

– Consent given by you as the Data Subject;

– Concluded agreement, under which you as a Data Subject is a party or a representative of a party, as well as for the performance of any required actions required for the conclusion of such an agreement, by request of the Data Subject.

Payment information for transactions.

We process this kind of Personal Data, under art. 6, para. 1 of the GDPR, based on:

– Consent given by you as the Data Subject;

– Concluded agreement, under which you as a Data Subject is a party or a representative of a party, as well as for the performance of any required actions required for the conclusion of such an agreement, by request of the Data Subject.

Usage data, including IP address, browser type, and device information, to enhance your experience.

When you access or use our Website, we automatically collect information about you. This information is used to provide statistical data about our users browsing actions and patterns, and does not personally identify individuals. This information may include:

(i) Log Information: the type of browser you use, access times, pages viewed, your IP address, and the page you visited before navigating to our services.

(ii) Device Information: information about the computer or mobile device you use to access our services, including the hardware model, operating system and version, unique device identifiers, and mobile network information.

(ii) IP address: we may collect information about your computer, including your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.

Furthermore, the IP addresses will be evaluated, together with other data, in case of attacks on the network infrastructure or other unauthorised use or misuse of the Website, for the purpose of intelligence and protection, and if appropriate, used in criminal proceedings for identification and civil and criminal proceedings against the relevant users.

The collection and processing of this technical data is for the purpose of enabling the use of our Website, continuously ensuring system security and stability, optimising our Website, and for internal statistical purposes. This is our legitimate interest in the processing of data in the sense of Art. 6 Par. 1 lit. f GDPR.

You may refuse to provide any and all personal, and/or financial, and/or other relevant information, which may disrupt the provision of the service, or in any way lead to an inability of the Data Controller to perform any and all agreed upon action.

We use the information collected to:

1. Provide and improve our services.
2. Process orders and payments.
3. Communicate with you regarding updates, promotions, and support.
4. Ensure website security and fraud prevention.

We do not sell your personal data. However, we may share your information with:

1. Service providers for payment processing, shipping, and marketing. All our third party service providers are bound by contract to protect and use our users’ Personal Information only for the purposes needed, except as otherwise required by law.
2. Authorities if required by law.

We store and process your Personal Information in data centers around the world, wherever our facilities or service providers are located. As such, we may transfer your Personal Information outside of the EEA. Such transfers are undertaken in accordance with our legal and regulatory obligations.

We use cookies and similar technologies to track activity on our website and enhance your experience. You can manage your cookie preferences through your browser settings.

Depending on your location, you may have the right to:

• Right to information and access

You have the right to receive access to the data, which is related to the means, purposes and basis for the processing of your Personal Data, the recipients and the category of recipients of your Personal Data, etc. in accordance to the Regulation.

• Right to rectification

You have the right to rectify and complete (or request before the Data Controller that they rectify) inaccurate or incomplete Personal Data, which is related to you.

• Right to erasure

You have the right to request the erasure of all Personal Data related to you, and the Data Controller is obliged to delete them in the term provided, when one of the Regulation requirements is fulfilled.

The Data Controller shall not erase the Data, which they are legally obliged to store, including for the purpose of defense in legal claims and proving their rights.

• Right to data portability

You have the right to withdraw all Personal Data, regarding you, which is stored and processed by the Data Controller and request that they transferred to another Data Controller, as appointed by you, whenever technically achievable.

To exercise any of the aforementioned rights, you may file your demand (claim) to the Data Controller to the Correspondence address/e-mail described below.

• Right to restriction of processing

In the circumstance in which the Personal Data we process is inaccurate or out of date, or if you believe that their processing is unlawful, you have the right to request that we restrict the active processing for a term which allows us to check the accuracy of the information and amend it accordingly, or until the problems with the lawfulness of the processing have been resolved.

If you do not wish for some or all of your Personal Data processed on the base of your consent to continue being processed, you have the right to withdraw the consent provided by you

• Right to object

You may object against the processing which we perform at any point on ground related to the specific situation (applicable whenever the processing of Personal Data is being carried out on the basis of our legal interest or a third party). Under any circumstance, you may object against processing for the purposes of direct marketing.

• Right to withdraw consent

Whenever we process your Personal Data on the basis of your consent, you may at any point withdraw your consent. This may happen online, by contacting us via e-mail. The withdrawal of your consent shall in no way affect the lawfulness of the processing performed prior to the withdrawal.

• Right to complaint before the authority body

If you believe that your rights in relation to Personal Data protection and their security have been violated, you have the right to contact the relevant Commission for Personal Data protection.

We implement industry-standard security measures to protect your personal information. However, no method of transmission over the Internet is 100% secure.

We use appropriate technical and organizational security measures to protect your stored personal data against manipulation, partial or complete loss, and unauthorized access by third parties. Our security measures are continuously being improved in line with technical developments.

Part of these measures are:

(i) Password protected directories and databases;

(ii) Only authorised personnel with access to your Personal Information, who are required to treat the information as confidential;

(iii) Secure Sockets Layered (SSL) technology to encrypt and send your information across the Internet securely;

(iv) PCI Scanning to prevent your information from being hacked.

Our website may contain links to external sites. We are not responsible for their content or privacy practices.

THE SERVICE IS NOT FOR PERSONS UNDER THE AGE OF 18 OR FOR ANY USERS PREVIOUSLY SUSPENDED OR REMOVED FROM THE SERVICE. IF YOU ARE UNDER 18 YEARS OF AGE, THEN YOU MUST NOT USE OR ACCESS THE SERVICE AT ANY TIME OR IN ANY MANNER. By accessing or using the Service, you affirm that you are at least 18 years of age.

We do not knowingly collect or use any personal data from minors. A minor may be able to willingly share personal information with others, depending on the products and/or media channels used. If a minor provides us with their information without the consent of their parent or guardian, we will ask the parent or guardian to contact us for the purpose of deleting that information.

We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised effective date.

If you have any questions about this Privacy Policy, please contact us at:
Email: [email protected]

Data Controller

NB Token Ltd., a company incorporated and existing under the laws of Bulgaria, with corporate number (UIC) 208089483, having its seat and registered address: 64A General Yosif V. Gurko str., Sofia, Bulgaria

Authority body

Commission for personal data protection

Address: Sofia, 2 Prof. Tsvetan Lazarov blvd.

Tel.: +3592/91 53 518

e-mail:[email protected]

website: www.cpdp.bg