Privacy Policy

of HUMAN BUSINESS STUDIO Ltd.

August 17th, 2020

Thank you for visiting the h.i summit website: https://hisummit.org (“The Site”). This Privacy Policy informs you about the collection of personal data when using the Site. Other Human Business Studio Ltd. websites have a separate privacy policy.

The Policy does not concern the collection of information via other channels.
By using the Site you consent to the collection, processing, and disclosure of your personal information (where necessary and under strict security measures), as set out in this Policy. In case you do not agree to this, please refrain from using the Site.

This Privacy Policy covers the processing and protection of personal data in accordance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation).

The collection of personal data is limited to the extent which is necessary. Personal data is all data that can identify you directly or indirectly, e.g. name, postal address, e-mail, IP address, phone number. We have taken the required technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to the latest regulatory requirements and technological standards.

This Privacy Policy concerns the following:

  • the entity responsible for the processing of your data;
  • the categories of personal data we process;
  • the circumstances under which your information is processed;
  • the goals and legal grounds for the processing;
  • terms for safekeeping and security measures of the data;
  • how to exercise your rights under the General Data Protection
    Regulation (“GDPR”);
  • how and in what cases we share your personal data with third parties.

Human Business Studio Ltd.
UIC 205148001
56 Andrey Lyapchev blvd.
Sofia 1799
Represented by Mrs. Nina Vladimirova
T. +359 899 876782
Email: nina@humanbusiness.studio

When using the Site for information purposes only, i.e. if you do not register for our events or otherwise provide us with personal information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data which is technically necessary for us to display our website to you and to ensure its stability and security:
  • IP address
  • Date and time of the request
  • Access status/HTTP status code
  • Requesting website
  • Browser, operating system, and interface.
The legal grounds for the processing of the above information is Art. 6, para1 “f”, GDPR. The purpose of collecting the data is to make it possible to serve the Site to you (by establishing a TCP/IP connection), to secure our servers, the technical administration of our infrastructure, as well as the optimization of our services. Only in the case of unauthorized access or attacks on our infrastructure your IP address will be analyzed. No further information is required from you in order to access the Site.
When you contact us via email, telephone, or via other communication channels, the data you provide (e.g. your email address, your name, and your phone number) will be retained by us in order to answer your questions. These details enable us to give you more concrete information regarding your inquiry and to improve the processing of your request. This information is shared by you on a voluntary basis and with your consent on the grounds of Art. 6, para 1 letter “a”, GDPR. You can revoke this consent at any time in the future. If this is the case, please contact us at hello@hisummit.org We delete the data collected in this context after the retention is no longer necessary or limit the processing if statutory retention obligations exist.

With your consent according to Art. 6, para 1 letter “a”, GDPR you can subscribe to our newsletter, with which we inform you about the latest news, exclusive content, and updates regarding the h.i summit.
In addition, we store your IP addresses and the time of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.
The only mandatory information for sending the newsletter is your name, email address, and telephone number. After your confirmation, we will save your data for the purpose of sending you the newsletter. The legal basis is Art. 6, para 1 “a”, GDPR. We will retain your e-mail address until you unsubscribe from the newsletter.
You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter-email, which sends a notification to hello@hisummit.org.

You have the possibility of registering for the h.i summit events. For the registration we collect and retain the following personal data from you:
  • First name
  • Last name
  • E-mail
  • Phone number
After your registration, you will be transferred to the web sites of our ticketing partners to pay and receive your electronic ticket for the event. Your registration is voluntary. The legal basis to process your data is Art. 6 para 1 letter “b”, GDPR. We delete the data collected in this context no longer than 5 years after gathering, or limit the processing if statutory retention obligations exist.

When you use the Site, cookies are placed on your computer. Cookies are small text files stored on your hard disk which are allocated to the browser you use and through which certain information flows to the location that sets the cookie. Cookies cannot run programs or transmit viruses to your computer. They serve to make Internet services more user-friendly and effective. We also use cookies to identify you for follow-up visits if you have signed up for our Newsletter.
The placement of cookies on your computer can be prevented through the relevant settings of your Internet browser. Previously set cookies can also be deleted through the settings of your browser. We advise you that preventing the placement of cookies on your computer can mean that not all functionalities of the Site are available and/or are limited.
You can generally opt-out of the use of cookies by changing your browser settings. If you choose your browser not to accept cookies from the Site, you will be able to view it, however, you will not have a personalized experience, nor will you be able to subscribe to our Newsletter.

This Site is WordPress and uses the following types of cookies, the scope, and functionality of which are explained below:
6.1. Strictly Necessary: These are the cookies that are essential for WordPress.org to perform basic functions. These include those required to allow registered users to authenticate and perform account related functions.
6.2. Functionality: These cookies are used to store preferences set by users such as account name, language, and location.
6.3. Performance: Performance cookies collect information on how users interact with websites hosted on WordPress.org, including what pages are visited most, as well as other analytical data. These details are only used to improve how the website functions.
6.4. Tracking: These are set by trusted third party networks (e.g. Google Analytics) to track details such as the number of unique visitors, and page views to help improve the user experience.
6.5. Third-Party/Embedded Content: WordPress.org makes use of different third-party applications and services to enhance the experience of website visitors. These include social media platforms such as Facebook and Twitter (through the use of sharing buttons), or embedded content from YouTube and Vimeo. As a result, cookies may be set by these third parties and used by them to track your online activity. We have no direct control over the information that is collected by these cookies.
Details about WordPress cookies and storage periods can be found at https://wordpress.org/about/privacy/cookies/.

For the purpose of analyzing and optimizing the Site we use various services which are described below. For example, we can analyze how many users visit the Site, which information is most in demand, or how users find the Site. Among other things, we collect data about which website a person has accessed another website from (so-called referrers), which subpages of the website were accessed, where did the user move their cursor or click on the page or how often and for how long a subpage was viewed. This helps us to design and improve our services in a user-friendly way. The data collected in this case is not used to identify individual users. Anonymous or at most pseudonymous data is collected. The legal basis for this is Art. 6, para 1 “f”, GDPR.
This Site uses the web analysis service of Google Analytics and Hotjar. Cookies are stored on your computer for this analysis. You can stop the analysis by deleting existing cookies and preventing the storage of cookies. If you prevent the storage of cookies, we point out that you may not be able to use this Site in its entire functionality.
Details about Google Analytics Cookie Usage on Websites and storage periods you can find at
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.

Human Business Studio has integrated Facebook and Instagram on the Site.
The responsible entity for Facebook and Instagram (Data Controller) is:
Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States.
When a data subject lives outside the United States or Canada, and Facebook undertakes data processing, the responsible entity is:
Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
When a user clicks the Facebook/Instagram buttons, Facebook’s/Instagram’s websites will be contacted, and the user’s data will be transferred from the Site to Facebook. Facebook will receive through this the information that the user has visited h.i summit website. Details of the Facebook-supplied plugins can be accessed at https://developers.facebook.com/docs/plugins

If the user is logged into a Facebook or Instagram account (even if it is not their own account) at the time when the user accesses the Site, Facebook will additionally receive a notification that the user has visited the Site. Facebook collects this information, so a theoretical possibility exists that it could associate it with the respective Facebook or Instagram account. The same also applies to the “Like” buttons, or to the usage of Facebook/Instagram comment forms; Facebook could associate this information with the logged-in Facebook/Instagram account.
To prevent this, you can log out of any Facebook or Instagram accounts prior to visiting the Site. To do this, you must visit the Facebook website.
For further information relating to data protection and Facebook, please see: https://facebook.com/about/privacy or https://help.instagram.com/519522125107875

Human Business Studio has integrated LinkedIn on the Site. The responsible entity for LinkedIn (Data Controller) is: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States. If the user is logged into a LinkedIn account (even if it is not their own account) at the time when the user accesses the Site, LinkedIn will additionally receive a notification that the user has visited the Site. LinkedIn collects this information, so the theoretical possibility exists that it could associate it with the respective LinkedIn account. To prevent this, you can log out of any LinkedIn accounts prior to visiting the Site. To do this, you must visit the LinkedIn website. For further information relating to data protection and LinkedIn, please see: https://www.linkedin.com/legal/privacy-policy

Human Business Studio has integrated Twitter on the Site.
The responsible entity for Twitter (Data Controller) is:
Twitter, Inc., Market Street Suite 900 San Francisco, CA 94103 United States.
If the user is logged into a Twitter account (even if it is not their own account) at the time when the user accesses the Site, Twitter will additionally receive a notification that the user has visited the Site. Twitter collects this information, so the theoretical possibility exists that it could associate it with the respective Twitter account.
To prevent this, you can log out of any Twitter accounts prior to visiting the Site. To do this, you must visit the Twitter website.
For further information relating to data protection and Twitter, please see: https://twitter.com/en/privacy

We do not transfer your data to any third parties unless we are legally obliged to do so, or the transfer of data is necessary for the performance of a contractual obligation, or you have explicitly consented to the transfer of your data. As far as external service providers may come into contact with your personal data, we ensure that these comply with Art. 28, GDPR within the scope of order processing. The respective service provider is responsible for the content of external services. Within reason, we verify the compliance of the external services with the respective legal requirements.
We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to the latest regulatory requirements and technological standards. Your data is stored only on secure servers, accessible only by a few authorized employees. When you use a form on our website to send us data, this transmission is only performed via an encrypted TLS connection.

According to GDPR, you have the following rights with regard to personal data relating to you:

14.1 General rights
You have a right to information, rectification, deletion, restriction of processing, objection to processing, and data transferability. If processing is based on your consent, you have the right to withdraw this consent at any time with effect for the future.

14.2 Rights with regard to data processing according to legitimate interest.
According to Art. 21 para 1, GDPR, you have the right to object at any time for reasons arising from your particular situation to the processing of your personal data pursuant to Art. 6, para1 “e”, GDPR (data processing in the public interest) or Article 6 para 1 letter f, GDPR (data processing to safeguard a legitimate interest). This also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights, and freedoms, or the processing serves to assert, exercise or defend legal claims.

14.3 Rights with regard to direct marketing
If based on your consent we process your personal data for direct marketing purposes, you have the right pursuant to Art. 21 para 2, GDPR to object at any time to the processing of your personal data for the purpose of such advertising by withdrawing this consent. This also applies to profiling insofar as it is associated with such direct marketing.
In the event of your objection/withdrawal of consent to the processing for direct marketing purposes, we will no longer process your personal data for these purposes.

14.4 Right of appeal to a supervisory authority
You also have the right to complain to a data protection supervisory authority regarding our processing of your personal data. If you consider that the processing of personal data relating to you infringes GDPR, you have the right to file a complaint with the supervisory authority in the country of your habitual residence, place of work, or place of the alleged infringement.
The supervisory authority that is responsible for monitoring the application of GDPR in Bulgaria (where Human Business Studio as a data controller resides) is the Commission for Personal Data Protection, with contact details as follows: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592, www.cpdp.bg.

From time to time, we may amend this Policy to accommodate new technologies, industry practices, regulatory requirements, or for other purposes. We will provide notice to you if these amendments are material and, where required by applicable law, we will obtain your consent. We also recommend that you consult this Policy at the Site on a regular basis, so that you remain informed of any changes. The first edition of this Privacy Policy has entered into force on Aug 17th, 2020.