1. Data Protection overview
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator whose data is available a bit later below.
How do we collect your data?
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site. We might use some of the data for the marketing purposes of our brand.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge (Art. 15 of GDPR). You also have the right to request that it be corrected(Art. 16 of GDPR), blocked, or deleted(Art. 17 of GDPR).
You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities(Art. 77 of GDPR).
2. General information and mandatory information
Complete protection of your data from third-party access is not possible. In accordance with Art.33 and Art. 34 of GDPR, in case we detect such a breach we will notify CPDP in 72 hours.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
Bright Marketing Research 9,
Sveti Sedmochislenitzi str., office 7
Sofia 1407, Bulgaria
Phone: +359 2 4390790, +359 2 4390799
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time (Art. 7 of GDPR) with future effect by sending us an informal email requesting this. The data processed before we receive your request may still be legally processed.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities (Art.77 of GDPR). The competent regulatory authority for matters related to data protection legislation is the Commission for Personal Data Protection of the Republic of Bulgaria.
A list of data protection officers and their contact details can be found at the following link: https://www.cpdp.bg/en/index.php?p=pages&aid=5
Right to data portability
You have the right to have data that we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format (Art. 20 of GDPR). If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed (Art. 15 of GDPR). You also have the right to have this data corrected (Art. 16 of GDPR), blocked or deleted (Art. 17 of GDPR). You can contact us at any time using the address given in p.2 above if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
3. Data collection on our website
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources. The basis for data processing is Art. 6 (1) (f) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question, and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time with an informal email making this request. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
We use Google Analytics (GA) in order to better understand our customer behavior on our site and enhance the customer experience. We also use Advertising Features of GA, to be able to provide the right audience with the most relevant message and to analyze the website usage. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
When you visit our website information about your browser version, operational system, referrer URL, IP, and time of the request is being sent to the Google servers located in the USA. The data we collect via GA is stored for 50 months.
You have the right to opt-out of GA entirely by https://tools.google.com/dlpage/gaoptout?hl=en.
In addition, to easily opt-out from GA on our website you can click this link. You will create a cookie, that will last 10 years or unless you clear your cache and cookies. Further information about handling user data, can be found at https://support.google.com/analytics/answer/6004245?hl=en and the specially developed section for privacy by Google: https://privacy.google.com/
Google Ads remarketing.
We use Google Ads Remarketing (GAds) in order to better understand our customer behavior on our site and personalize the advertising for a better experience, as well as, to limit the ads to customers that already are our clients. This way we provide the right audience with the most relevant message. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
We use Linkedin Insights in order to better understand our customer behavior on our site and enhance the customer experience. We also use Advertising Features of LinkedIn Insights, to be able to provide the right audience with the most relevant message, and to analyze the website usage. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR. Linkedin personal data (like audience email addresses) that is stored by advertisers in LinkedIn Campaign Manager is automatically deleted in 90 days if it is not edited or being used in any active campaigns. You can read the full statement of LinkedIn here. Since the data is kept via cookies, by opting out of our cookies, the cookie for LinkedIn Insights shall also be removed alongside the other cookies.
Clarity is a GDPR compliant as a data controller for visitors and co-controllers for the data gathered by the Clarity script on our website. For more details, refer to the Microsoft Privacy Statement.
4. Plugins and tools
Google Web Fonts
For a uniform representation of fonts, this page uses web fonts provided by Google.
When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. For this purpose, your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
If your browser does not support web fonts, a standard font is used by your computer.