We use cookies to improve your experience on our site, to provide personalized ads or content, and to analyze traffic. By clicking "I accept", you consent to our use of cookies. You can manage your cookie settings by clicking the "Cookie settings" button. For further information about how we process your personal data, see our Cookie Policy or Privacy Policy.
Privacy Policy
PRIVACY POLICY
Version 1.0
Introduction
We, "GMP Consult" LLC, UIC: 203745236, address: 11A "Andrey Saharov" St., Varna, with the business name GMP Consult Ltd. (hereinafter referred to as the "Company" or the "Administrator"), understand how sensitive information about you and your business is. That is why your privacy and the security of your personal data are of utmost importance to us. We comply with all applicable data protection laws, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and the free movement of such data, repealing Directive 95/46/EC (hereinafter referred to as "GDPR").
This Privacy Policy provides information about the personal data we collect and process, the legal grounds for processing, how we collect and protect your personal data, where we store it, and with whom we share it in the context of providing our services (hereinafter referred to as the "Services") and maintaining our website www.dpk.bg (hereinafter referred to as the "Website"), as well as the rights you have as a client (hereinafter referred to as "Client/s"). Our primary Service involves information management. To provide this service, we collect personal data voluntarily provided by the Client. The data varies depending on the specific service used.
Personal Data Administrator
1. The Personal Data Administrator is: "GMP Consult" LLC, UIC: 203745236, address: 11A "Andrey Saharov" St., Varna, with the business name GMP Consult Ltd., email: info@dpk.bg, and the Company is legal user of the website: www.dpk.bg
What Personal Data We Collect
2. When accessing the Website or using our Services, we may collect and process some or all of the following types of personally identifiable information or business-related data ("Personal Data"): (i) Identity Data: first name, middle name, surname, Personal Identification Number (EGN), date of birth, nationality, address, postal code; (ii) Contact Data: email address, phone number, place of residence; (iii) Technical Data: IP address, browser type, time zone and location, browser plug-in types and versions, operating system and platform, and other technology on the devices used to access the Website and Services, comments on the Website's blog, and information about the comment date and the Client's chosen username; (iv) Banking Information: bank card details, payment history; (v) System Access Data: email account, instant messaging account, other IDs, system passwords, activity logs, and electronic content produced via the Company's systems; (vi) Client Feedback Data: email address, opinions on the Company's services, survey responses, preferred communication methods; (vii) Website Usage Data: information on how the Website and the Company's Services are used; (viii) Aggregate Data: statistical or demographic information for any purpose; (ix) Business Data: company partners, managers, board of directors, company name, registered office, and any other business-related information; (x) Third-Party Personal Data Provided by You: When using the Website and entering third-party personal data, you provide us with personal data for processing. You must ensure that the data is legally collected and that you have a valid legal basis for processing. We process this data solely to provide our Services.
How We Collect Personal Data
3. The Company collects personal data: (i) Directly from the Client: When the Client contacts us directly; When using the Website content and Services; When submitting an inquiry through the contact form on the Website; When registering on the Website; When communicating with the Company via phone, email, or social media; When leaving a comment on the Website or the Company's social media profiles. (ii) Indirectly from Third Parties, including: Public registers (such as trade registers), social media, and service providers.
4. When Clients engage us to perform professional services that involve sharing personal data they control as part of that engagement. Providing personal data is voluntary and will not result in adverse consequences if the Client chooses not to provide it. However, if certain information is not provided, the Client may be unable to access some of the Services on the Website that require such data.
Purposes and Legal Basis for Processing Personal Data
5. We collect Personal Data based on the following legal grounds and for the following processing purposes:
(i) Legal Basis: Contract
To fulfill a contract with the Client or take steps at the Client’s request before entering into a contract; To register you as a Client and create your profile on the Website; To provide and administer Services; To process payments, billing, and collections.
(ii) Legal Basis: Voluntary Consent
To provide feedback regarding our Services (including newsletters and marketing materials).
(iii) Legal Basis: Our Legitimate Interests
To administer and manage our relationships with Clients, including accounting, auditing, and other business operations; To analyze, improve, and personalize our Services; To ensure compliance with our policies, including maintaining the security of our Website and Services; To manage IT and communication systems, IT security, access control, and business continuity.
(iv) Legal Basis: Compliance with Legal Obligations
To maintain records, comply with reporting obligations, conduct audits, and fulfill regulatory requests; To participate in legal proceedings, exercise legal rights, and comply with administrative or judicial orders; To protect against fraud, money laundering, and other threats.
6. The Company does not sell, rent, or distribute Client data to third parties. We will only share personal data without Client consent when required by law or necessary for legal assistance.
Security Measures
7. We have implemented serious technical and organizational measures to protect stored and processed Personal Data, including: Protection against code injection; Servers secured against DoS attacks; Strong backup policies; Contacting only registered users with prior consent; Requiring strong passwords upon registration; Data is hosted only within Europe.
8. While we strive to protect our systems, sites, and operations from unauthorized access, use, modification, and disclosure, we cannot guarantee absolute security due to the open nature of the internet and other risk factors.
Personal Data Retention and Sharing
9. Personal data is retained only as necessary to provide the Company’s Services and fulfill other purposes outlined in this Privacy Policy, section Purposes and Legal Basis for Processing Personal Data. After this period, the data is deleted and/or destroyed.
10. In the course of our business activities and in compliance with applicable data protection laws, we may share personal data with third parties ("Recipients"), including: Chatbots, Electronic signature solutions, Online forms, Website usage monitoring, Crash reporting services, Newsletter subscriptions.
Data Subject Rights
11. The data subject has the right to: (i) Request access to their processed personal data and receive a copy; (ii) Request correction or deletion of personal data or restrict its processing ("right to be forgotten"); (iii) Object to processing; (iv) Request data portability to another administrator; (v) File a complaint with the Bulgarian Commission for Personal Data Protection (CPDP), address: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592, Bulgaria, website: https://cpdp.bg.
Last updated: 14.03.2025.