This Privacy Policy explains how naskivo.eu ("we", "our", "us") collects, uses and protects personal data when you interact with our website at naskivo.eu. We are committed to protecting your privacy in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Bulgarian Personal Data Protection Act (PDPA).
1. Data Controller
The data controller responsible for your personal data is:
naskivo.eu Ltd.
Registered in Bulgaria
Contact: [email protected]
Phone: +359 87 342 9156
For data protection enquiries, please contact us at the address above with the subject "Data Protection Request".
2. What Personal Data We Collect
We may collect and process the following categories of personal data when you use our website or place an order:
- Identity data: Full name as provided in the order or contact form.
- Contact data: Phone number and email address (where provided).
- Delivery data: Delivery address and postal code in Bulgaria.
- Transaction data: Order details, product selections and payment method (we do not store full payment card numbers).
- Technical data: IP address, browser type and version, pages visited, referring URL, and cookies (see our Cookie Policy).
- Communication data: Messages and enquiries sent via our contact form or by phone.
We do not collect special categories of sensitive personal data (such as health or biometric data) through this website.
3. How We Use Your Personal Data
We process your personal data for the following purposes and on the following lawful bases:
- Order fulfilment (contract): To process, confirm and deliver your order, and to contact you by phone regarding your order.
- Customer support (legitimate interest / contract): To respond to enquiries, handle returns and resolve issues.
- Legal compliance (legal obligation): To comply with Bulgarian and EU tax, consumer protection and accounting regulations.
- Website improvement (legitimate interest): To analyse website usage anonymously and improve functionality and user experience.
- Direct marketing (consent): Only with your explicit consent, to send relevant offers by email or phone. You may withdraw consent at any time.
4. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes described above:
- Order and transaction records: 5 years, as required by Bulgarian accounting law.
- Customer communication records: Up to 2 years after the last contact.
- Marketing consent records: Until you withdraw your consent.
- Technical / cookie data: As specified in our Cookie Policy.
5. Sharing Your Data
We do not sell, rent or trade your personal data. We may share your data with trusted third parties only where necessary:
- Courier services: Econt Express and Speedy, to fulfil delivery of your order within Bulgaria.
- Payment processors: Secure payment gateway providers for card and ePay transactions (they have their own privacy policies).
- IT / hosting providers: Web hosting and email service providers operating under GDPR-compliant data processing agreements.
- Legal authorities: If required to do so by applicable law, court order or regulatory authority.
All third-party processors are bound by appropriate data processing agreements and GDPR-compliant safeguards.
6. Your Rights Under GDPR
As a data subject in Bulgaria and the EU, you have the following rights:
- Right of access: Request a copy of the personal data we hold about you.
- Right to rectification: Request correction of inaccurate or incomplete data.
- Right to erasure ("right to be forgotten"): Request deletion of your data where there is no legitimate reason to continue processing it.
- Right to restriction: Request that we restrict processing of your data in certain circumstances.
- Right to data portability: Request transfer of your data to you or a third party in a structured, machine-readable format.
- Right to object: Object to processing based on legitimate interests or direct marketing at any time.
- Right to withdraw consent: Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
7. Supervisory Authority
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Bulgarian data protection supervisory authority:
Commission for Personal Data Protection (CPDP)
Address: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592, Bulgaria
Website: www.cpdp.bg
Phone: +359 2 915 3580
8. Cookies
Our website uses cookies to improve your browsing experience. For full details of what cookies we use and how to manage them, please see our Cookie Policy.
9. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure or destruction. These measures include SSL/TLS encryption for data in transit, access controls and regular security reviews. However, no internet transmission is 100% secure, and we cannot guarantee absolute security.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The "Last updated" date at the top of this page will be revised accordingly. We encourage you to review this policy periodically. Continued use of our website after updates constitutes acceptance of the revised policy.
Data Protection Enquiries
Send us a message regarding your personal data rights or any privacy-related questions.