Last updated: 2025
1. Introduction
This Privacy Policy aims to inform you how we collect, use, store, and protect your personal data when you use our website (the “Site”).
We respect your right to privacy and are committed to ensuring the protection of your personal data in accordance with the requirements of the General Data Protection Regulation (GDPR) and Bulgarian legislation.
By using the Site, you accept the terms described in this Policy.
2. What Personal Data We Collect
Depending on how you use the Site, we may collect the following categories of data:
- Contact information – name, email address, phone number (if you provide them through a contact form);
- Technical data – IP address, browser type, device, operating system, date and time of access;
- Behavioral data – information about how you use the site (e.g., which pages you visit, how much time you spend on them, etc.) collected via cookies and analytics tools (see our Cookie Policy);
- Other information that you voluntarily provide through forms or email correspondence.
3. Purposes for Using Personal Data
Your personal data may be used for the following purposes:
- Responding to inquiries sent via contact form or email;
- Sending information about our products, services, or offers (only with your explicit consent);
- Improving the functionality and security of the website;
- Analyzing and generating statistics about website traffic;
- Complying with legal obligations.
4. Legal Grounds for Processing
The processing of personal data is carried out based on one or more of the following legal grounds:
- Your consent (Art. 6, para. 1, letter “a” of the GDPR);
- Performance of a contract or taking steps at your request prior to entering into a contract (Art. 6, para. 1, letter “b”);
- Legitimate interest of the controller (Art. 6, para. 1, letter “f”);
- Legal obligation, where processing is necessary to comply with legal requirements (Art. 6, para. 1, letter “c”).
5. Data Retention Period
We retain your personal data only for as long as necessary to achieve the purposes for which it was collected, unless a longer retention period is required by law.
After this period, the data will be securely deleted or anonymized.
6. Sharing of Personal Data
We do not sell, rent, or distribute personal data to third parties, except when:
- It is required to comply with a legal obligation;
- It is necessary for cooperation with trusted partners (e.g., hosting providers, IT support, or marketing agencies) who comply with GDPR and process data only under our instructions;
- We have your explicit consent.
7. Data Security
We apply appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or disclosure.
However, no system can guarantee complete security. Therefore, we advise you to always use updated software and secure connections when accessing the site.
8. Your Rights
Under applicable law, you have the following rights:
- To access your personal data;
- To request correction or deletion of data (“right to be forgotten”);
- To restrict or object to processing;
- To withdraw your consent at any time;
- To lodge a complaint with the Commission for Personal Data Protection (CPDP) if you believe your rights have been violated.
9. Contact Us
For questions related to this Privacy Policy or to exercise your rights, you can contact us at:
📩 office@cortizo.bg
10. Changes to This Policy
We reserve the right to update this Policy in case of changes in legislation or the way we process personal data.
All changes will be published on this page, and the date of the latest update will be indicated at the top.