en_US EN
en_US EN bg_BG BG de_DE DE
en_US EN
en_US EN bg_BG BG de_DE DE

Privacy Policy

Information about the controller of personal data processing:

Attorney-at-law Evelina Toncheva and Partners processes your personal data on the following legal grounds:

  • a contract concluded between us and you, for the purpose of fulfilling our contractual obligations;
  • your explicit consent – the purpose is specified separately for each individual case;
  • a legal obligation. 

In the following sections, you will find detailed information about the processing of your personal data, depending on the respective legal basis on which such data is processed.

FOR THE PERFORMANCE OF A CONTRACT OR IN THE CONTEXT OF PRE-CONTRACTUAL RELATIONS

We process your personal data in order to perform our contractual and pre-contractual obligations, as well as to exercise our rights arising from the contracts concluded with you.

Purposes of processing:

  • identification of your identity;
  • administration and processing of your inquiry and performance of the concluded contract;
  • preparation of an offer for the conclusion of a contract;
  • preparation and sending of statements/invoices for the services you have used;
  • ensuring comprehensive service and collection of amounts due for the services used;
  • storage of correspondence in connection with placed orders, processing of inquiries, reporting of issues, etc.;
  • notification of all matters related to the services you use with us;
  • identification and/or prevention of unlawful actions or actions contrary to our terms for the respective services.

Data processed on this legal basis:

On the basis of the contract concluded between us and you, we process information about the nature and content of the contractual relationship, as well as all other information related to the contractual legal relationship, including:

  • personal contact data – email address, telephone number, and other contact details;
  • identification data – first and last name, delivery address, email address;
  • other feedback we receive from you;
  • information about your actions on our website.
  • The processing of the above-mentioned personal data is necessary for us to conclude and perform the contract with you. Without the provision of this data, we would not be able to fulfill our contractual obligations.

Transfer of personal data to third parties 

We transfer your personal data to third parties, with our main objective being to provide you with high-quality, fast, and comprehensive service. We do not transfer your personal data to third parties before ensuring that all necessary technical and organizational measures for the protection of such data have been taken, while exercising strict control over compliance with this objective. In these cases, we remain responsible for the confidentiality and security of your data.

We transfer personal data to the following categories of recipients (controllers of personal data processing):

  • postal service providers and courier companies;
  • persons who, on our behalf, perform maintenance of equipment, software, and hardware used for personal data processing and necessary for the operation of the law firm;
  • persons providing consultancy services in various professional fields.

When do we delete the data collected on this legal basis?

We delete the data collected on this legal basis 5 years after termination of the contractual relationship, regardless of whether such termination occurred due to expiration, termination, dissolution, or for any other reason.  

FOR THE PURPOSE OF COMPLIANCE WITH LEGAL OBLIGATIONS

It is possible that we are required by law to process your personal data. In such cases, we are obliged to carry out the processing, for example in relation to:

  • obligations under the Anti-Money Laundering Act;
  • fulfillment of obligations related to distance contracts and off-premises contracts under the Consumer Protection Act;
  • provision of information to the Consumer Protection Commission or to third parties, as provided by the Consumer Protection Act;
  • provision of information to the Commission for Personal Data Protection in connection with obligations under personal data protection legislation;
  • obligations under the Accounting Act and the Tax and Social Security Procedure Code, as well as other applicable legislation related to proper accounting;
  • provision of information to courts and third parties in the context of judicial proceedings in accordance with the requirements of the applicable legislation.

When do we delete personal data collected on this legal basis?

Data collected on the basis of a legal obligation is deleted after the obligation for collection and storage has been fulfilled or ceases to exist. For example:

  • pursuant to the Accounting Act for the storage and processing of accounting documents (11 years);
  • obligations to provide information to courts, competent state authorities, and other cases provided by law (5 years).
  • Transfer of data to third parties
  • Where we are legally obliged to do so, we may transfer your personal data to the competent state authority, as well as to natural or legal persons.

ON THE BASIS OF YOUR CONSENT

We process your personal data on this legal basis solely upon your explicit, unambiguous, and voluntary consent. If you refuse the processing of your personal data, no adverse consequences will arise for you.

Consent constitutes an independent legal basis for the processing of your personal data. The purpose of processing is explicitly defined in the consent and does not coincide with the purposes stated in this Privacy Policy. If you grant us such consent, we will, until its withdrawal or until termination of all contractual relationships with you, prepare individually tailored offers for products and/or services, while carrying out detailed analyses of your basic personal data.

The detailed analysis is an analytical method that enables the processing of large volumes of data by means of statistical models, algorithms, and other methods. This may include the use of personal data as well as processes of pseudonymization and anonymization, with the aim of obtaining information about trends and various statistical indicators.

Data processed on this legal basis:

On this legal basis, we process only the data for which you have given us your explicit consent. The specific data is determined individually for each case. As a rule, such data includes:

  • email address;
  • name(s); 
  • address;
  • telephone number;
  • IP address;
  • other data.

Transfer of data to third parties

On this legal basis, we may transfer your data to marketing agencies, Facebook, Google, or other comparable service providers.

Withdrawal of consent

Granted consent may be withdrawn at any time. Withdrawal of consent does not affect the performance of contractual obligations. If you withdraw your consent for the processing of personal data for one or more of the purposes described above, we will no longer use your personal data and information for those purposes. Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent prior to its withdrawal.

To withdraw consent, it is sufficient to use our website or simply our contact details.

When do we delete the data collected on this legal basis?

We delete the data collected on this legal basis upon your request or no later than 6 months after their initial collection.

PROCESSING OF ANONYMIZED DATA

We process your data for statistical purposes, i.e. for analyses in which the results are presented exclusively in aggregated form and the data is therefore anonymized. Identification of a specific person based on this information is not possible.

Your data may also be anonymized. Anonymization represents an alternative to data deletion. During anonymization, all personally identifiable elements (elements that allow identification of your person) are irreversibly removed. There are no statutory deletion obligations for anonymized data, as such data no longer constitutes personal data.

Why and how we use automated algorithms

For the processing of your personal data, we partially use automated algorithms and methods with the aim of continuously improving our products and services and adapting them as effectively as possible to your needs. This process is referred to as profiling.

How we protect your personal data

In order to ensure an appropriate level of protection of the data of the law firm and its clients, we apply all necessary organizational and technical measures provided for in the Personal Data Protection Act.

The law firm has established internal rules for the prevention of misuse and security breaches.

To maximize security during the processing, transmission, and storage of your data, additional protection mechanisms such as encryption, pseudonymization, etc. may be applied.

Personal data obtained from third parties

It is possible that we receive personal data about you from other users of our services.

Rights of users

Every user of the website enjoys all rights to personal data protection in accordance with Bulgarian law and the law of the European Union. 

The user may exercise their rights via the contact form or by sending a message to our email address. 

Every user has the right to:

  • information (in relation to the processing of their personal data by the controller);
  • access to their own personal data;
  • rectification (if the data is inaccurate);
  • erasure of personal data (right to “be forgotten”);
  • restriction of processing by the controller or processor;
  • data portability between different controllers;
  • objection to the processing of their personal data;
  • the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them;
  • the right to judicial or administrative protection if the rights of the data subject have been violated.
  • The user may request the erasure of their personal data if at least one of the following conditions is met:
  • the personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
  • the user withdraws the consent on which the processing is based and there is no other legal ground for the processing;
  • the user objects to the processing and there are no overriding legitimate grounds for the processing;
  • the personal data has been unlawfully processed;
  • the personal data must be erased to comply with a legal obligation under Union law or the law of a Member State to which the controller is subject;
  • the personal data was collected in relation to the offer of information society services to children and consent was given by the holder of parental responsibility.

The user has the right to request restriction of the processing of their personal data by the controller where:

  • the accuracy of the personal data is contested, for a period enabling the controller to verify the accuracy of the personal data;
  • the processing is unlawful and the user opposes the erasure of the personal data and requests restriction of its use instead;
  • the controller no longer needs the personal data for the purposes of processing, but the user requires it for the establishment, exercise, or defense of legal claims;
  • the user has objected to processing, pending verification whether the legitimate grounds of the controller override those of the user.
  • Right to data portability
  • The data subject has the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format, and has the right to transmit those data to another controller without hindrance from the controller to which the personal data has been provided, where the processing is based on consent or on a contract and the processing is carried out by automated means. 
  • In exercising their right to data portability, the data subject also has the right to have the personal data transmitted directly from one controller to another, where technically feasible.

Right to object

Users have the right to object to the processing of their personal data by the controller. The controller is obliged to cease processing unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or the processing is for the establishment, exercise, or defense of legal claims. In the event of an objection to the processing of personal data for direct marketing purposes, the processing must be stopped immediately.

Complaint to the supervisory authority

Every user has the right to lodge a complaint regarding unlawful processing of their personal data with the Commission for Personal Data Protection or with the competent court.

Record-keeping

We maintain a register of processing activities for which we are responsible. This register contains all of the following information:

  • name and contact details of the controller;
  • purposes of processing;
  • description of the categories of data subjects and the categories of personal data;
  • categories of recipients to whom the personal data has been or will be disclosed, including recipients in third countries or international organizations;
  • включително получателите в трети държави или международни организации;
  • where possible, the envisaged time limits for erasure of the different categories of data;
  • where possible, a general description of the technical and organizational security measures.

This Privacy Policy was adopted and approved on 01.05.2024.

The information contained on this website is provided for general informational purposes only. As every legal matter has its own specific characteristics and requires an individual approach, we do not guarantee that the information presented here will be sufficient for resolving your legal issue independently. On the contrary, we strongly recommend seeking timely, qualified legal assistance in order to receive appropriate legal advice and effective protection of your rights and interests.
Navigation
About Us Legal Services Contacts Templates
Legal
Privacy Policy Terms of Use Cookies
Contacts
Follow Us:
© Всички права запазени. Адвокатска Кантора "Евелина Тончева & Партньори"
Дизайн и изработка - Evol.bg