Privacy Policy

Who we are

PFG Bulgaria LTD
📍 Sofia 1303, 53 Antim I str, floor 3, Bulgaria
📧 [email protected]
Company Type: Limited Liability Company (Ltd.)

As a company based in the European Union, we comply with the EU General Data Protection Regulation (GDPR).

Comments

When visitors leave comments on the site, we collect the data shown in the comments form, along with the visitor’s IP address and browser user agent string to help with spam detection.

An anonymized string created from your email address (called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://pfgbulgaria.com/privacy-p/.
After your comment is approved, your profile picture is visible to the public in the context of your comment.

Media

Suggested text: If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site, you may opt in to saving your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when leaving another comment. These cookies last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and screen display choices. Login cookies last for two days, and screen option cookies last for one year. If you select “Remember Me,” your login will persist for two weeks. When you log out, the login cookies are removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie contains no personal data and simply indicates the post ID of the article you just edited. It expires after one day.

Analytics Cookies

We use Google Analytics to understand how visitors use our website. Cookies collect anonymized data such as IP addresses (processed in a shortened form), browser type, and visited pages.
You can disable cookies in your browser settings or learn more about how Google uses data here: https://policies.google.com/technologies/partner-sites.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.).
Embedded content from other websites behaves exactly as if you visited the other website.

These websites may collect data about you, use cookies, embed third-party tracking, and monitor your interaction with that content — including tracking your interaction if you have an account and are logged in to that website.

Information we collect through forms and analytics

In addition to comments and cookies, we may collect:

  • Contact details: name, email, and phone number (when you fill out our contact form).
  • Technical data: IP address, browser information, and usage data.
  • Communication data: messages or inquiries sent through forms.

We use this information to respond to inquiries, analyze visitor behavior, improve our services, and send updates (only if you’ve given consent, e.g., for a newsletter).

Legal basis for processing

We process your personal data in accordance with GDPR principles of lawfulness, fairness, and transparency.
Depending on the situation, processing may be based on one or more of the following:

  • Consent (Art. 6(1)(a)) – for comments, contact form submissions, and cookie tracking.
  • Contractual necessity (Art. 6(1)(b)) – when communication is required to provide a requested service.
  • Legitimate interest (Art. 6(1)(f)) – for ensuring website functionality, improving user experience, and protecting our systems from spam or misuse.
  • Legal obligation (Art. 6(1)(c)) – when we must comply with statutory requirements.

Who we share your data with

We do not sell or rent personal data.
However, we may share data with trusted service providers who help us operate the site, including:

  • Google Analytics (for anonymous traffic analysis).
  • Akismet or similar anti-spam services (for comment spam detection).

If you request a password reset, your IP address will be included in the reset email.

If we add payment processors or email marketing tools in the future, they will also comply with GDPR and process data only to complete their assigned functions.

How long we retain your data

Suggested text: If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

International data transfers

We do not intentionally transfer personal data outside the European Economic Area (EEA).
If we use service providers outside the EEA (for example, for hosting or analytics), we ensure compliance through standard contractual clauses or other safeguards approved by the European Commission.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This helps us recognize and approve future comments automatically instead of holding them in a moderation queue.

If you contact us through a form and do not become a client, your data is typically deleted after 12 months.

Website administrators can view and edit any information submitted through the site.

What rights you have over your data

Under GDPR, you have the right to:

  • Access and receive a copy of your personal data.
  • Request correction or deletion of your data.
  • Withdraw consent at any time.
  • Object to or restrict certain processing activities.
  • Lodge a complaint with a supervisory authority.

Supervisory Authority:
Commission for Personal Data Protection (CPDP)
📍 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia, Bulgaria
🌐 https://www.cpdp.bg/
📞 +359 2 915 3580
✉️ [email protected]

To exercise your rights, contact us at [email protected].

Where your data is sent

Visitor comments may be checked through an automated spam detection service (such as Akismet).
Analytics data is sent to Google Analytics, which processes it under the terms of its own privacy policy.

Data security

We take appropriate technical and organizational measures to protect your data against unauthorized access, loss, misuse, or alteration.
However, no online system is 100% secure, and we cannot guarantee absolute security.

Children’s privacy

Our website and services are not directed at individuals under 13, and we do not knowingly collect personal information from them.

Updates to this policy

We may update this Privacy Policy periodically to reflect legal or operational changes.
The updated version will always be posted on this page with a revised “Last updated” date.

This post is also available in: Български (Bulgarian)