My cart

Your shopping cart is empty

Personal Data Information

2025-01-16T13:18:23+02:00

GOUD Bulgaria Ltd.

(Notification regarding the processing of personal data)

Personal Data Controller:

  1. Name: GOUD Bulgaria Ltd.
  2. UIC (Unified Identification Code): 208068489
  3. Headquarters and management address: s. Trudovets, Tsar Simeon 1 Street, No. 5
  4. Phone: 0883316655
  5. Email: the.goud.official@gmail.com
  6. Website: www.goud.bg

GOUD Bulgaria Ltd. ("the Company" or "the Controller") operates in compliance with the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data ("General Data Protection Regulation" or "GDPR"). This Privacy Policy ("Privacy Policy" or "the Policy") aims to inform every Customer (as defined below) of the Company about the processing of data that identifies or can identify the specific Customer.

For the purposes of this Policy, a Customer is any natural person who is a party to a contract with the Company for the purchase and sale of goods, as well as any natural person expressing intent to enter into pre-contractual relations with the Controller and/or a user of the Online Store at goud.bg, accessible on the internet at www.goud.bg. This also includes directors, managers, representatives, proxies, employees, partners, shareholders, or ultimate beneficial owners of legal entities or other legal formations using the Online Store.

1. What personal data do we process?

The Company processes the following categories of personal data of Customers as a data controller:

  • Physical identity: names, Personal ID Number (EGN), address, phone number, email address.
  • Economic identity: bank account information.

Personal data is collected directly from the individuals to whom it relates.

2. How do we collect personal data?

We collect personal data:

  • During registration on the Online Store's website and when using the Online Store without registration.
  • Through correspondence with the Customer, which may include written, electronic, or verbal communication.
  • Using "cookies" when browsing or using our website.

In some cases, we may collect information from third parties or public sources.

Our website collects data in log files, which may include information about your IP address, internet service provider, browser, operating system, time of website visit, and pages visited.

Our website uses cookies. Cookies are small information files that a website sends to the visitor’s browser. The browser stores this information as a text file on the user’s end device. Cookies help us make the website function better for you. For more information about the use of cookies, please refer to our Cookie Policy available on the Online Store’s website: www.goud.bg.

3. Do we process special categories of personal data?

The Company does not process special categories of personal data of Customers.

4. Why do we process personal data?

The Company processes personal data of Customers for the following purposes:

  • Providing information and assistance requested by you.
  • Identifying and contacting Customers and beneficial owners.
  • Managing and facilitating the establishment, modification, and termination of relationships between the Company and the Customer.
  • Offering and promoting additional services.
  • Ensuring compliance with regulatory requirements.
  • Defending in case of disputes and cooperating with regulatory authorities to the extent required by law.

If we do not process this personal data, we may not be able to provide you with our services or the requested assistance.

5. On what legal basis do we process personal data?

The personal data of Customers is collected, processed, and used based on several legal grounds:

  • For the performance of a contract or to enter into pre-contractual relations.
  • To comply with legal obligations applicable to the Company.
  • For the purposes of the legitimate interests of the Company or a third party, provided that the rights and interests of the data subjects do not override these interests (e.g., resolving disputes, preventing fraud, or defending legal claims).
  • Based on voluntarily given consent, where required by applicable legislation.

6. How long do we retain personal data?

The Company retains personal data during the contractual relationship and until the settlement of obligations under the contract. Personal data may also be retained for a transitional period (e.g., to meet obligations related to archiving and accounting).

If judicial or other actions are initiated, personal data may be retained until the end of such actions, including all potential appeal periods, after which it will be deleted or archived, as permitted by law.

Specifically, various accounting and tax documents containing personal data are retained for 10 years, starting from January 1 of the reporting period following the period to which they relate.

If your personal data is obtained and processed based on your consent, we will process it only as long as we have your consent to do so.

7. With whom do we share personal data? Do we provide it to third parties?

The Company may, at its discretion, transfer part or all personal data to data processors for the purposes of processing, in compliance with the GDPR requirements.

The Company shares personal data with:

  • Third-party service providers engaged to perform functions or activities on our behalf.
  • Regulatory authorities, tax, financial, judicial, administrative, and law enforcement bodies, in accordance with applicable law.

This list is not exhaustive, and there may be other legitimate reasons for storing, disclosing, or processing your personal data.

The Company will notify data subjects in case of an intention to transfer part or all of their personal data to third countries or international organizations.

8. Is personal data secure?

The Company ensures and maintains appropriate technical and organizational measures to protect personal data against unauthorized access, misuse, accidental loss, alteration, disclosure, access, and/or damage or copying. These measures aim to provide continuous protection and confidentiality of personal data and are regularly reassessed.

9. Do we conduct automated decision-making?

The Company does not perform automated decision-making using personal data.

10. What are the rights of Customers regarding personal data protection?

Customers can exercise the following rights by submitting a written request to the Company:

  • Withdrawal of consent
  • Right of access
  • Right to rectification
  • Right to erasure (Right to be forgotten)
  • Right to restriction of processing
  • Right to object
  • Right to data portability
  • Right to lodge a complaint

Details of each right are outlined in the original policy.

11. What happens in case of changes?

In the event of significant changes to the way the Company processes Customers' personal data or other aspects of this notification, Customers will be informed promptly through an updated version of the notification.

We use cookies to ensure that our website works well for you, respecting all rules and good practices for the privacy of your personal data. Agreement page