Privacy Policy

​​1. Information About the Data Controller

TRENOTECH EOOD
Registered in the Commercial Register of the Republic of Bulgaria

• UIC: 206617359

• Email: office@trenotech.bg

• Phone: +359 896 010 109

TRENOTECH EOOD (hereinafter referred to as the “Controller” or “we”) processes personal data in compliance with Regulation (EU) 2016/679 (GDPR), the Personal Data Protection Act of the Republic of Bulgaria, and all applicable legislation.

​

​

2. Legal Grounds and Purposes of Processing Personal Data

We process personal data on the following legal grounds:

• performance of a contract or pre-contractual obligations;

• explicit consent given by the data subject;

• compliance with a legal obligation;

• legitimate interests of the Controller, where applicable.

Detailed information regarding the purposes and scope of processing is provided below.

​

3. Processing for Contract Performance​

Purpose of Processing

We process personal data for the purpose of:

• providing access to and functionality of the Website;

• responding to inquiries, requests for offers, and service-related communications;

• establishing and maintaining business relationships.

​

Categories of Data

On this legal basis, we may process:

• names;

• contact details (email, phone);

• company and site-related information;

• correspondence and inquiry details.

​​

Data Retention

Personal data processed on this basis is retained for up to 2 years after the termination of the contractual or pre-contractual relationship, unless a longer retention period is required by law.

​

4. Processing Based on Consent

We process personal data based on explicit, informed, and voluntary consent provided by the data subject.

Refusal to provide consent does not result in any adverse consequences.

 

Purpose of Processing

Where consent is given, we may process personal data for:

• direct marketing and communication;

• providing information about services, offers, or updates;

• analysing website usage and communication preferences.

​

Categories of Data

This may include:

• email address;

• phone number;

• website usage data;

• interaction data with marketing content;

• social media profile data, where applicable.

​

Data Sharing

For these purposes, data may be shared with:

• marketing service providers;

• analytics platforms;

• advertising platforms such as Google, Meta (Facebook), or similar providers

 

5. Withdrawal of Consent

Consent may be withdrawn at any time, without affecting the lawfulness of processing carried out prior to withdrawal.

Withdrawal of consent does not affect contractual obligations already in force.

You may withdraw consent by:

• using the relevant options on the Website; or

• contacting us directly via the provided contact details.

​

Data Retention After Withdrawal

Personal data processed on the basis of consent is deleted:

• upon explicit request by the data subject; or

• no later than 12 months after its initial collection.

​

 

6. Data Security

We apply appropriate technical and organisational measures to protect personal data against unauthorized access, loss, alteration, or disclosure.

These measures include, where applicable:

• access controls;

• data minimisation;

• encryption and pseudonymisation;

• internal policies and staff training.

 

7. Rights of Data Subjects

Each user of the Website has all rights provided under Bulgarian and European Union data protection law.

You may exercise your rights by contacting us at office@trenotech.bg.

​

Your Rights Include:

• right to be informed;

• right of access to personal data;

• right to rectification of inaccurate data;

• right to erasure (“right to be forgotten”);

• right to restriction of processing;

• right to data portability;

• right to object to processing;

• right not to be subject to automated decision-making, including profiling;

• right to judicial or administrative remedy.

.

 

8. Right to Erasure

 

You may request deletion of your personal data where:

• the data is no longer necessary for its original purpose;

• consent has been withdrawn and no other legal basis exists;

• you have objected to processing and there are no overriding legitimate grounds;

• the data has been unlawfully processed;

• deletion is required by law;

• the data was collected in relation to services offered to a child with parental consent.

​

​

9. Right to Restriction of Processing

​

You may request restriction of processing where:

• the accuracy of the data is contested;

• processing is unlawful but deletion is not desired;

• the Controller no longer needs the data, but you require it for legal claims;

• an objection to processing is pending verification.

​

​

10. Right to Data Portability

Where processing is based on consent or contractual obligation and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to transfer it to another controller, where technically feasible.

 

​

​11. Right to Object

You may object at any time to the processing of your personal data.

If the objection concerns direct marketing, processing will cease immediately.

For other objections, the Controller will cease processing unless compelling legitimate grounds are demonstrated.

​

​

12. Complaints

Each data subject has the right to lodge a complaint with:

• the Commission for Personal Data Protection of the Republic of Bulgaria; or

• a competent court.

​

13. Updates to This Privacy Policy

The Controller reserves the right to amend this Privacy Policy at any time. Any changes will be published on this page and will take effect immediately upon publication.