Security Policy


This security policy is related to Terms of use, published on the site, but is not an integral part of them, as it does not regulate rights and obligations, but only aims to explain what personal data we process, in what way, for what purpose and what are the applicable security measures. It also provides information on the rights that our customers and users have in relation to the processing of personal data by "Aleteia" EOOD, with EIK 203247004, VAT registration No. BG203247004, address: Sofia, ul. Hubcha No. 8, floor 1, office A1, email address: This policy describes how and why we process the personal data you provide on our site, how we protect and store it, and what your rights are in relation to it. We respect the privacy of your personal data and undertake not to use the data you provide without your consent. The processing of your personal data will always be carried out in accordance with the requirements of the applicable legislation in the field of personal data protection.

This Security Policy applies to:

Domain site and forum with all its subpages:, hereinafter referred to as the short text: site.

Personal information (personal data)

refers to any information that identifies or may be used to identify, contact or locate the person to whom that information relates.

Personal data that have been pseudonymized but that can be linked to an individual through the use of additional information are considered to be identifiable information and are therefore protected.

Personal information does not include information that is collected anonymously (ie without identifying the individual user) or demographic information that is not related to an identified person.

Anonymous information that does not allow the identification of the individual is not subject to protection.

What personal information is collected?

We do not collect personal data from you unless you, your legal representative or a person authorized by you provide it to us voluntarily. We respect the privacy of your personal data and undertake not to use the data provided by you without your consent.  

We may collect basic user profile information from all of our visitors. We collect the following additional information solely from our customers: names, TIN for individuals, TIN for businesses, telephone number and email address, contact address and the nature of services that the customer intends to purchase or purchase.

We strive to ensure the safety and privacy of children online, which is why we do not knowingly collect or process personal data of children under the age of 18 unless we have obtained parental consent.

What organizations collect the information?

In addition to our direct collection of information, our third-party service providers (such as banks, payment service companies) who may provide such services as payment, credit and other services may collect this information from our users. and customers. We do not control how these third parties use such information, but we ask them to disclose how they use personal information provided to them by users and customers. Some of these third parties may be intermediaries who act only as links in the chain and do not store, retain or use in any way the information provided to them.

How does the site use personal information?

We use personal information to customize the site, make relevant service offers, and fulfill requests to buy and sell services on the site. We may send emails to users and customers regarding surveys or opportunities to buy and sell services on the Site or information related to the subject matter of the Site. We may also use personal information to contact users and customers in response to a service registration request, specific inquiries, or to provide requested information.

What personal data is collected and why:


When users leave comments on the site, the data displayed in the comment form is collected, as well as the user's IP address and user browser agent string to help detect spam.

The anonymous string created from your email address (also called a hash) can be provided to the Gravatar service to see if you are using it. The Gravatar service security policy can be found here: Once your comment is approved, your profile picture is visible to the public in the context of your comment/message on the site.


If you upload images to the site, you should avoid uploading images with embedded location data (EXIF GPS). Site users can download and extract location data from images on the site.

Contact form

If you wish, you can fill in your technical contact email details in your profile. The completed data is not used for marketing purposes, but only for the improvement of the technical service, for the purposes of contact regarding service information and for the registration of a service on the site. You are granted the right to opt-out of receiving the notification emails to customers and users, as well as other rights that are listed below in this Security Policy .


As an integral part of the present Security Policy of the personal data of natural persons   "Aleteia" EOOD has also accepted Cookie policy, published and available on the Site. We may collect and process information through cookies. These cookies help make the site function properly, make the site more secure, provide a better user experience, understand how the site works and analyze where it needs improvement. For details about the information collected in this way, please see our: Cookie policy.

Embedded content from other sites and all of its subpages contain embedded content from other websites. Please note that when you click on such embedded content, you are taken to another site. 

Embedded content such as videos, images, articles, links, links to other sites and so on. Embedded content from other sites behaves in the same way as if the user had visited the other site.

These sites may collect information about you, use cookies, integrate additional third-party tracking, and monitor your interaction with embedded content, including tracking your interaction with embedded content if you have an account and are signed in. 

I advise you to read the security policy, cookie policy and terms of use of these linked sites, as they may differ from


In order to guarantee your rights, no personal data is collected or processed for any type of analysis, as well as those that:

- reveal racial or ethnic origin;
- disclose political, religious or philosophical beliefs, or trade union membership;
- genetic and biometric data, health data or data on sexual life or sexual orientation;

How long your data will be stored

If you leave a comment, the comment and its metadata are saved indefinitely. This is to allow comments to be automatically recognized and approved for follow-up instead of being held in the moderation queue.

For users who sign up for the site, the personal information they provide on their profile is also stored.

In all other cases, including but not limited to a distance sales service contract, personal information is stored for no less than 5 years.

What rights you have to your data

If you have an account on the site or have left comments, you can request to receive all the data you have provided. You can also request that any personal data you have provided be deleted. This, according to current legislation, does not include data that there is an obligation to keep for administrative, legal or security purposes. For obtaining additional information or for deletion, you can use the contact form provided ( or any other form of contact with "Aleteia" EOOD that is convenient for you.

Here is a complete list of all rights that you can exercise at any time by contacting Aleteia EOOD at or in any other way that is convenient for you:


- Right to information - this Security Policy aims to inform in detail about the processing of personal data of users and customers. When there is a risk of breach of personal data security, the administrator is obliged to notify users and customers of the nature of the breach, what measures have been taken to remedy it, and whether the supervisory authority has been notified of the breach. The data subject may request information regarding all recipients to whom have been revealed the personal data for which correction, deletion or restriction of processing is requested.

– The right of access – users and customers they have the right to receive confirmation as to whether their personal data is being processed, access to it and information on how it is processed and their rights in relation to it, and if this is the case, they can obtain access to their data. Also to the following information: for what purpose data is processed, what personal data, the recipients of data, the term of processing. Access requests must be made in writing/electronically and addressed to "Aleteia" EOOD. In this case, "Aleteia" EOOD provides a copy of the processed personal data in an electronic or other appropriate form.
– Right to rectification – users and customers have the right to correct and supplement their personal data in case it is incomplete or inaccurate. Unregistered users can obtain this information by making a request to the administrator. As a subject of personal data users and customers have the right to request correction or completion of their personal data that is inaccurate/out-of-date or incomplete. For this purpose, they must submit a separate request. This request will be answered by the administrator in writing to the provided by users and customers email address.
– The right to restrict processing – The General Data Protection Regulation provides for the possibility to restrict the processing of your personal data if there are grounds for this provided for in it. The limitation is allowed in the following cases:
  • when users and customers consider that their personal data is not accurate, in which case the restriction is for a period necessary for the administrator to verify the accuracy;
  • when the processing of the personal data of users and customers is illegal, but they do not want them deleted, they only want their use restricted;
  • when the administrator no longer needs the personal data of users and customers for the purposes of processing, but users and customers, as the subject of the data, require them for the establishment, exercise or defense of legal claims;
  • when users and customers are objected to processing pending verification that the controller's legitimate grounds override your interests.

- Right to notify third parties - c if applicable, users and customers have the right to ask the controller of their personal data to notify the third parties, when he has provided your data, regarding the correction, deletion or restriction of the processing of their personal data.

– The right to object to processing – users and customers have the right to object to data processed on the basis of legitimate interest. In case of receiving such an objection, "Aleteia" EOOD will consider the received request and, if it is justified, will fulfill it. If we consider that there are compelling legal grounds for the processing or that it is necessary for the establishment, exercise or defense of legal claims, we will inform about this.

– Right to data portability – users and customers have the right to receive the personal data concerning them and which they have provided in a structured, widely used and machine-readable format and have the right to transfer this data to another administrator without hindrance from Aletheia EOOD, in the event that the processing is based on consent or contractual obligation, or the processing is carried out in an automated manner.


Important: The responsibility for the storage of data exported from the Site and its subpages, as well as for all the consequences of providing them to other administrators, is entirely yours.

– Right to object – users and customers have the right to object to data processed on the basis of legitimate interest. In case of receiving such an objection, "Aleteia" EOOD will consider the received request and, if it is justified, will fulfill it. If we consider that there are compelling legal grounds for the processing or that it is necessary for the establishment, exercise or defense of legal claims, we will inform about this.

– Right to complain to a supervisory authority: users and customers have the right to file a complaint against Aleteia EOOD (data administrator) to the supervisory authority if they consider that the processing of personal data concerning them violates the applicable legislation on personal data protection. The supervisory authority in the Republic of Bulgaria is the Commission for the Protection of Personal Data with address: Sofia 1592, "Prof. Tsvetan Lazarov" No. 2, e-mail, Web page:, phone: 02 915 3 518. 
– Right to withdraw consent – users and customers have the right, at any time, to withdraw their consent, which they have given in relation to the processing of personal data based on their prior consent. Such withdrawal does not affect the lawfulness of the processing based on the consent given until the time of its withdrawal. In the case of services such as the subscription to advertisements and e-mail offers, for which the subscription is made on the basis of personal desire (consent), the possibility of unsubscribing at any time (withdrawal of consent) is provided. In case of withdrawal of consent, "Aleteia" EOOD has the right to request that the identity of the applicant be verified in order to establish the identity with the person to whom the data refer.
- Right to deletion ("to be forgotten") - A request for deletion can be submitted on the grounds provided for in the Regulation, incl. in the presence of any of the following grounds:

  • the personal data are no longer necessary for the purposes for which they were collected;
  • when users and customers are have withdrawn their consent;
  • when users and customers have objected to the processing of personal data and there are no overriding legal grounds for the processing;
  • when the processing is unlawful;
  • where the personal data must be deleted in order to comply with a legal obligation under Union law or the law of a Member State that applies to the controller;
  • when personal data were collected in connection with the provision of information society services.

Please note that we may refuse to delete part or all of the personal data in cases where there is a substantial basis and/or legal obligation for their processing. You will be informed about this in due course. The administrator may refuse to delete the personal data on the grounds specified in the Regulation - when the processing of the specific data is for the purpose of:

  • to exercise the right to freedom of expression and the right to information;
  • to comply with a legal obligation that requires processing provided for in EU or Member State law applicable to the Administrator or for the performance of a task in the public interest or in the exercise of official powers conferred on him;
  • for reasons of public interest in the field of public health;
  • for the purposes of archiving in the public interest, for scientific or historical research or for statistical purposes;
  • for the establishment, exercise or defense of legal claims

How can users and customers correct inaccuracies in personal information?

Users and customers can contact Aleteia Ltd. to update personal information about them or to correct inaccuracies by sending us an email at:, the contact form on the site or by any other means available to them convenient.

How is login information used?

Login information, including but not limited to IP addresses, ISPs, and browser types, is used to analyze trends, administer the site, track user traffic and usage, and gather broad demographic information.

Who your data is shared with

Personal data can only be provided in compliance with Bulgarian legislation to those legally entitled to it.

User and customer comments can be checked by an automated spam detection service.


Accuracy of information 

"Aleteia" EOOD is not responsible for the accuracy of the data provided by users and customers, does not carry out checks in this sense and does not guarantee the actual identity of the individuals who provided the data. In all cases of doubt on your part, of established fraud and/or abuse, "Aleteia" EOOD requests to be notified immediately. You undertake, when providing any information on the Site and all its sub-pages, not to violate the rights of other persons in connection with the protection of their personal data or their other rights.


What partners or service providers have access to personal information from users and/or customers of the site?

By virtue of written contractual relations, there are and/or will be entered into partnerships with a number of suppliers. Such providers may have access to certain personal information as necessary and subject to legal requirements to do so. Our security policy does not cover the right to collect or use this information by partners and service providers. Disclosure of personal information is permissible only in cases to comply with the law. We will disclose personal information to comply with a court order or subpoena or a request by a law enforcement agency to release information. We will also disclose personal information when reasonably necessary to protect the safety of our users and customers.

How is personal information stored?

Personally Identifiable Information is stored securely, in compliance with applicable law, and is not accessible to third parties or employees, except for use as indicated above.

What options are available to users and customers regarding the collection, use and dissemination of information?

Users and customers can state their preferences as well as opt out of receiving unsolicited information from us or contacting us and/or our suppliers and related agencies by replying to emails as instructed or by contacting us at: office, the contact form on the site or in another convenient way for them.

How your personal information is protected

Every effort is made to comply with the current legislation in the field of personal data protection, ensuring a reliable and secure site. 

All our employees are made aware of our security policy and practices. We regularly review our security systems and processes. Sensitive information such as bank details and others are protected by encryption protocols to protect information sent over the Internet.

Contact with "Aleteia" EOOD, data protection officer

For questions and requests related to the exercise of your rights to protect your personal data, you can contact "Aleteia" EOOD, through the contact form available on the Site or through any of the specified contact forms:


phone: 0886 677 325

"Aleteia" EOOD, EIK: 203247004, VAT number: BG203247004, address: Sofia, Hubcha St. No. 8, entrance 1, fl. 1, apartment A1 

Although we take commercially reasonable measures to maintain a secure site, electronic communications and databases, they may be subject to errors, tampering and breaches and we cannot guarantee that such events will not occur and we have no liability to users or customers for any such events that are committed by third parties, despite our efforts to prevent such events.

What happens if the security policy changes?

This Policy was last updated on 31.07.2022/XNUMX/XNUMX. We may change it to be up-to-date with current legislation. We will post any changes on this page and encourage you to check it regularly to stay informed.

However, if we change our security policy in a way that may result in the disclosure of personal information that a visitor or authorized customer previously requested not be disclosed, we will contact such user or customer to allow such user or customer to prevent such disclosure.

Scroll to Top