Legal information
Privacy Policy
1. Data controller
The data controller for personal data collected through botorngroup.com is:
- Company
- BOTORN KLIMA OOD · БОТОРН КЛИМА ООД
- Company ID (EIK)
- 207289940
- VAT
- BG207289940
- Registered address
- 1 13th March Blvd, floor 1, apt. 1, Sredets District, 1142 Sofia, Bulgaria
- [email protected]
- Phone
- +359 895 227 106
For questions about personal data processing, contact us at [email protected].
2. Scope
This policy explains how BOTORN KLIMA OOD processes personal data when you visit the website and submit an inquiry through the contact form. It is applied in accordance with Regulation (EU) 2016/679 (GDPR) and the Bulgarian Personal Data Protection Act.
3. What data we collect
We may process the following categories of personal data:
- Contact form data: name, email address, phone number (optional), company name (optional), city or region of the facility (optional), inquiry type (optional), and message content.
- Technical data: IP address, browser type, operating system, language settings, date and time of access, referring URL, and similar information automatically transmitted by your browser or our server when you visit the site.
- Cookies and similar technologies: strictly necessary technical cookies required for the website and contact form to function correctly. The site does not use third-party marketing or analytics cookies.
4. Purposes and legal bases
We process personal data for the following purposes:
- Responding to inquiries and preliminary project communication — based on your consent given when submitting the form and/or our legitimate interest in responding to a business inquiry (Art. 6(1)(a) and (f) GDPR).
- Ensuring website security and stability — based on our legitimate interest in protecting the website, infrastructure, and data from misuse (Art. 6(1)(f) GDPR).
- Compliance with legal obligations — where required by applicable law (Art. 6(1)(c) GDPR).
5. Source of data
Contact form data is provided directly by you. Technical data is generated automatically when you visit the site or submit the form.
6. Recipients and processors
Access to personal data is limited to authorised employees and representatives of BOTORN KLIMA OOD who need it to respond to your inquiry.
We may use email and hosting service providers (processors) to send and receive contact form messages. They process data only on our instructions and under appropriate data protection safeguards.
We do not sell or rent personal data to third parties.
7. Transfers outside the EU/EEA
We aim to process personal data within the European Union or European Economic Area. If we use a provider outside the EU/EEA, we will ensure appropriate safeguards under GDPR, including standard contractual clauses where applicable.
8. Retention periods
- Contact form inquiries: we retain data until the communication regarding the specific inquiry is concluded and for up to 24 months after the last contact, unless a contractual relationship or legal obligation requires longer retention.
- Technical logs: we retain them for up to 12 months, unless a longer period is required to investigate a security incident.
After the relevant period expires, data is deleted or anonymised unless the law requires otherwise.
9. Your rights
Subject to GDPR conditions, you have the right to:
- access your personal data;
- request rectification of inaccurate or incomplete data;
- request erasure (“right to be forgotten”);
- request restriction of processing;
- object to processing based on legitimate interests;
- withdraw consent at any time without affecting the lawfulness of processing before withdrawal;
- receive your data in a structured, machine-readable format where applicable;
- lodge a complaint with a supervisory authority.
To exercise your rights, email [email protected]. We will respond within the time limits set by GDPR.
10. Supervisory authority
You may lodge a complaint with the Commission for Personal Data Protection (CPDP): www.cpdp.bg, 2 Prof. Tsvetan Lazarov Blvd, 1592 Sofia, Bulgaria.
11. Security
We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction, or alteration. No system can guarantee absolute security, but we limit access to data and use encrypted connections (HTTPS) when communicating with the website.
12. Children
The website is aimed at business clients and professional contacts. We do not knowingly collect personal data from individuals under 16. If you believe we have received such data, please notify us so we can delete it.
13. Changes to this policy
We may update this policy when our services, legal requirements, or data processing practices change. The current version is always published on this page with the date of the latest update.