Privacy Policy

1. What information do we collect?

This policy applies to personal data we collect - this includes any information, related to а particular natural person or that may be related to them. Data, that cannot be linked to a person, including personal data rendered anonymous, does not constitute personal data and this Policy does not apply to it.

We obtain information at the time when you register on our website and place an order. All strictly required data fields are indicated as such and must be filled in, while the rest are marked as voluntary and are optional for the order. We do not collect personal information beyond those you provide to us at the moment of your registration and subsequently upload to our servers.

When you place an order or you register on our website, you can be asked to provide the following information: name, surname, e-mail address, postal address and telephone number. If the registration is for a legal entity, then we will record your data as a representative of the respective legal entity, and we will also process data for this your capacity. If you send a signal for a problem via our call center, your call shall be recorded as a guarantee for the quality of the provided service.

Within the scope of our provided service, you may also store other personal data on our servers - for example photos, documents – while complying with the general terms and conditions for the service provided by us. With respect to such personal information, please note that we do not exercise control or access to it, and therefore cannot pre-specify such data in this Policy. Such data shall not be used for purposes of our service or for any other purposes, unless we are legally required to provide access to our servers to a third party.

Your personal data can be on our servers also in cases where it has been stored by our customers. In such cases, each customer is responsible for your personal data they may store, and you can contact them for further information and for exercising your rights listed in this Policy. From our part, we will provide the necessary assistance by forwarding all your inquiries, notices and requests to the customer in order to exercise your rights.

2. The purposes we use your information for

Any personal information we collect from you, can be used for one or more of the following purposes:

- To provide you with the service you choose and to keep record of your payments.
- To improve the experience you have with our website (Your information helps us to live up to your personal needs better).
- To keep improving our website (We continually strive to improve our services and features of the website based on the information and feedback we receive from you).
- To keep improving the customer service (your information helps us to respond more effectively to high customer service requirements and support requirements)
- To fulfill our obligations under law for providing information about our activity - when we have to prove that we have fulfilled our obligations to you as a customer and that the published content meets the requirements for the respective type of activity.
- To send periodic e-mails (The e-mail address you provide for processing of the order can be used for sending you information and up-to-date news related to your order or your inquiry, in case where you have given your consent for this).

For processing of your personal data, the following grounds apply that are explicitly provided in Regulation (EU) 2016/679 (GDPR):

2.1. In connection with the provision of cloud services - EVROPING provides services to its customers/users on a contractual basis. In order to fulfill our obligations for providing cloud services, we process personal data of our customers.

In this case, the ground for the data processing is the fulfillment of contractual obligation, here is also included the processing occurred prior the conclusion of the contract in connection with providing particular information and/or services.

For this purpose, we will process the personal data of our customers until termination of the contract (i.e. until refusal of the service), and for a fixed period thereafter - within which additional rights and obligations may arise for the parties. This period usually is 6 years after the discontinue of the platform use, but in some cases this period may be longer given the following circumstances:

Guarantee periods, time limits for compliance with the obligation of confidentiality;

The reason for processing your personal data in this case is the concluded contract for use of cloud services.

2.2. To fulfill a legal obligation - The owner of the cloud platform, in its capacity of a commercial corporation, is obliged by law to keep accounting and maintain documentation records and archive (for example work records, etc.). Your personal data may be used in order to fulfill our obligations according to the Accountancy Act, as well as to comply with all legal provisions that are into force on the territory of the Republic of Bulgaria at the time the processing takes place.
2.3. To protect the legitimate interests of EVROPING – We may need your personal data in order to prove before the respective supervisory and control authorities or third parties that we are fulfilling our legal obligations, as well as in connection with any claims from or against the company. With this regard, we also process data provided by our systems for access control to the provided to us media of information, including video surveillance systems, physical access control, etc.

2.4. Based on your explicit consent - In the rare cases where the processing of your personal data is carried out on the ground of consent, you may withdraw your consent at any time. In this case, we will immediately stop processing the personal data for this particular purpose, which, however, will not affect the processing on other grounds - for example, when we have a contractual or legal obligation for the processing. You can always object to the processing of your personal data for the purpose of providing information by our side, in which case we will immediately suspend the particular provision of information.

3. Do we use „cookies“?

Yes. „Cookies“ are small files that the website or the service provider uploads to your computer's hard drive through your web browser (if you allow it), which allows websites or service providers to recognize your browser and to catch and store certain information.

What cookies are used for the purposes of the website of EVROPING?

The website of EVROPING uses cookies that process anonymized data of your visits. These cookies are:

Required Cookies – they support the work of the website by setting basic functioning features such as navigation on the page. The website cannot work without these cookies;
Statistics cookies - help the website functioning by collecting and summarizing anonymized information about the activity of users of the website.

Name:	Purpose:	Time of Duration:
_hjSessionUser	Set when a user first lands on a page. Ensures data from subsequent visits to the same site are attributed to the same user ID	12 months duration.
_hjid	Set when a user first lands on a page. Ensures data from subsequent visits to the same site are attributed to the same user ID	12 months duration.
_hjFirstSeen	Identifies the first session of a new user. Used by record filters to identify new user sessions.	30 minutes duration, extended on user activity
_hjHasCachedUserAttributes	Let us know if the data set in the local storage element in the cookie is up to date or not.	Session duration
_hjUserAttributesHash	Let us know when a user attribute has changed and needs to be updated.	2 minutes duration, extended every 30 seconds.
_hjUserAttributes	Stores user attributes sent through the Hotjar Identify API	No explicit expiration
_hjViewportId	Stores details about the user's window, such as size and dimensions.	Session duration
_hjSession	Contains data for the current session. Ensures that subsequent requests in the session window are assigned to the same session.	30 minutes duration, extended on user activity
_hjSessionTooLarge	Causes Hotjar to stop collecting data if a session gets too large. It is determined automatically by a signal from the server if the session size exceeds the limit.	Session duration
_hjSessionResumed	Set when a session/record reconnects to the Hotjar servers after being disconnected.	Session duration
_hjCookieTest	Checks if the Hotjar tracking code can use cookies.	Deleted almost immediately after it is created.
_hjLocalStorageTest	Checks if the Hotjar tracking code can use local storage.	Deleted almost immediately after it is created.
_hjSessionStorageTest	Checks if the Hotjar tracking code can use session storage.	Deleted almost immediately after it is created.
_hjIncludedInPageviewSample	Set to determine whether a user is included in the data sample determined by your site's page view limit.	2 minutes duration, extended every 30 seconds.
_hjIncludedInSessionSample	Set to determine whether a user is included in the data sample determined by your site's daily session limit.	2 minutes duration, extended every 30 seconds.
_hjAbsoluteSessionInProgress	Used to detect a user's first page view session.	30 minutes duration, extended on user activity
_hjTLDTest	We try to store the cookie for different URL substring alternatives until it fails Allows us to try to determine the most common cookie path to use instead of the page hostname.	After this check, the cookie is removed.
_hjRecordingEnabled	Задава се, когато започне сесия на записване.	Session duration
_hjRecordingLastActivity	It is updated when a user record is started and when data is sent to the server (the user performs an action that Hotjar records).	Session duration
_hjClosedSurveyInvites	Set when a user interacts with a related survey invitation modal.	12 months duration.
_hjDonePolls	It is set when the user completes a survey on the site itself. Ensures that the same survey will not appear again if it has already been completed.	12 months duration.
_hjMinimizedPolls	Set when the user minimizes a survey. Ensures that the survey remains minimized as the user navigates through your site.	12 months duration.
_hjShownFeedbackMessage	Set when the user minimizes or terminates a feedback application.	24 hours duration.
ajs_anonymous_id	The cookie is usually used for analytics purposes and helps count visitors to our site by tracking whether you have been to this page before.	12 months duration.
ajs_user_id	This cookie helps track visitor usage, events, target marketing, and can also measure application performance and stability.	12 months duration.
tawk_uuid_*	This cookie tracks unique visitors to a website.	6 months duration.
twk_token_*	It is used for HTML local storage.	6 months duration.
tawk_uuid_propertyId	This cookie does not store your personal details. However, it can help websites remember your preferences and create a more personalized user experience.	6 months duration.
TawkConnectionTime	When a visitor opens a page from a website and tawk.to widget is already appearing in multiple browser tabs on that site, the cookie manages requests to load the widget simultaneously.	Session duration
twk_idm_key	It is a session cookie that is added only if no twk_uuid is found.	Session duration
CookieConsent	Stores the user's cookie consent state for the current domain	12 months duration.
_ga	Contains a unique identifier used by Google Analytics to determine that two distinct hits belong to the same user across browsing sessions.	24 months duration.
_ga_*	Contains a unique identifier used by Google Analytics 4 to determine that two distinct hits belong to the same user across browsing sessions.	24 months duration.
_gid	Contains a unique identifier used by Google Analytics to determine that two distinct hits belong to the same user across browsing sessions.	24 months duration.
WHMCScJq3X5S2h1x2	Used to determine if a user is accessing certian funcionalities.	Session duration
mp_ID_mixpanel	Used by Mixpanel to understand how a visitor uses our website so we can improve it.	12 months duration.
e5e49a48f2cc194f4c0489b3a99fc4cc	A geolocation tool that determines from what location the user is visiting the website.	12 months duration.
__stripe_mid	Fraud prevention cookie deployed to help Stripe learn things about computers and web browsers used to access Stripe services. This information helps Stripe monitor for and detect potentially harmful or illegal use of their services.	12 months duration.
_fbp	Used by Facebook to deliver advertising. The cookie contains an encrypted Facebook user ID and browser ID. It will receive information from this website to better target and optimise advertising.	3 months duration.

The kind of information contained in the cookies and what it is used for?

Cookies contain only anonymized information about your visits on the EVROPING website, regarding the following circumstances:

data on the terminal device in order to enable its identification;
data on the geographical location of the terminal device;
the sections you have visited;
how long you have stayed on a single page;
your language preferences;
data regarding the browser of the user;
data regarding the track of the speed of the separate requests to the server.

The provided information allows us to evaluate whether the publications on our website are useful, what are the preferred languages of the visitors to the website and, accordingly, allow us to improve the quality of the website.

Based on the cookies it is produced statistics on the website traffic, and these statistics contain anonymized data dividing into groups the users of the website. This information does not allow your identification as a user and is stored for the purpose of developing the website for a period of 12 months after your visit. In the process of data anonymization, all data about a particular terminal device is deleted, so we cannot separate a particular user’s data from the collected statistics.

EVROPING does not carry out direct marketing or make automated decisions regarding you based on the cookies.

Grounds for using Cookies

Although cookies refer to anonymized data that should not allow your identification, we treat cookies as personal data, and apply to them all standards of the General Data Protection Regulation (GDPR). Therefore, cookies shall be created on your computer, only as far as necessary for functioning of the website of EVROPING.

Because cookies are stored on your device, you can delete them at any time from your privacy settings. Deleting cookies may have a limited effect on the use of the website – such as forgetting your preferences for using the website. In this case, the respective preferences shall be needed to be set again.

You can use your web browser in order to:

to delete all “cookies”;
to block all “cookies”;
to allow all “cookies”;
to block the “cookies” of third-parties;
to remove all “cookies” when you close your browser;
to open an incognito session which allows you to surf the Web without storing data locally; and

to install add-ons and plug-ins to extend functionality of the browser.

Which third parties have access to the cookies?

Access to the cookies for your terminal device is provided to Google, Facebook, Hotjar, CookieBot, Tawk.to.

What rights do you have in connection with the cookies stored on your terminal device?

You have the right to receive additional information about the use of cookies by EVROPING - as we are available to answer any inquiries you may have on the contact addresses.

Since the cookies are located on your terminal device, it is entirely up to you whether you would like to delete them as indicated above. At the moment you revisit the website, new cookies will be created that also can be deleted at your discretion.

4. Do we disclose information to third-parties?

We do not sell, trade, or otherwise transmit to third-parties your personal information. It can be necessary to provide your information if we consider it is needed in order to comply with the law, the rules of the website or to protect our or other parties rights, property or safety. For the fulfillment of our obligations, we will provide specific personal information to our accounting department, as well as to the software/hardware support service provider and the data center we work with. These persons process your personal data only in connection with the services we provide, where they also have committed themselves to the highest standards of confidentiality at their work.

5. Compliance with Regulation (EU) 2016/679 (GDPR)

In accordance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, which repeals Directive 95/46/EC (GDPR), on the protection of personal data, EVROPING shall take all possible technical and organizational measures provided by the applicable data protection law to protect any data that we may store, operate or process for our customers.

5.1. How we store and protect personal information of our customers:

All information we collect is stored online on servers owned and operated by EVROPING We guarantee an adequate level of data protection due to the fact we have taken the necessary steps to avoid exposing your personal information to third parties, which include the following steps:

a. The servers on which we store your personal information are located in data centers with high security standards, which include physical identification of access by ID card, 24/7/365 on-site staff and video surveillance.
b. The servers we use to store personal information require a certain type of authentication and security measures are in set in order to prevent unauthorized access by third parties.
c. All EVROPING employees who have access to your personal information have signed confidentiality and non-disclosure agreements that guarantee the use of your information with the sole purpose of performing their work.
d. EVROPING is committed to protection of your personal data and information, but cannot secure or guarantee the security of any information you transmit through the services of EVROPING or guarantee that your information is provided by EVROPING services cannot be accessed, disclosed, altered or destroyed by breach of any of our industry standard physical, technical or management warranties. When you enter confidential information (such as a user name and password) in the order form or the customer’s part, that information is encrypted using an SSL certificate of security (secure socket layer technology). However, there is no method of transmitting information over Internet or electronically, which is 100% secure method of electronic storage of data. Therefore, we cannot guarantee its absolute security. If you have questions about the security of your personal information, please contact us. EVROPING uses an external platform and company for proceeding of credit card for the online payments when purchasing services. These companies do not retain, share, store or use personal information for any other than this purposes.
e. For EU customers, EVROPING complies with the EU General Data Protection Regulation, as defined by the European Union, regarding the collection, use and storage of personal data. EVROPING verifies that it complies with the requirements for notification, selection for further relocation, security, data integrity, access and performance.
f. We use your information other than the customer data - to manage, maintain, improve and provide all features of the service you have requested, as well as to provide support related to the service. We process customer data only in accordance with the instructions provided by the respective customer or user.
g. We just store personal data collected by users while their account is active, or retain it for a limited period of time if we need it to fulfill the purposes for which we originally collected it, unless otherwise provided by law. We will retain and use the information we need to comply with our legal obligations, resolve disputes and apply our agreements as follows.

Information for payment is stored for 11 years in accordance with accounting and tax laws
Legal transaction information is stored for 10 years in accordance with the general statute of limitations, provided for civil claims

h. EVROPING does not own, control or manage the use of customer data that is stored or processed through the use of our services. Only the customer has the right to access, process and manage the use of such customer data. EVROPING is not aware what kind of customer data is actually stored or provided by a customer of our service and there is no direct access to such customer data unless authorized by the customer himself or where it is necessary in order to provide the services as required.
i. ТBecause EVROPING does not collect or determine how the personal data contained in the customer information is going to be used, and also because it does not determine the purposes for which such personal data are collected or use, EVROPING does not act as a controller of personal data under the General Data Protection Regulation and it has no related to the responsibilities of the controller under EU law. EVROPING is responsible only for hosting in accordance with Art. 14 of DIRECTIVE 2000/31/EC of the European Parliament and of the Council of 8 June 2000. EVROPING should only be considered as processor on behalf of its customers regarding customer information that contains personal information subject to GDPR requirements.

The Customer is controller of the data in accordance with the Regulation for all customer information that contains personal data, which means that this party controls the manner the personal data shall be collected and used, as well as they determine the purposes and means of processing such personal data.

EVROPING is not responsible for the content of the personal data in the customer information or other information stored on its servers at the discretion of the customer, nor is EVROPING responsible for the manner in which the customer collects, processes, distributes or otherwise processes such personal information.

5.2. What are your rights in connection with the processing of personal data

а. To receive information on the personal data we process and on the purposes for processing

Generally, this information will be provided at the beginning of the provision of our services – i.e. upon conclusion of a contract with customers or our contractors and employees, but you can make inquiries at any time.

b. To have incorrect or inaccurate personal data rectified
c. To have your personal data deleted

If there is no ground for us to continue processing your personal data, you can request the deletion of all your personal information we store and at any time. If the contractual relations between us have been terminated and there is no legal ground or obligation for us to retain this information, it will be deleted.

d. Request storage of your personal data, without being otherwise processed

If there is no ground for us to continue processing your personal data, but you do not wish it to be deleted - for example, with a view to future use of our services - you can request at any time from us to suspend any other form of processing and only to store your data. In this case, we will be able to process them only where we have your consent or by virtue of law.

e. To have your personal data provided

If you would like to receive a copy of your personal data, you can request it at any time, In this case you should indicate if we shall provide it on paper or in an electronic form (.pdf, .doc).

f. To object to the processing of your personal data

In cases where we process your personal data with a view to protect our interests, you may object to the processing at any time. If by the processing we protect our legal interest, we will estimate if we will be able to discontinue the processing or not.

In order to exercise any of the above rights, please fill in and send us a form by mail or e-mail. The form can be found at the links below.

Even if you do not use the form for making your request, we will examine it provided we can identify you and understand which of the rights you wish to exercise. Please specify your contact details – email and/or phone number, in case anything within your request needs clarifying.

Your request will be handled within 1 month. If we have difficulty in meeting your request, this deadline may be extended by up to 2 months, and we will inform you of this extension within 1 month of receipt of your request.

Your request may be rejected in the following cases:

- If we cannot identify you;

- If you have submitted a large number of requests within a short period of time.

Notwithstanding all of the above, you may request information on how we store your personal data at any time. We will answer your questions promptly.

If you believe that we are violating your rights, you may file a complaint before the Commission for Personal Data Protection which oversees the processing of personal data.

6. Terms and conditions

Please also visit sections "Terms of Use" (да се посочи адрес) and "Terms of Service" (да се посочи адрес), which establish use, refusal, limited liability, etc. stipulating the use of our website and services.