Privacy Policy

Privacy Policy

1. Data Controller
ASFE EOOD, a company incorporated under the laws of the Republic of Bulgaria
Registered address: Industrialna str. 90, 8000 Burgas, Bulgaria
Registration number (EIK): 208736159

Hoster: IONOS 
Email: info@asfeood.com
Phone: 0888869058

2. Scope of Application
This Privacy Policy applies to the website asfeeod.com and governs the processing of personal data of users from Bulgaria, Germany, and other EU member states in accordance with the General Data Protection Regulation (GDPR)and applicable national data protection laws, including the Federal Data Protection Act (BDSG).

3. Categories of Personal Data Processed
When you contact us via our website or by email, we may process the following categories of personal data:

  • Identification data (e.g. name)
  • Contact data (e.g. email address, phone number)
  • Communication data (content of your inquiry)
  • Technical data (e.g. IP address, timestamp, browser type)

4. Purposes of Processing
We process your personal data exclusively for the following purposes:

  • Responding to inquiries submitted via the website
  • Communication with prospective clients or partners
  • Initiation and preparation of contractual relationships
  • Ensuring the security and proper functioning of the website

5. Legal Basis for Processing
The processing of personal data is based on:

  • Article 6(1)(b) GDPR – processing necessary for pre-contractual measures
  • Article 6(1)(f) GDPR – legitimate interest in responding to inquiries and maintaining business communication
  • Article 6(1)(c) GDPR – compliance with legal obligations (where applicable)

6. Cross-Border Data Processing
As a company operating within the European Union, personal data may be processed in Bulgaria and, where necessary, in Germany or other EU member states.
All data processing is carried out in compliance with the GDPR, ensuring an adequate level of data protection across borders.

7. Data Retention
Personal data will be retained only for as long as necessary to fulfill the purposes outlined above or to comply with statutory retention obligations under Bulgarian and/or German law.
After the expiration of such periods, the data will be securely deleted or anonymized.

8. Data Sharing and Recipients
Personal data will not be disclosed to third parties except in the following cases:

  • to service providers acting as data processors (e.g. hosting providers), under a data processing agreement pursuant to Article 28 GDPR
  • where disclosure is required by law or regulatory authorities
  • where necessary for the establishment, exercise, or defense of legal claims

9. Hosting and Technical Processing
Our website is hosted by an external service provider. In the course of hosting, technical data (e.g. IP address, access logs) may be processed to ensure system security, stability, and performance.
A data processing agreement in accordance with Article 28 GDPR has been concluded with the hosting provider.

10. Data Security Measures
We implement appropriate technical and organizational measures (TOMs) in accordance with Article 32 GDPR to ensure a level of security appropriate to the risk, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

11. Rights of Data Subjects
Under the GDPR, you have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)

To exercise your rights, please contact us using the details provided above.

12. Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

Competent authority in Bulgaria:
Commission for Personal Data Protection

Competent authority in Germany (example):
Federal Commissioner for Data Protection and Freedom of Information

13. No Automated Decision-Making
No automated decision-making or profiling pursuant to Article 22 GDPR takes place.

14. Changes to This Privacy Policy
We reserve the right to amend this Privacy Policy at any time to ensure compliance with legal requirements or to reflect changes in our services.

©Copyright. All rights reserved.

Information icon

Wir benötigen Ihre Zustimmung zum Laden der Übersetzungen

Wir nutzen einen Drittanbieter-Service, um den Inhalt der Website zu übersetzen, der möglicherweise Daten über Ihre Aktivitäten sammelt. Bitte überprüfen Sie die Details in der Datenschutzerklärung und akzeptieren Sie den Dienst, um die Übersetzungen zu sehen.