Privacy Policy
Last updated: July 2026
1. Data Controller
Fidentus EOOD
Alexander Malinov Blvd. 31
1297 Sofia
Bulgaria
- UIC / EIK: 208087429
- VAT ID: BG208087429
- Web: fidentus.tech
2. Scope
This Privacy Policy applies to the use of this website and the related services of Fidentus EOOD. It reflects the requirements of the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR"), the Bulgarian Personal Data Protection Act (ZZLD), and other applicable EU regulations.
3. Data Collected
3.1 Contact form / Demo request
When you use our contact form, we process the data you provide: first and last name, email address, phone number (optional), institution, jurisdiction, function / role, and your message. Processing is based on your consent (Art. 6(1)(a) GDPR) and / or the performance of pre-contractual measures (Art. 6(1)(b) GDPR).
3.2 Server log data
When you visit the website, technically necessary data is automatically collected (IP address, browser type, access time, requested page). This processing is carried out to ensure technical operation and IT security based on our legitimate interest (Art. 6(1)(f) GDPR). The data is deleted after no more than 30 days.
3.3 Local storage
Your language and theme preferences and your cookie decision are stored exclusively in your browser (localStorage). No transmission to us or third parties takes place.
4. Purposes of Processing
- Handling your inquiry or demo request
- Communication with you and your institution
- Provision and improvement of the website
- Ensuring IT security
- Compliance with legal obligations
5. Data Sharing
We do not sell or rent your personal data. Data is shared only insofar as it is necessary to provide our services (e.g., hosting and email providers as processors under Art. 28 GDPR), with affiliated companies of the Fidentus Group for intra-group coordination, or where we are legally obliged to do so. Processors are carefully selected and contractually obligated to comply with data protection requirements.
6. Transfers to Third Countries
Where data is transferred to countries outside the European Economic Area (EEA), we ensure an adequate level of data protection, e.g., through adequacy decisions of the European Commission, EU Standard Contractual Clauses (SCC), or equivalent safeguards under Chapter V GDPR.
7. Retention
- Inquiry data: until your inquiry is fully processed, or up to 24 months after the last contact, unless statutory retention periods require longer storage.
- Log data: no more than 30 days.
- Cookie / preference decision: stored in your browser until you delete it.
- Statutory retention obligations (e.g., commercial and tax law): 5 to 10 years under Bulgarian and EU law.
8. Your Rights under the GDPR
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
- Right to withdraw consent with effect for the future (Art. 7(3) GDPR)
To exercise your rights, please contact us via the contact form on this website or by post to the address above.
9. Right to Lodge a Complaint
You have the right to lodge a complaint with a data protection supervisory authority. The competent authority for Fidentus EOOD is:
Commission for Personal Data Protection (CPDP)
2 Prof. Tsvetan Lazarov Blvd.
1592 Sofia, Bulgaria
www.cpdp.bg
You may alternatively contact the supervisory authority of your habitual residence or place of work within the EU.
10. Cookies
This website uses only technically necessary cookies or localStorage entries to store your language, theme preference, and cookie decision. No tracking or marketing cookies are used. Analytical cookies are set only after your explicit consent via the cookie banner.
11. Data Security
- Transport encryption (TLS/HTTPS)
- Access controls and role-based permissions
- Regular security assessments
- Data breach notification procedures under Art. 33/34 GDPR
12. Automated Decision-Making
We do not carry out automated decision-making, including profiling, within the meaning of Art. 22 GDPR.
13. Changes to This Privacy Policy
We reserve the right to amend this Privacy Policy to reflect changes in the legal framework or in our services. The current version is available on this website.