Privacy Policy-GDPR

  1. Introduction
    1. This privacy policy governs how “FROMVULEVI” EOOD collects, processed and stores personal data in accordance with the requirements of the “General Data Protection Regulation”-regulation (EU) 2016/679, the Personal Data Protection Act of Republic of Bulgaria and other normative Bulgarian or international instruments.
    2. The confidentiality of information about our users is a top priority for us. “FROMVULEVI” LTD. As a data controller and in accordance with legislation and good practices implements the required technical and organizational measures to protect the personal data of individuals.
    3. This policy provides information about how and what types of personal data we collect from and about you, why we need it, to whom it can be provided or disclosed, and how it is protected. Please read them carefully. By providing your personal data to “FROMVOULEVS” LTD., whether by electronic means or on paper, you acknowledge and agree to the practices described in this privacy and personal data protection policy. Please, in case you have any questions regarding this policy, contact a human resources officer, and if you do not agree with some of the terms contained in the privacy policy, we do not recommend the use of products and services Provided by “FROMVOULEVS” LTD., for which you must provide your personal data.
  2. Information about “FROMVOULEVS” LTD. In its capacity of personal data controller. In connection with the processing of your personal data you can contact us in these contacts:
    • Identity of the data controller:
    • Name: “FROMVOULEVS” LTD.
    • Country: Bulgaria
    • Address: Sofia City, postal code: 1505, 10 Maritsa street
    • Phone: 02-9433167; E-mail:; Website:

3. any information regarding the processing of your personal data can be obtained from:

  • Address: Country-Bulgaria,
  • City of Sofia;
  • Postal code: 1505;
  • 10 Maritsa street
  • Phone: +359 2 9433167;
  • E-mail:

If you believe that we violate your rights related to the processing of your personal data and in compliance with the requirements of the “General Data Protection Regulation”-regulation (EU) 2016/679 you have the right to complain to a supervisory authority and to seek protection Court order as follows:

4. right of appeal to a supervisory authority pursuant to article 14 (2) (e)
If the You wish to file a complaint about the processing of your personal data carried out Of us, or about how we have viewed your complaint, are entitled to Complain to the Commission for Personal Data protection and the official Data protection (if available).
You can submit a complaint in one of the following ways: in person on paper at the office OF THE CPDP at: 1592 Sofia, Bulgaria Prof. 2 Tsvetan Lazarov. By letter at: 1592 Sofia, Bulgaria Prof. 2 Tsvetan Lazarov, Commission for personal data protection. By fax to: 029153525 Electronically to the email address OF THE CPDP ( In this case, your complaint must be styled as an electronic document signed with an electronic signature (not scanned). Via the website of THE CPDP at in the manner described on the respective page. In this case, your complaint must be styled as an electronic document signed with an electronic signature. In either of these cases, the complaint should contain: Details of the complainant – name, address, telephone number, e-mail address (if any) the nature of the information and documents you consider to be relevant to the privacy and signature (for electronic documents – electronic, for paper documents – Handwritten The CPDP provides a complaint form to the Commission (to assist and orient citizens) in relation to misuse of personal data in the voter lists supporting the registration of political entities. The form can be downloaded from the following page: Https:// subekti. doc.
  1. Legal basis
  1. This Privacy policy (“policy”) is issued on the basis of the law on Protection of Personal data and its regulations (“Bulgarian legislation”) and the general Data Protection Regulation-Regulation (EU) 2016/679 (“GDPR”).
  2. Bulgarian legislation and GDPR provide rules on how “FROMVOULEVS” LTD. should collect, process and store personal data.
  3. In order to be able to process personal data in accordance with legal requirements, personal data is collected and used lawfully, the necessary security of processing operations and “FROMVOULEVS” LTD. has taken the necessary measures to avoid Personal data subject to unlawful disclosure. According to the basic principles, observed by “FROMVOULEVS” LTD., your personal data are:
    1. Processed lawfully, in good faith and in a transparent manner with respect to the data subject (“Legality, fairness and transparency”);
    2. Collected for specified, explicit and legitimate purposes and not further processed in a manner incompatible with these purposes (“purpose limitation”);
    3. appropriate, related and limited to what is necessary in relation to the purposes for which they are processed (“Data minimisation”);
    4. Accurate and kept up to date; “FROMVULEVI” LTD. has taken all reasonable measures to ensure the timely deletion or rectification of inaccurate personal data, taking into account the purposes for which they are processed (“accuracy”);
    5. Kept in a form which permits identification of the data subject for a period not exceeding what is necessary for the purposes for which the personal data are processed; (“Storage Restriction”);
    6. Processed in a manner that ensures an appropriate level of security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, by applying appropriate technical or Organizational measures (‘ integrity and confidentiality ‘);
    7. “FROMVOULEVS” LTD. is responsible and able to prove that it respects the basic principles related to the processing of personal data (“accountability”).
  • Policy objectives
  1. The adoption and implementation of the current policy of “FROMVOULEVS” TD. under the Bulgarian Legislation and Regulation (EU) 2016/679 lay down the rules regarding the protection of natural persons with regard to the processing of personal data, as well as The rules on the free movement of personal data.
  2. The adoption and implementation of the current policy of “FROMVOULEVS” LTD. under the Personal Data Protection Act and Regulation (EU) 2016/679 protect the fundamental rights and freedoms of natural persons, and in particular their right to the protection of personal data.
  3. With the current policy “FROMVOULEVS” LTD. wants to guarantee:
    1. Lawfulness of the processing of personal data carried out by “FROMVOULEVS” LTD.;
    2. The rights of natural persons subject to personal data under Regulation (EU) 2016/679;
    3. Compliance with the requirements of the regulation to “FROMVOULEVS” LTD. as Administrator and/or processor, including:
      1. Data protection at the design and default stage
        Records of processing activities
        Appropriate technical and organizational measures, which shall be reviewed and, where necessary, updated
        Risk assessment measures relating to the processing of personal data
        Compliance with the requirements when assigning the processing of your personal data to third parties (processing)
        The duties of officials processing personal data and/or persons having access to personal data and working under the authority of processors personal data, their liability for failure to comply with those obligations;
      2. Taking into account the achievements of technical progress, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, “FROMVOULEVS” LTD. in Its capacity as Administrator and/or processor shall implement appropriate technical and organizational measures to ensure a level of security that is consistent with that risk.
      3. Ensure compliance with the basic principles for transfers of personal data to third countries or international organizations outside the EU
  4. Scope


  1. ‘ Personal data ‘ means any information relating to an identified natural person or a natural person who can be identified (‘ data subject ‘); An identifiable natural person is a person who can be identified, directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, an online identifier or one or more signs, Specific to the physical, physiological, genetic, mental, mental, economic, cultural or social identity of that natural person;
  2. ‘ Processing ‘ means any operation or set of operations which is carried out with personal data or sets of personal data, by automatic or other means such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, Consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  3. The data protection policy applies to the processing of personal data of users, employees, where they become known to partners and suppliers, as described in the registers of processing activities established in accordance with article 30 of the General Data Protection Regulation-Regulation (EU) 2016/679 (‘ Records of processing activities ‘).
  • Purposes Processing of personal data

1. Subject to the requirements of section I -Transparency and conditions of the general Data Protection Regulation- Regulation (EU) 2016/679 “FROMVOULEVS” LTD. provides a transparent Information, communication and modalities for the exercise of the rights of the data subjects Pursuant to article 12 of the Regulation.

2. The objectives and information The relation of the processing of personal data carried out by “FROMVOULEVS” LTD. shall be provided in accordance with the “Transparent communication procedure” (P_A2_BG), ‘ procedure for the collection of Personal Data ‘ (P_A13_BG) and ‘ procedure Receiving personal Data “(P_A14_BG).

3. The objectives and information Relation to the processing of personal data are specified in the services provided to Data subjects, “information on the processing of personal data in the Collection ‘ (D_A13_BG) and ‘ information provided on receipt of personal data Data “(D_A14_BG).

  • Transparency. Rights of persons whose data are processed by “FROMVOULEVS” LTD.
Information about your rights related to the processing of personal data Under article 14 (2) (c)
Right Grounds Description of the right
Right to Access Article 15 Right to Confirmation of processing and access to your personal data.
Right to Correct Article 16 Adjust Inaccurate or incomplete personal data.
Right to Delete Article 17 Request deletion of your personal data.
Right to Restriction of processing Article 18 To claim Restriction of the processing of your personal data.
Obligation to Notification Article 19 Require Be notified in any action related to rectification, erasure or Restriction of processing.
Right to Objection Article 21 Object At any time against the processing of your personal data: For Performance of a task in the public interest or on the basis of official For the purposes of legitimate interests, including profiling. Processing For direct marketing purposes Processing For purposes of scientific or historical research or for statistical purposes.
Right to Refusal of automated processing Article 22 You have the right Refuse to be subject to a decision based solely on the Automated processing, including profiling, which creates legal Consequences for you or concerns you significantly.
Right to Portability Article 20 You have the right To obtain the personal data.
Right to Complaint and effective judicial redress Articles 77, 78 and 79 You have the right Submit a complaint to the Commission for personal data protection for breaches of Regulation (EU) No 2016/679 of 27 April 2016 and the right to an effective remedy Controller or processor of your personal data.
Right to Compensation Article 82 You have the right Compensation for material or intangible damage suffered as a result of the Infringement of regulation (EU) No 2016/679.

Such data to partners or suppliers according to the The records of processing activities) have the right to exercise Rights in the following way:

How to Exercise Your Rights
On-site On the phone On the Internet
Address: 10 Maritsa street Phone: 02 – 9433167 Website
City/Village: Sofia Phone (SMS): 02 – 9433167 E-mail
  • Transfer of personal data to third Countries or international organizations

1. Transfer of personal data which Processed or intended for processing after the transfer of a third country International organization outside the EU is carried out by the “FROMVOULEVS”. LTD. only under the terms of the general Data Protection Regulation- Regulation (EU) 2016/679, subject to the conditions set out in chapter VI of Regulation.

2. “FROMVOULEVS” LTD. Apply all the provisions of the regulation so as not to jeopardize the The necessary level of protection of natural persons provided by the Regulation.

3. In case of “FROMVOULEVS” LTD. will transfer personal data to a third country or to a International organization outside the EU, this transfer shall be carried out in accordance with ‘ Data transfer procedure outside the EU ‘ (P_A44_BG) and the entities of the Data shall be notified in advance to “information on the processing of personal data Collection ‘ (D_A13_BG) and ‘ information provided upon receipt of the Personal Data ‘ (D_A14_BG), requiring their ‘ consent to be transmitted to the Personal Data “(D_A49_BG).

10. infringements and notification of breaches

  1. “Personal data Breach” means a breach of security resulting in the accidental or unlawful Destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, which are transmitted, stored or otherwise processed by “FROMVOULEVS” Ltd.
    1. In case of personal data breach Should immediately be informed:
Contact details of the security officer Data Under article 14 (1) (b)
Name:   Country:  
Address:   Phone:  
City/Village:   E-mail  
Postal code:   Website:  
  1. In the event of a breach of the security of personal Which there is a likelihood of a risk to the rights and freedoms of the of natural persons, without undue delay and, where feasible, not Later than 72 hours after he was knew for him, “FROMVOULEVS” LTD. Informs the Commission on the Protection of personal data.
  2. In case a specific infringement poses a risk to the Rights and freedoms of natural persons, “FROMVOULEVS” LTD. shall take the Measures to inform the persons concerned in order to minimize any possible Adverse effects.
  3. “FROMVOULEVS” LTD. Takes action according to the ‘ Personal data breach procedure ‘ (P_A33_BG).
  1. Destruction
  1. “FROMVOULEVS” LTD. follows the “procedure for Destruction of personal Data ‘ (P_A17_BG_01).
  1. Changes in policy Confidentiality “FROMVOULEVS” LTD. shall have the right to update, by modifying and supplementing the privacy policy, the Personal data at any time in the future when circumstances so require.