Effective Date: 22.10.2024
GAPKO LTD value your privacy and are committed to protecting your personal data. This Privacy Notice explains how we collect, use, and protect your personal data, your rights in relation to that data, and how you can contact us if you have any concerns. Please read this carefully.
Who We Are
We are GAPKO LTD, a company registered in Bulgaria, with registered address at 26 Mesemvria Street, Floor 6, Office 7, Iztochen District, Plovdiv. For the purposes of applicable data protection laws, we are the “data controller” of your personal data.
Information We Collect About You
We collect various types of personal data when you interact with us, including when you visit our website, make a purchase, create an account, or engage with us on social media.
| Category of Personal Data | Description | Purpose of Processing | Legal Basis for Processing |
| Contact Information | Full name, email address, phone number, postal address, date of birth, account name, username, or similar identifiers. | To communicate regarding your account, send promotional materials, and provide customer support. | Performance of a contract, Consent (for marketing), Legitimate interest (customer service and product updates). |
| Account Information | Username, password, and other login details when you create an account with us. | To create and manage your account, authenticate access to services, and ensure account security. | Performance of a contract, Legitimate interest (security and fraud prevention). |
| Order Information | Details of products purchased, order history, shipping address, and transaction details. | To process and fulfill orders, manage returns, and provide customer support. | Performance of a contract, Legal obligation (maintaining records for legal compliance). |
| Product Preferences | Information about products you viewed or added to your cart. | To personalize product recommendations, enhance your shopping experience, and target marketing. | Legitimate interest (personalization), Consent (for targeted marketing). |
| Financial Data | IBAN, and other billing details processed by our payment provider to facilitate refunds. | To process refunds and manage returns. | Performance of a contract, Legal obligation (for refunds and returns). |
| Marketing and Communication Data | Name, contact details, and preferences regarding receiving marketing materials and communication preferences. | To send targeted marketing, promotional offers, and manage communication preferences. You can opt out at any time. | Consent (for direct marketing), Legitimate interest (to keep you informed about services and offers). |
| Social Media Information | Social media handles, interactions with posts, public postings, comments, reactions, and messages on platforms such as Facebook, Instagram, etc. | To engage with you via social media, respond to inquiries, and manage advertising campaigns. | Legitimate interest (engagement and advertising). |
| Legal and Compliance Data | Records of consents, legal inquiries, and compliance information. | To comply with legal obligations, protect our legal rights, and respond to regulatory inquiries. | Legal obligation. |
| Log Information | IP address, browser type and version, device type, operating system, and other automatically logged system information. | To improve our website, diagnose technical issues, and enhance security. | Legitimate interest (website functionality and security). |
| Customer Usage Data | Information about your use of our services, such as API requests, preferences, and settings. | To optimize services, perform analysis, and enhance your experience. | Legitimate interest (service improvement). |
| Cookies and Usage Data | Information about browsing activities collected via cookies (e.g., Google Analytics, Hotjar). | To personalize your experience, improve functionality, and analyze website usage. | Legitimate interest (personalization and analysis). |
How We Use Your Personal Data
We use your personal data for the following purposes:
- To provide our services: Manage your orders, process payments, fulfill your purchases, and offer customer support.
- To communicate with you: Send order confirmations, updates, and responses to your inquiries.
- Marketing: If you’ve opted in, we may send you promotional materials and offers. You can unsubscribe from marketing communications at any time by following the instructions in our emails or via this link.
- Personalization: Tailor product recommendations and ads based on your preferences and behavior on our site.
- Analytics: Use cookies and tracking technologies to analyze how you interact with our website and services, so we can improve your experience.
- Legal compliance: We may process your personal data to meet our legal obligations, respond to legal claims, or comply with regulatory requirements.
How We Share Your Personal Data
We may share your personal data with:
- Service providers: We engage third-party companies to assist with services such as payment processing, order fulfillment, marketing, and analytics.
- Social media platforms: We may share data with platforms like Facebook, Instagram, TikTok, and LinkedIn for advertising purposes.
- Law enforcement and regulators: If required by law, we may disclose your information to relevant authorities.
- Business transfers: If we are involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction.
Where We Store Your Data
The personal data we collect from you is primarily stored on secure servers located within the European Economic Area (EEA). We take extensive measures to ensure that your data is handled securely, in compliance with applicable data protection laws.
In some cases, your data may be transferred to and stored outside the EEA, such as when we work with third-party service providers. When this happens, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses or other legally recognized mechanisms, to ensure that your data is treated securely and in line with EU data protection standards.
Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Improve site functionality: Enable essential site features like secure login and order processing.
- Personalize your experience: Provide customized product recommendations and marketing content.
- Analytics and performance: Measure website traffic and user behavior to enhance services.
Cookie Preferences
If you wish to change your cookie settings or manage your preferences, you can do so at any time by visiting our Cookie Preference Center. For more information, please refer to our Cookie Policy.
Your Rights Regarding Your Personal Data
You have the following rights in relation to your personal data:
- Right of access: You can request information about the personal data we hold about you.
- Right to rectification: You can request correction of any inaccurate or incomplete data.
- Right to erasure: You may ask us to delete your personal data under certain conditions. However, this right is not absolute, and we may retain certain data where it is required for compliance with a legal obligation, the establishment, exercise, or defense of legal claims, or for other legitimate purposes as permitted by law.
- Right to restrict processing: You can ask us to limit the processing of your personal data in certain situations, such as when the accuracy of the data is contested.
- Right to data portability: You can request a copy of your personal data in a structured, machine-readable format for your own use or to transmit to another service provider.
- Right to object: You can object to the processing of your data for direct marketing purposes or when processing is based on legitimate interests. We may still process your data if we have compelling legitimate grounds that override your rights and interests.
- Right to withdraw consent: If you have provided consent for specific processing activities, you can withdraw it at any time. Please note that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Exceptions to Your Rights
Please note that some of these rights may be subject to exceptions under applicable data protection laws, particularly when the processing is necessary for compliance with a legal obligation, the exercise or defense of legal claims, or for reasons of public interest.
To exercise any of these rights, contact us at office@marielior.com.
Security of Your Personal Data
We implement robust security measures to safeguard your personal data from unauthorized access, alteration, disclosure, or destruction. This includes a combination of physical, technical, and organizational protections designed to keep your information secure. We regularly update and test our systems to ensure they meet the latest security standards and effectively address new threats and vulnerabilities.
How Long will we Keep Your Personal Data?
The duration for which we retain your personal data depends on the specific purposes for which we process it. Below, we outline the retention periods based on different processing activities:
| Purpose | Time for which the data are kept |
| 1. To manage your Platform user registration | We will process your data for as long as you remain a registered user (until you choose to unsubscribe). |
| 2. Development, performance, and execution of the purchase or services contract | We will process your data for the time necessary to manage the purchase of products or services you have bought, including potential returns, complaints, or claims. In cases where you request us to store your payment data for future purchases, we will process it until you withdraw your consent. |
| 3. Customer Support | We will process your data for as long as is necessary to address your inquiries, requests, or applications. |
| 4. Marketing | We will process your data until you unsubscribe or cancel your subscription to our newsletter. If you participate in promotional actions, your data will be retained for a six (6) month period from the end of the promotional activity. |
| 5. Analysis of usability and quality | We will process your data occasionally for the time necessary to carry out quality actions or surveys, or until we anonymize your browsing data. |
Notwithstanding the specific retention periods for each purpose, we will securely store and protect your data for the duration of any potential liabilities arising from their processing, in compliance with applicable laws. Once these retention periods and any legal obligations expire, we will proceed to delete your personal data.
International Transfers
Your personal data may be transferred outside the European Economic Area (EEA). Whenever we transfer your personal data internationally, we will ensure that it is protected to the same standards as it would be within the EEA. This may include the use of Standard Contractual Clauses or other legally recognized transfer mechanisms.
Changes to This Privacy Notice
We may update this Privacy Notice from time to time. Any changes will be posted on our website, and where appropriate, notified to you by email.
Contact Us
If you have any questions or concerns about this Privacy Notice or how we process your personal data, please contact us:
GAPKO LTD
26 Mesemvria Street, Floor 6, Office 7
Iztochen District, Plovdiv, Postal Code 4017, Bulgaria
Email: office@marielior.com.