• Home
  • About me
  • Arbitration and Mediation
  • IT law
  • Civil and Commercial Law
  • News
Taniaiossifova
  • Home
  • About me
  • Arbitration and Mediation
  • IT law
  • Civil and Commercial Law
  • News
en
  • bg

Privacy Policy

Information about the personal data controller: Tania Iossifova, in her capacity as an individual.

  • Email: contact@taniaiossifova.com

 

Grounds and purposes for which we use your personal data

We process your personal data on the following legal grounds:

  • The General Terms and Conditions for using the Website;

  • Your explicit consent – the purpose is specified for each specific case;

  • Upon a legal obligation.

In the following paragraphs, you will find detailed information regarding the processing of your personal data depending on the legal basis on which we process it.

 

For the performance of a contract

We process your personal data for the purpose of using the Website in accordance with the rules of the General Terms and Conditions. Purposes of processing (where applicable):

  1. Establishing your identity;

  2. Providing the functionalities of our website.

On this basis, we only process personal data in connection with the user profile you have created. We delete the data collected on this basis 2 years after the termination of the contractual relationship, whether due to the expiration of the contract, termination, or another reason.

 

Upon your consent

We process your personal data on this basis only after your explicit, unambiguous, and voluntary consent. We will not impose any adverse consequences on you if you refuse the processing of your personal data.

Consent is a separate basis for processing your personal data, and the purpose of the processing is specified in it, not covered by the purposes listed in this policy. If you give us the relevant consent, until its withdrawal or the termination of any contractual relations with you, we prepare suitable product/service offers for you by performing detailed analyses of your basic personal data.

  • Data we process on this basis: On this basis, we may process personal data for direct marketing purposes, including website usage data and social network profile data.

  • Provision of data to third parties: On this basis, we may provide your data to marketing agencies, Facebook, Google, or similar entities.

  • Withdrawal of consent: The provided consents can be withdrawn at any time. The withdrawal of consent does not affect the fulfillment of contractual obligations. If you withdraw your consent to the processing of personal data for any or all of the ways described above, we will not use your personal data and information for the purposes defined above. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. To withdraw the given consent, you only need to use our website or simply our contact details.

  • When we delete the data collected on this basis: We delete the data collected on this basis upon your request or 12 months after its initial collection.

 

How we protect your personal data

To ensure adequate protection of users' data, we apply all necessary organizational and technical measures provided by the Personal Data Protection Act.

We have established rules to prevent abuse and security breaches, which supports the processes of protecting and ensuring the security of your data. For maximum security during the processing, transfer, and storage of your data, we may use additional protection mechanisms such as encryption, pseudonymization, etc.

 

User Rights

Every User of the site enjoys all rights for personal data protection under Bulgarian law and European Union law. The User can exercise their rights by sending a message to our email.

Every User has the right to:

  • Information (regarding the processing of their personal data by the controller);

  • Access to their own personal data;

  • Rectification (if the data is inaccurate);

  • Erasure of personal data (right "to be forgotten");

  • Restriction of processing by the controller or personal data processor;

  • Portability of personal data between separate controllers;

  • Objection to the processing of their personal data;

  • The data subject also has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning the data subject or similarly significantly affects them;

  • The right to judicial or administrative protection in case the rights of the data subject have been violated.

The User may request erasure if one of the following conditions is met:

  • The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

  • The User withdraws consent on which the processing is based, and where there is no other legal ground for the processing;

  • The User objects to the processing and there are no overriding legitimate grounds for the processing;

  • The personal data have been unlawfully processed;

  • The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;

  • The personal data have been collected in relation to the offer of information society services to children, and consent was given by the holder of parental responsibility over the child.

The User has the right to restrict the processing of their personal data by the controller when:

  • They contest the accuracy of the personal data. In this case, the restriction of processing is for a period enabling the controller to verify the accuracy of the personal data;

  • The processing is unlawful and the User opposes the erasure of the personal data and requests the restriction of their use instead;

  • The controller no longer needs the personal data for the purposes of the processing, but they are required by the User for the establishment, exercise, or defense of legal claims;

  • They have objected to processing pending the verification whether the legitimate grounds of the controller override those of the User.

Right to data portability The data subject has the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format, and has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent or on a contract, and the processing is carried out by automated means. In exercising their right to data portability, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible.

Right to object Users have the right to object to the controller against the processing of their personal data. The personal data controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims. Upon objection to the processing of personal data for direct marketing purposes, the processing shall cease immediately.

Complaint to a supervisory authority Every User has the right to file a complaint against unlawful processing of their personal data to the Commission for Personal Data Protection or to the competent court.

Prof. Dr. Tania Iossifova

Legal expert, arbitrator, and mediator. Academic and consulting activities in the field of civil, commercial, and information law.

PRACTICE AREAS

Arbitration and Mediation

IT Law

Civil and Commercial Law

QUICK LINKS

Terms and Conditions

Privacy Policy

Cookies Policy

CONTACTS

Sofia, Bulgaria

contact@taniaiossifova.com

0885738953

© 2026 Prof. Dr. Tania Iossifova. All rights reserved.