Privacy Policy

This document describes how Velmar Pearls Ltd collects, uses, processes and protects the personal data of individuals who visit and use our online shop. It also explains the rights and choices that individuals have in relation to their personal data.

1. Data Controller:
Company.
Address. “Vasil Levski № 51, 1142 Sofia, Bulgaria
UIC: 202943197
Phone: 0888 955 615
E-mail: perla@velmar.com

2. Data Protection Supervisor:
Data Protection Commission (DPC)
Address. The Data Protection Authority (DPO) is responsible for the protection of the data subject. “1592 Prof. No. 2, Tsvetan Lazarov
Phone: 02/91-53-555, 02/91-53-519
e-mail: kzld@cpdp.bg
Website: www.cpdp.bg

3. Collection and use of personal data
We collect and process personal data in accordance with the requirements of the EU General Data Protection Regulation (GDPR) and other applicable data protection laws. Personal data may be collected by the following methods:
3.1. When you create an account on our online store, we may store your name, email address, billing address, shipping address and contact information.
3.2. Order Processing: When you place an order, we may collect additional information such as payment details, transaction history and preferences in order to process and fulfil your order.
3.3. Communication.
3.4. Website Analytics: We may collect non-personal data such as IP addresses, browser type, device information and website usage statistics to analyse trends and improve our online store and the services we offer.

4. Legal basis for processing
We process personal data based on the following legal grounds:
4.1. We process personal data to fulfil our contractual obligations, such as processing and delivering orders.
4.2 Legitimate interests: We may process personal data to pursue our legitimate interests, such as improving our services, marketing our products and preventing fraud.
4.3. Consent: We may ask for your explicit consent to process personal data for specific purposes, such as subscribing to newsletters or marketing communications. You have the right to withdraw your consent at any time.

5. Data sharing and transfer
We may share personal data with trusted third parties, including:
5.1. Service Providers: We may engage third-party service providers to perform certain functions on our behalf, such as payment processing, order fulfillment and website analytics. These service providers are authorized to use personal data only to the extent necessary to provide the requested services.
5.2. Legal Compliance: We may disclose personal data if required to do so by law, legal process or government authorities.
5.3. Business Transfer: In the event of a merger, acquisition or sale of our business, personal data may be transferred to the acquiring organization.

6. Data Storage
We retain personal data for as long as necessary to fulfill the purposes set out in this privacy policy, unless the law requires or permits a longer retention period.

7. Rights of the data subject
According to the GDPR, natural persons have certain rights regarding their personal data. You have the right to:
7.1. Access: To request access to your personal data and to receive information about how it is processed.
7.2. Correction: Request correction of inaccurate or incomplete personal data.
7.3. Deletion: Request deletion of personal data under certain circumstances.
7.4. Restriction: Request restriction of processing in certain circumstances.
7.5. Object: Object to the processing of personal data in certain circumstances, including direct marketing.
7.6. Data portability: Request a copy of your personal data in digital or physical machine-readable format when technically feasible.
7.7. Withdraw consent: Withdraw your consent to the processing of personal data where applicable.
To exercise your rights, please contact us using the contact information provided in this Privacy Policy or directly through the contact form on the Website.