⭐⭐⭐⭐⭐ НАД 15 000+ ДОВОЛНИ КЛИЕНТА!
Effective Date: 06/25/2024
1. Introduction and Scope
This Privacy Statement (‘Declaration’) aims to inform you about the way Inferno Perfumes EOOD (‘Administrator’, ‘We’, ‘Nas’), with EIK 208160838 and headquarters and address of management Ruse, 12 ‘Yantra’ St., 7020 Revival, processes your personal data in your capacity as a visitor or client on our website www.inferno.bg (‘Website’).
We understand the importance of your privacy and are committed to protecting your data in a transparent and legal manner in full compliance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and the current Bulgarian legislation.
2. Identification of the Personal Data Administrator
- Name: Inferno Perfumes Ltd.
- EIC/BULSTAT: 208160838
- Headquarters and management address: Ruse, 12 ‘Yantra’ St., 7020 Revival
- Correspondence address: Ruse, 12 ‘Yantra’ St., 7020 Revival
- Contact Email: infernoperfumes@gmail.com
- Contact phone: 0875 40 40 50
3. Categories of personal data we process
Depending on how you interact with our website, we may collect and process the following categories of personal data:
- Identification data: First name, last name and surname.
- Contact details: Email address, phone number, delivery address.
- Order and Payment Details: Purchase history, data on the selected payment method (we do not store full bank card data; they are securely processed by our partners – payment service providers), order number, billing address.
- User Profile Details: Username, Encrypted Password, Wishlist Desired List, Fragrance Preferences (if functionality is available).
- Technical and digital data: IP address, cookie data (according to our Cookie Policy), device and browser type, login data.
- Communication data: Any information you provide to us when we correspond with us by email, by contact form or by phone.
4. Purposes and legal grounds for data processing
We process your personal data only for specific, explicitly stated and legitimate purposes, applying the relevant legal basis according to GDPR for each purpose.
| Purpose of processing | Data Categories | Legal basis (according to GDPR) |
|---|---|---|
| 1. Conclusion and execution of a purchase and sale contract (order processing, delivery, payment) | Identification, contact, order | Art. 6, para. 1, b. ‘B’ – Execution of a contract to which you are a party. |
| 2. Create and manage a user profile | Identification, Contact, Profile | Art. 6, para. 1, b. ‘B’ – to take steps at your request before concluding a contract. |
| 3. Accounting and Tax Reporting | Identification, for orders, address | Art. 6, para. 1, b. ‘in’ – compliance with a legal obligation (e.g. Accounting Law, VAT). |
| 4. Communication and customer service (response to queries, solve case studies) | identification, contact, from communication | Art. 6, para. 1, b. ‘is’ – Our legitimate interest to provide quality service. |
| 5. Direct marketing and sending commercial messages (Information about new perfumes, promotions, personalized offers) | Identification, contact, order | Art. 6, para. 1, b. ‘A’ – Your express, free consent. |
| 6. Website improvement and user behavior analysis | Technical and Digital Data | Art. 6, para. 1, b. ‘A’ (for analytical cookies) and B. ‘is’ (legitimate interest in optimization). |
| 7. Fraud prevention and protection of legal interests | All relevant categories | Art. 6, para. 1, b. ‘is’ – Our legitimate interest to protect our business and assets. |
5. Data storage period
We store your personal data only for the period necessary to achieve the purposes for which they were collected or as required by law:
- Order data: for a period of 10 years, starting from January 1 of the year following the year of the order, according to the Accounting Law.
- User profile data: until you request its deletion, or after a period of inactivity from Three years.
- Data for marketing purposes (subject to consent): until your consent is withdrawn.
- Communication data: for a period up to 1 year after the correspondence is completed.
6. Sharing and disclosure of personal data
We do not sell or provide your personal data to third parties for their marketing purposes. We may only share your data with trusted partners (personal data processors) who assist us in our business, subject to strict confidentiality and security requirements:
- Courier companies: for making the deliveries (e.g. Econt, Speedy).
- Payment service providers: for secure payment processing.
- IT suppliers and hosting companies: For website maintenance and security.
- Marketing and advertising agencies: In the presence of your express consent for advertising purposes.
- Accounting and legal advisors.
- State and municipal bodies: on legal grounds and in due order.
7. Transmission of data outside the EU/EEA
It is possible that some of our partners (eg Google, Meta) are located outside the European Union. In such cases, we shall ensure that the transmission of data is carried out in compliance with standard contractual clauses approved by the European Commission or other appropriate guarantees under Chapter V of the GDPR that provide an adequate level of protection.
8. Your rights as a data subject
According to GDPR, you have the following rights regarding your personal data:
- Right of Access: obtain a copy of the data we hold about you.
- Correction Right: request correction of inaccurate or incomplete data.
- Right to Delete (‘Right to be Forgotten’): to request deletion of your data in certain circumstances.
- Right to restriction of processing: request a temporary suspension of processing.
- Right to data portability: Get your data in a structured, machine-readable format and transfer it to another administrator.
- Right to object: to object to processing based on legitimate interest.
- Right to withdraw your consent: at any time, without prejudice to the legality of the processing until the time of withdrawal.
To exercise any of these rights, please contact us at the contacts specified in item 2.
You also have the right to submit Complaint to the supervisory authority – the Commission for the Protection of Personal Data (CPDP) with address: Sofia 1592, ‘Prof. Tsvetan Lazarov’ Blvd. No. 2, or online at www.cpdp.bg.
9. Data Security
We apply appropriate technical and organizational measures to protect your personal data from accidental loss, unauthorized access, alteration or disclosure. These include the use of an SSL certificate for connection encryption, access control, pseudonymization, and regular security audits.
10. Declaration update
This declaration may be periodically updated. All changes will be posted on this page, and the date of the last revision will be reflected.
