Data for the controller of personal data

Comeco Inc., registered in the Commercial Register at the Registration Agency, EIK 160116117, with registered office: Bulgaria, Plovdiv 4000, Slavyanska St. 88, is a personal data controller within the meaning of Regulation (EU) 2016/679 of the European Parliament and of Council of 27 April 2016 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC (hereinafter “the Regulation”) and the Personal Data Protection Act (hereinafter “PDPA”).
The website is owned and operated by Comeco in full compliance with the provisions of the Regulation and the PDPA.
Administrator contact details
Phone: +359 (32) 621 770


This Policy aims to inform about the principles and manner in which Comeco, in its capacity as an administrator, processes personal data of users of the company’s website and of the user’s national telephone number, the type of data it processes, as well as the rights of the persons whose personal data is processed. This Policy, among others, has been adopted and published in fulfillment of Comeco’s obligations under Art. 13 and Art. 14 of the Regulation.
In the event that you have questions or need additional information regarding your personal data, rights and privacy, please contact Comeco at the contact details specified in item 1 above.

Processing principles. Plea.

The protection of personal data is a priority at Comeco. Comeco does not sell personal data collected by the company to third parties, nor process or provide such data to third parties without a legal basis for doing so under the Regulation and the PDPA. Comeco processes and provides personal data to third parties only when there is a valid legal basis for doing so, including express and freely given consent under the Regulation and/or on another basis for processing provided for in the Regulation and the PDPA.
Comeco may be required by law, in legal/arbitration/enforcement/enforcement proceedings and/or at the request of a competent authority to disclose personal data, as well as if it is necessary for the purposes of national security, law enforcement or other cases provided by law .
Personal data may also be disclosed if such disclosure is reasonably necessary to protect Comeco’s legitimate interests. In addition, in the event of conversion or sale of all or part of the commercial enterprise, it is possible for Comeco to transfer collected personal data to the relevant newly formed/transformed company or successor company.
Comeco processes personal data in strict compliance with the principle of maintaining a minimum of processed personal data necessary for specific, justified and legitimate purposes (need-to-know principle).

Personal data

Personal data is any information related to an identified natural person or a natural person who can be identified on the basis of the relevant data.

Purposes for processing personal data

Comeco collects and processes the personal data that is necessary to carry out its activities. Comeco processes personal data of users on the site and on the company’s phone, when an inquiry, claim, complaint, complaint or other signal is submitted by a user through the contact form on the site, by email or by phone. The processing of personal data is for the purpose of:

  • Comeco to respond and take action on the submitted inquiry, claim, complaint, complaint or other signal from a user;
  • Comeco to maintain accountability regarding submitted inquiries, claims, complaints, appeals or other signals from users, incl. for the purposes of control and supervision by public authorities and proceedings before them.

With the user’s consent, or where permitted by law, Comeco may use users’ personal data, namely email address and names, for marketing purposes, including contacting the user to provide information, news and offers. If they have agreed to receive such marketing information, users can withdraw their consent at any time through the functionality provided in each marketing email (link) for this purpose.

Categories of processed personal data

Comeco processes the following categories of personal data of the following persons – users of the website and the company’s national telephone number:
• For natural persons who have submitted an inquiry, claim, complaint, complaint or other signal, Comeco processes the personal data that the user himself voluntarily indicated in the contact form, telephone conversation, e-mail or other correspondence with the company (and thus consented to their processing). The Company requires the User’s name, telephone and contact address as a minimum to perform a verification and prepare a response to the User.
When users send an inquiry, claim, complaint, complaint or other signal to Comeco through the contact form on the site, by email or through the national telephone number of the user, it is assumed that the users have given their free, express and informed consent to the processing of personal data, voluntarily included by them in the relevant inquiry, claim, complaint, complaint or other signal.

Security measures

Comeco takes sufficient technical and organizational measures to protect the personal data it processes against theft, misuse, unauthorized access, unauthorized disclosure, unauthorized destruction or any other unlawful processing or disposal of such data.
All representatives and employees of Comeco, as well as all interlocutors of the company, are obliged to observe confidentiality and strictly apply the legislation in the field of personal data protection.
When users send an inquiry, claim, complaint, complaint or other signal to Comeco through the contact form on the site, by email or through the user’s national telephone number Comeco may provide the personal data of these users to: (a) employees of the company in its department in Quality Control and Marketing Department; (2) employees of the company in managerial positions, namely the director of the production department, the director of the sales department, the director of the logistics department and the relevant regional sales manager, as the case may be; (3) external consultants of the company in order to protect its legitimate interests; (4) state authorities in the exercise of their powers and for the purposes of the relevant proceedings before these authorities.
For cases where Comeco provides personal data to third parties, the company implements mechanisms, including contractual ones, to ensure that this data is processed and protected in accordance with applicable legislation.

Storage terms

Comeco observes the principle of data storage only for the period for which its storage is necessary to fulfill the purpose for which it was collected, unless the law provides for storage for a longer period.
Comeco deletes and deletes the personal data related to complaints, claims, appeals and other signals regarding the company’s products immediately after the expiration of the legal terms for carrying out checks by an administrative authority, for imposing sanctions for compliance with the legislation, incl. this for consumer protection and competition protection, and for making legal (judicial/out-of-court) claims by a user against the company.
Comeco deletes and deletes personal data related to inquiries made by users about the company’s products no later than 6 months after the end of correspondence with the user regarding the inquiry.

Rights in relation to personal data

Under the Regulation and the PDPA, data subjects have the following rights at all times: (1) the right to access their personal data processed by Comeco; (2) the right to request the correction of inaccurate data, deletion (if there is a legal basis for this), restriction or blocking (if there is a legal basis for this) of the processing of their personal data processed by Comeco; (3) right to data portability if the conditions for this are met according to the Regulation; (4) the right to object at any time to the processing of their personal data, as well as the right to withdraw their consent to processing, without affecting the legality of the processing until its withdrawal, when there are legal grounds for this; (5) the right to appeal to the Commission for the Protection of Personal Data (PCPD) if they consider that their rights in relation to the protection of their personal data have been violated.
Comeco may refuse to comply with requests to exercise rights when there is a reason for doing so provided for in the Regulation and the PDPA, incl. when the requests are unreasonably repeated, require excessive effort and/or costs for the administrator, when they are clearly unfounded, and when they threaten or violate the privacy and rights of other users.

Effectiveness and Update

This policy is effective on 05/25/2018. Comeco may amend and update this policy by posting any amendment/update on the company’s official website, and Comeco may, at its discretion, take other actions to notify users for the amended or updated policy.