top of page

Privacy

Policy

Last updated: 23.12.2025

This Privacy Policy explains how Spring of Things Ltd., based in Bulgaria, collects, uses, and protects personal data when you visit our website or contact us through our contact form.

We are committed to protecting your privacy and processing your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Bulgarian and EU data protection laws.

1. Data Controller

The data controller responsible for the processing of your personal data is:
Spring of Things Ltd.

Address: Mladost 4 403-5-22, Sofia, Bulgaria

Email: b.djenev@springofthings.com

2. Personal Data We Collect

When you contact us through our website contact form, we may collect the following personal data:

  • First name

  • Last name

  • Email address

  • Phone number

  • Any information you choose to include in your message

We do not collect special categories of personal data (such as health or biometric data).

3. Purpose of Processing

We process your personal data for the following purposes:

  • To respond to inquiries sent through the contact form

  • To communicate with you regarding potential or existing projects

  • To take steps prior to entering into a contract, if requested

Your personal data will not be used for marketing purposes unless you have given explicit consent.

4. Legal Basis for Processing

The legal basis for processing your personal data under GDPR is:

  • Legitimate interest(Article 6(1)(f) GDPR) – to respond to inquiries and communicate with potential or existing clients; and/or

  • Steps prior to entering into a contract (Article 6(1)(b) GDPR), where applicable.

5. Data Retention

We retain personal data submitted through the contact form only for as long as necessary to fulfill the purpose for which it was collected, or as required by law.

Typically, contact form submissions are retained for up to 24 months, unless a longer retention period is required due to an ongoing business relationship or legal obligation.

6. Data Sharing and Transfers

We do not sell or rent your personal data to third parties.
Your data may be processed by trusted service providers only where necessary, such as:

  • Website hosting providers

  • Email service providers

If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place in accordance with GDPR.

7. Data Security

We take appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or alteration.

However, no method of transmission over the Internet is completely secure, and we cannot guarantee absolute security.

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • The right to access your personal data

  • The right to rectification of inaccurate or incomplete data

  • The right to erasure ("right to be forgotten")

  • The right to restriction of processing

  • The right to data portability

  • The right to object to processing based on legitimate interests

  • The right to lodge a complaint with a supervisory authority

In Bulgaria, the supervisory authority is the Commission for Personal Data Protection (CPDP).

9. How to Exercise Your Rights

To exercise your rights, please contact us at:

Email: b.djenev@springofthings.com

We will respond to your request within the time limits required by GDPR.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.

We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have any questions about this Privacy Policy or how we process personal data, please contact us at:

Spring of Things Ltd.Email: b.djenev@springofthings.com

bottom of page