PRIVACY POLICY

1. Data Controller

The Data Controller within the meaning of Regulation (EU) 2016/679 (GDPR) is:

“VAIOS” Ltd.
UIC: 203762342
Registered office and address of management (according to the Commercial Register):
Republic of Bulgaria, Sofia

E-mail: office@veldim.com
Website: www.vaios.bg   www.veldim.com

2. Contact Details of the Data Protection Officer (DPO)

For all questions related to the protection of your personal data, you may contact us at:

E-mail: office@veldim.com
Phone: +359 878 310 010

3. Categories of Personal Data We Process

VAiOS processes only personal data necessary for the provision of its services, namely:

• First and last name

• Address

• Telephone number

• E-mail address

❗ We do not process special categories of personal data within the meaning of Article 9 of the GDPR.

4. Legal Grounds for Processing

Personal data are processed on one or more of the following legal grounds:

• Article 6(1)(a) – explicit consent

• Article 6(1)(b) – performance of a contract or pre-contractual relations

• Article 6(1)(c) – compliance with a legal obligation

• Article 6(1)(f) – legitimate interest of the controller

5. Purposes of Processing

Personal data are processed for the following purposes:

• handling inquiries submitted via the website;

• communication with clients and partners;

• conclusion and performance of contracts;

• fulfillment of accounting and legal obligations;

• ensuring information security;

• statistical analysis and improvement of services.

6. Data Retention Periods

After the expiration of these periods, the data are deleted or anonymized.

7. Disclosure of Personal Data to Third Parties

VAiOS may provide personal data only to data processors with whom it has concluded data processing agreements, including:

• SuperHosting.BG – hosting services

• Google LLC – analytics services (Google Analytics 4)

• Meta Platforms Inc. – social plugins

In case of data transfer outside the EU, Standard Contractual Clauses (SCC) are applied.

8. Cookies

The website uses cookies to ensure its normal functionality and to analyze traffic.

Upon your first visit, you will receive a cookie management banner allowing you to:

• accept all cookies;

• reject non-essential cookies;

• manage your preferences.

Detailed information is available in the Cookie Policy.

9. Rights of Data Subjects

You have the right to:

• receive information about the personal data we process;

• access your personal data;

• rectify inaccurate data;

• request erasure (“right to be forgotten”);

• restrict processing;

• data portability;

• object to processing;

• withdraw your consent at any time.

Requests should be sent to: office@veldim.com

10. Personal Data Security Breaches

In the event of a personal data breach, VAiOS:

• notifies the Commission for Personal Data Protection (CPDP) within 72 hours;

• informs the affected individuals when there is a high risk to their rights and freedoms.

11. Use of the Website by Children

The website is not intended for persons under the age of 14.
Personal data of children under this age are processed only with the consent of a parent or legal guardian.

12. Right to Lodge a Complaint

If you believe that your rights have been violated, you have the right to lodge a complaint with:

Commission for Personal Data Protection (CPDP)
https://www.cpdp.bg/

13. Policy Updates

This Privacy Policy may be updated in the event of changes in legislation or in the activities of VAiOS.
The version applicable is the one published at the time of using the website.

Last update: 15.01.2026
Version: 2