Privacy Policy

Privacy and Cookie Policy

Your privacy is of utmost importance to us here at ThinkWeb. Rest assured that any information you provide will only be used in accordance with this privacy statement. This policy may be updated or changed anytime and we encourage you to review it whenever you visit the site to make sure you understand how any personal information you provide will be used.


This Policy applies only to the use of this site ( and does not extend to other websites linked from this site. Once you click a link and leave this site, we do not have control over that website. Such sites are NOT governed by this privacy statement and we cannot be responsible for the protection and privacy of any information you provide to those sites. Exercise caution and read the privacy statement applicable to the website in question.

Grounds for collecting, processing and storing your personal data

ThinkWeb will collect, store and process your personal data according to Art. 6, Para. 1 and Recital (49) of  Regulation (EU) 2016/679 (GDPR) and in particular on the following grounds:

  • To provide you with information that you have requested or which we think may be relevant to a subject in which you have demonstrated an interest;
  • To fulfill our obligations with you when there is a legal contract in place;
  • To comply with legal obligations applicable to ThinkWeb;
  • For the purpose of the legitimate interest of ThinkWeb;
  • To ensure the network and information security of the site and systems owned and operated by ThinkWeb;
  • To manage any communication between you and us;
  • When an explicit consent is provided by you as our customer or a visitor of the site;

What information do we collect

From the first moment you interact with our website, we are collecting data. Sometimes you provide us with data, sometimes data about you is collected automatically.

Data that identifies you

Your IP address, login information, browser type and version, time zone setting, browser plug-ins, operating system and version. We collect personally identifiable information such as names and email addresses only when voluntarily submitted. The legal grounds for collecting, processing and storing data that identifies you are: consent, legitimate interest, contracts.

Data that does not identify you

We might collect and store anonymized versions of your IP address and other information sent via the browser that does not directly or indirectly identify you. The grounds for collecting, processing and storing data that does not identify you are: legitimate interest and in some cases your consent.

Technical information

To ensure that each visitor to any of our websites can use and navigate our website effectively, we collect the following:

  • Technical information, including your IP address used
  • Your login on our site, browser type and version, time zone, browser plug-ins and versions;
  • Operating system and platform;
  • Information on which pages or files you have accessed / requested from our web server;

How do we collect information from you

We collect information about you when you use our website, contact us about our products and services, subscribe to our mailing list or access restricted areas on our website.

How do we use your data

Under the GDPR and other privacy laws, we can use your data only for specific purposes and only if we have legal grounds to do so or your explicit consent.

  • Operating this website - Fulfilling your requests to browse this website, login and authentication, remembering your settings, hosting and back-end infrastructure.
  • Analyzing our web traffic - We use some of your data like, anonymized IP address, opened pages, time on site etc. to analyze the web traffic and content on the site.
  • Responding to your requests - We might use your email address or phone number to assist you with your request for information or to solve a specific issue only and when this is requested by you.
  • Marketing (with your explicit consent) - We might send you emails and other messages notifying you about new services, product updates and features or content published on our site.


Our site may place a small file, called a "cookie", on your hard drive to provide you with a better website. A cookie does not, in any way, give us access to your computer or to any personally identifiable information about you, other than the data you choose to share with us. It only helps us analyze web traffic or lets web applications respond to you as an individual. You can choose not to accept cookies by modifying your browser settings or using our cookie preference tool. At any time, you may remove any cookie stored on your hard drive by deleting them in your browser's settings section.

What kind on information is stored in the cookies?

Our cookies do not contain any personal information such as names, emails or credit card numbers.

How to manage your cookie preferences

Click on the button below to open the cookie preference too where you can select which types of cookies to be used while you are browsing our site. You can change your preferences anytime you choose.

Necessary cookies

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Name Provider Purpose Expiry Type
thinkconsent Stores the user's cookie consent state for the current domain 1 year HTTP
PHPSESSID Used for normal functioning of the site and enabling certain security features Session Session


Cookies related to statistics help us understand how visitors interact with the website by collecting and reporting information anonymously. We use Google Analytics to collect information how visitors use our website, which pages are most frequently visited and record if advertising is effective or not. Please visit Google Privacy Policy for details. If you want to opt out of Google Analytics for all sites, you can download an addon for your browser, if you wish to opt out only for our site use the cookie preference tool.

Name Provider Purpose Expiry Type

Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 2 years HTTP
Used by Google Analytics to throttle request rate Session Session
Registers a unique ID that is used to generate statistical data on how the visitor uses the website. Session Session

Data retention

All of our statistical data is kept for a period of 5 years. Other personal data that you have submitted to us is kept while it is relevant for fulfilling our services or a specific request or an issue with our system.

Your rights as a data subject

As a data subject whose personal information we hold, you have certain rights. If you wish to exercise any of these rights, please email or use the information supplied in the Privacy contact information section below. In order to process your request, we will ask you to provide additional forms of identification for verification purposes. Your rights are as follows:

The right to be informed

As a data controller, we are obliged to provide clear and transparent information about our data processing activities. This is provided by this privacy policy and any related communications we may send you.

The right of access

You can request a copy of the personal data we hold about you free of charge. Once we have verified your identity we will provide access to the personal data we hold about you as well as the following information:

  • The purposes of processing;
  • The categories of personal data concerned;
  • The recipients to whom your personal data has been disclosed;
  • The retention period or criteria for determining the retention period for that personal data;
  • When personal data was not collected directly from you, the source of the personal data;

Under some circumstances we can refuse to provide the information. In such cases you will be provided with a clear explanation why. If requests are manifestly unfounded, excessive or  repetitive in nature we may charge a fee for the administrative costs of complying with the request or deny the request.

The right to rectification

When you believe we hold inaccurate or incomplete personal information about you, you may exercise your right to rectification to correct or complete your data. This may be used with the right to restrict processing to make sure that incorrect/incomplete information is not processed until it is corrected.

The right to erasure (the ‘right to be forgotten’)

If there is no legal basis or legitimate reason for processing your personal data, you may request that we delete the data. We will take all reasonable steps to ensure that your data is erased and you will be notified upon completion.

The right to restrict processing

You may ask us to stop processing your personal data but still store it in our systems under certain circumstances:

  • The accuracy of the personal data is contested;
  • The data has been unlawfully processed;
  • We no longer need the personal data but you needs us to keep it in order to establish, exercise or defend a legal claim;
  • The right to object has been exercised and processing is restricted pending a decision on the status of the processing;

The right to data portability

You may request your personal data in a structured, commonly used and machine readable format. You can exercise this right only if the original processing was based on your consent, performance of a contract or the processing was done by automated means.

The right to object

You have the right to object to our processing of your personal data in the following cases:

  • Processing is for the purpose of direct marketing;
  • Processing is based on legitimate interest;
  • Processing is performed for the purposes of scientific or historic research;
  • Processing involves automated decision-making and profiling.

Automated decision making and profiling

We DO NOT perform any automated decision making or profiling on our site, or on the information you have submitted to us.

Data storage and transfers

We store and processes data within the scope of this policy in the European Union (EU). We have ensured that all vendors related in any way to our business have signed legally binding Data Processing Agreements and Confidentiality Agreements compliant with the requirements of the GDPR.

No personal data will be transferred to a country or territory outside the EEA unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.


All records containing personal or information of sensitive character are treated as confidential and are protected against unauthorized access, use, alteration or destruction. All electronic information is kept on infrastructure with appropriate security measures in place. More details about the specific measures taken for securing this website and the information it holds, can be found in the Security section and our GDPR Compliance notice.

All interactions with our website and services use the Transport Layer Security/Secure Sockets Layer (TLS/SSL) protocol.

Distribution of information

We never use or share any of those information in ways unrelated to the ones described above. We do not send spam and we do not sell your information to any company for marketing purposes. We may, however, share information with government agencies or other companies assisting us in fraud prevention or investigation. We may do so when: (1) permitted or required by law; (2) trying to protect against or prevent actual or potential fraud or unauthorized transactions; or (3) investigating fraud which has already taken place.

Privacy contact information

Should you have any questions, concerns, or comments please contact us directly at

Information about the Controller

ThinkWeb Bulgaria OOD
UIC: BG200583957
Address: Hayhushka Gora 37, 1680 Sofia, Bulgaria

Information about the Supervisory Authority

Commission for Personal Data Protection
Address: 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia, Bulgaria
Telephone: +359 2 915 3 518


Change history

Date Version Created by Description
24.05.2018 1.0 Goce Bonev First version of the document