Book an appointment
Book an appointment

Personal Data Policy

1. PERSONAL DATA ADMINISTRATOR

“SIRAKOVA BEAUTY” EOOD, UIC 206818134,
with registered office and address of management: town of Bansko, postal code 2770, 96 Pirin Street,
represented by Vasilka Atanasova Sirakova,

is a personal data administrator in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and the Personal Data Protection Act.

Contact
office@sirakovabeautystudios.com
+359 893 533 339
sirakovabeautystudios.com

When processing personal data, the company adheres to the principles of:
lawfulness, fairness, and transparency; purpose limitation; data minimization; accuracy; storage limitation; integrity, confidentiality, and accountability.

2. PURPOSES OF PERSONAL DATA PROCESSING

SIRAKOVA BEAUTY EOOD processes personal data for the following purposes:

  • booking and managing appointments for procedures;

  • provision of cosmetic and beauty services;

  • communication with customers (confirmations, reminders, changes to appointments);

  • issuing invoices and accounting services;

  • fulfillment of contractual obligations;

  • processing of inquiries, complaints, and reports;

  • marketing communications (only with explicit consent);

  • protection of the legitimate interests of the company;

  • video surveillance at the site for security purposes (if applicable).

3. TYPES OF PERSONAL DATA PROCESSED

Depending on the purpose, the company may process:

  • identification data (first and last name);

  • contact details (phone number, email);

  • billing information (if an invoice is required);

  • information related to health, allergies, or contraindications—only when necessary for the safe performance of a procedure;

  • IP address and technical data when using the website;

  • video surveillance recordings (if cameras are installed).

4. GROUNDS FOR PROCESSING

Personal data is processed on the basis of:

  • the explicit consent of the data subject;

  • the performance of a contract or actions upon request prior to entering into a contract;

  • a legal obligation (e.g., accounting legislation);

  • legitimate interest of the controller (e.g., property protection, video surveillance).

5. STORAGE PERIOD

Personal data is stored:

  • for the duration of the provision of services;

  • in accordance with the statutory periods for accounting documents (up to 10 years);

  • until consent is withdrawn, where processing is based on consent;

  • video recordings – for a limited period in accordance with the company’s internal rules.

After the expiry of the relevant period, the data is deleted or anonymized.

6. RIGHTS OF DATA SUBJECTS

Every person has the right:

– Right of access – to receive information about what personal data is being processed.

– Right to rectification – to request the correction of inaccurate or incomplete data.

– Right to erasure (“right to be forgotten”) – when there is no legal basis for their storage.

– Right to restriction of processing – in the cases provided for by law.

– Right to data portability – to receive your data in a structured format when the processing is automated and based on consent or a contract.

– Right to object – to the processing of data on the basis of legitimate interest.

– Right to withdraw consent – at any time, without affecting the lawfulness of the processing until the moment of withdrawal.

– Right to lodge a complaint – with the Personal Data Protection Commission:
Address: 1592 Sofia, 2 Prof. Tsvetan Lazarov Blvd.
Email: kzld@cpdp.bg
Website: www.cpdp.bg

7. PERSONS WHO HAVE ACCESS TO THE DATA

Only employees or external partners (accountants, IT support, etc.) have access to personal data when this is necessary for the performance of their duties and in compliance with confidentiality requirements.

8. PROVISION OF PERSONAL DATA TO THIRD PARTIES

Personal data may be provided:

  • to state authorities when legally required;

  • to accounting and banking institutions;

  • to IT service providers or reservation management software providers;

  • to courier or payment operators (if applicable).

All external processors are contractually obliged to guarantee data protection.

9. TECHNICAL AND ORGANIZATIONAL MEASURES

SIROKOVA BEAUTY Ltd. implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or unlawful disclosure.

10. CONTACT FOR QUESTIONS RELATED TO PERSONAL DATA

For all questions related to the processing of personal data, you can contact us at:

📧 office@sirakovabeautystudios.com
📍 Bansko, Pirin St. No. 96

Обадете ни се Имейл