Privacy Policy

Information about the data controller:

Pure Pro EOOD, UIC 201622594, with registered office and registered address in. Ltd. 1515 Proy Pro, registered office No. 3 Sarantsi, represented by the manager Kamelia Yordanova Toneva

This Privacy Policy governs the relationship between the Company and the users of the Site in relation to the described activities of processing personal data.

Contact details

email: contacts@purewater.bg; phone: 028741046

In this Privacy Policy you will find detailed information about the activities we carry out when processing your personal data.


Website means http://www.acqualy.bg and all its subpages and subdomains.

Personal data means any information relating to an identified natural person or an identifiable natural person ("data subject"); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by an identifier such as a name, an identification number, location data, an online identifier or by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that

Processing means any operation or set of operations which is performed upon personal data or a set of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

controller means a natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its determination may be laid down in Union or Member State law;

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

Security of personal data

To ensure adequate data protection, we have adopted Organisational and technical security measures. We have established rules to prevent misuse and security breaches and have adopted measures to maintain the security of personal data. In order to maximize the security of the processing, transmission and storage of your data, we may use additional protection mechanisms such as encryption, pseudonymization, etc.


You have all data protection rights under the Data protection act and GDPR.

You could use your right by contacting us through our website or just by writing us an email.


You have the right to:

  • Be informed regarding the processing of your personal data
  • Access your personal data
  • Demand correction your personal data
  • Deman deletion of your personal data
  • Demand limitation of the processing of personal data
  • Portability of personal data between the controllers
  • Object against the processing of personal data
  • Be excluded from fully automated decisions
  • Protect your right in court or through administrative procedure in case of violation of data protection rights


Data subject could demand deletion in the following cases:

  • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • the data subject withdraws consent on which the processing is based and there is no other legal ground for the processing;
  • the data subject objects to the processing and there are no overriding legitimate grounds for the processing;
  • the personal data have been unlawfully processed;
  • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
  • the personal data have been collected in relation to the offer of information society to a person under 16 years.


Data subject has the right to restriction of personal data, when:

  • the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
  • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
  • the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
  • the data subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.


Portability right.

The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:

  • the processing is based on consent or on a contract pursuant to point (b) of Article 6(1); and
  • the processing is carried out by automated means


Right to make a claim

Data subject has the right to make a claim against the unlawful processing of personal data to the Data protection commission or the according court. 


Personal data records

We maintain a record of our processing activities. This record contains the following information:

  • Name and coordinates of the controller
  • Purposes of the processing
  • Description of the categories of data subjects and processed data;
  • the categories of recipients to whom the personal data have been or will be disclosed including recipients in third countries or international organisations;
  • where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1), the documentation of suitable safeguards;
  • where possible, the envisaged time limits for erasure of the different categories of data;
  • where possible, a general description of the technical and organisational security measures referred to in Article 32(1).


Authority contacts

  • Website: https://www.cpdp.bg/
  • phone number: 02/91-53-518
  • email: kzld@cpdp.bg
  • address: Sofia 1592, 2 „Prof. Tsvetan Lazarov blvd”