Privacy Policy


The current privacy policy is an integral part of the General Terms of DXA Soft and covers matters related to personal data, including what information we collect as the Administrator of personal data, how we use it, and what rights users have in this regard.

DXA Soft acts as the data controller in accordance with Regulation (EU) 2016/679 (referred to below as the Regulation).
Administrator's identification:
DXA Soft
Headquarters and management address:
Plovdiv, Stamat Ikonomov 13 B
Company ID:
VAT number:
Responsible person:
Hristo Dimitrov, Dejan Pandurski, Aleksandar Chernozemski

DXS Soft treats as personal data any information that identifies a specific individual or relates to an individual through which that person can be identified. Processing of personal data constitutes an action or a set of actions that can be carried out concerning personal data using automatic or other means.

I. How do we collect information about you?

  1. We collect personal data with explicit consent from the concerned individual. When you register on our website or use any of the forms, you voluntarily provide us with specific information, which we process and store. This information may include: name, middle name, surname, email address, phone number, comments, and any other information you provide us. You may choose to share location data or photos with us. We may prefer to limit the volume of data we store and process, depending on the processing purposes. In contractual relationships, for the fulfillment of the contract, we necessarily obtain the following personal data: name, middle name, surname, personal identification number, address, email, phone number.
  2. In case you decide to purchase a product or order a specific service through the website, we collect information about the address, phone number, and details of the product or service you have ordered.
  3. When connecting your profile with your Facebook or Google profile or with other third-party services, we receive information from those profiles (for example, friends or contacts). The information we receive from these services depends on the settings and privacy statements, so each individual should verify what they are.
  4. Additionally, we collect technical information when you use our website. Each time you use the site or any other internet service, the system automatically generates and records specific information. Here are some of the categories of information we collect:
    1. Data in log files: When you use the site, our servers record information ('log data'), including information that your browser automatically sends when you visit a website or use your mobile application. This log data includes the internet protocol address, the address and activity of the websites you visit, searches, browser type and settings, date and time of your request, how you used the site, cookie data, and device data. If you wish to receive more details about the information we collect, please contact us using the contact form.
    2. Cookie data: We also use "cookies" (small text files sent from your computer each time you visit our website) or similar data capture technologies. When using "cookies" or similar technologies, we employ session cookies (which continue until you close your browser) or persistent cookies (which continue until you or your browser delete them). For instance, we use cookies to store your language preferences or other settings, so you don't have to adjust them each time you visit the site. Some of the cookies we use are linked to your profile (including information about you, such as the email address you provided), while others are not. For more detailed information about how we use cookies, please review our "cookie" policies.
    3. Device information: In addition to data in the log, we collect information about the device you use to access our website, including device type, operating system, settings, unique device identifiers, and crash data that help us understand when something breaks. Whether we collect part or all of the information often depends on the type of device you use and its settings. For example, there are different types of information depending on whether you use a Mac, a computer, an iPhone, or an Android phone. To learn more about what information your device makes available to us, please check the manufacturer's device policies or software provider.

II. What we do with the information we collect. Purposes and processing time:


DXA Soft processes and stores the above-mentioned personal data solely for the purpose of fulfilling its contractual obligations, specifically for processing user requests, conducting deliveries, as well as for the following purposes:

  1. Based on Article 6, point 1, letter b of the Regulation – for the establishment of pre-contractual relations;
  2. Based on Article 6, point 1, letter b of the Regulation – for the fulfillment of already arising contractual obligations.
  3. Based on Article 6, paragraph 1, letter a and Article 7 of the Regulation – for non-personalized advertising;
  4. Based on Article 6, paragraph 1, letter a and Article 7 of the Regulation – for personalized advertising;
  5. Based on Article 6, paragraph 1, letter e – for marketing purposes.
  6. Based on Article 6, paragraph 1, letter e of the Regulation – for retargeting related to marketing, remarketing, or optimization purposes.


Data is stored and processed as long as the user account is active and for 1 year after its deactivation or deletion, and as long as it is necessary for providing our services. In the event of a corresponding request, the information is promptly destroyed.

III. Rights you may exercise regarding your personal data:

All rights are exercised, and respective requests and notifications concerning data subjects' rights are submitted through the CONTACT FORM FOR QUERIES RELATED TO PERSONAL DATA via email or by mail to the management address indicated above. Requests are made in a manner that allows the identity of the applicant to be identified. With respect to some rights, technical options for their exercise may be applicable, such as an Unsubscribe button. In all cases, the administrator must respond to the request or address the declared right to the provided contact address or email in a period of one month from receiving it.

According to the General Data Protection Regulation, the data subject has the right to:

The individuals have the right to file a COMPLAINT against the controller and/or processor of personal data for violations of their rights under Regulation (EU) 2016/679 and/or the Personal Data Protection Act, or to lodge a REPORT of a breach of legislation when your rights are not affected.
The complaint or report must contain:

You can file a complaint or report to the Commission for Personal Data Protection in one of the following ways: