Privacy Policy

Effective Date: 31 May 2026

1. Controller

KONDEVS Ltd.
Akad. Petar Dinekov 23, 1415 Sofia, Bulgaria
Email: [email protected]

2. Data We Collect

Contact Form Submissions

When you submit our contact form, we collect:

This data is processed solely to respond to your enquiry. We retain it only as long as necessary to handle your request and any related follow-up correspondence, after which it is deleted.

Website Analytics

Where enabled, we use Cloudflare Web Analytics — a privacy-first analytics service that does not use cookies and does not collect personal data. Only aggregate, anonymous traffic statistics are produced; no individual visitor is identified.

Server Logs

Our hosting provider (Cloudflare) collects standard server access logs, which may include IP addresses, browser type and pages visited. These logs are used for security and performance purposes and are retained according to Cloudflare's data retention policies.

3. Legal Basis for Processing

We process personal data on the following legal bases under the GDPR:

4. Data Sharing (Processors)

We do not sell, rent or trade your personal data. We share it only with the service providers (processors) needed to operate the site:

These processors act on our instructions under data processing agreements and process data in accordance with the GDPR.

5. International Transfers

Some of our processors (including Cloudflare and Resend) are based in the United States and may process personal data outside the European Economic Area (EEA). Where data is transferred outside the EEA, it is protected by appropriate safeguards — such as the European Commission's Standard Contractual Clauses and/or the processor's certification under the EU–US Data Privacy Framework. You can request more information about these safeguards using the contact details below.

6. Your Rights

Under the GDPR, you have the right to:

To exercise any of these rights, contact us at [email protected].

7. Cookies

This website uses one strictly-necessary, first-party cookie — csrf-token — set when you open the contact page. It protects form submissions against cross-site request forgery, contains no personal data, and expires within one hour. We do not use cookies for tracking, profiling or advertising. Cloudflare may set its own strictly-necessary cookies for security and bot protection (for example, when CAPTCHA verification is enabled on the contact form).

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including HTTPS encryption, secure email transmission, and access controls.

9. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated effective date.

10. Contact

For privacy-related enquiries, contact us at:
Email: [email protected]