GDPR

Privacy Policy

1. Introduction

“Ekon” 91 OOD (“we”, “us”, “our”, “the company”) is a registered personal data administrator with the Personal Data Protection Commission with its registered office and management address: Ruse, Western Industrial Zone, 11 Kapitan Raycho Nikolov Street.

This Personal Data Protection Policy has been prepared in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), the Personal Data Protection Act and other applicable legal acts for the protection of personal data.

We are committed to protecting the privacy of your personal data. This policy explains how we collect, use, store and share your personal data when you visit or shop on our website fortunapaints.bg.

2. Types of personal data we collect

2.1. Data you provide to us voluntarily:

  • Identification data : name, surname, personal identification number (only if necessary for issuing an invoice)
  • Contact details : email, phone number, shipping address, billing address
  • Payment details : bank card information (where applicable, but full card details are not stored by us)
  • Account data : username, password (stored in encrypted form)
  • Communication data : content of emails, messages, calls to our teams
  • Order data : purchase history, preferences, feedback

2.2. Data we collect automatically:

  • Device data : IP address, browser and device type, operating system
  • Usage data : time and duration of visits, pages viewed, navigation path
  • Location data : country and city of visit (without exact GPS coordinates)
  • Cookie data : identifiers and settings stored in cookies

3. Legal grounds for processing personal data

We process your personal data on the following legal grounds:

3.1. Contract execution

We process your personal data to fulfill our contractual obligations to you (product delivery, payment processing, customer service).

3.2. Legal obligations

We process your personal data to comply with our legal obligations (accounting, tax obligations, response to requests from government authorities).

3.3. Legitimate interest

We process your personal data on the basis of our legitimate interest such as:

  • Protecting the security of our website and data
  • Improving our products and services
  • Marketing similar products to existing customers
  • Fraud prevention

3.4. Consent

When necessary, we process your personal data based on your explicit consent, for example for:

  • Sending marketing messages and newsletters
  • Use of certain types of cookies
  • Storing your account data for future orders

Consent is voluntary and can be withdrawn at any time without affecting the lawfulness of the processing carried out before the withdrawal.

4. Purposes of processing

We process your personal data for the following purposes:

4.1. Customer service and order fulfillment

  • Creating and managing a customer account
  • Order processing
  • Product delivery
  • Payment processing
  • Responding to inquiries and resolving issues
  • Providing after-sales service

4.2. Improving the website and services

  • User behavior analysis
  • Optimizing the user experience
  • Website maintenance and functionality improvement
  • Troubleshooting technical issues

4.3. Marketing and communication

  • Sending electronic newsletters about current and future promotions (with your consent)
  • Marketing content personalization
  • Conducting marketing research and surveys (with your consent)

4.4. Protection and security

  • Fraud prevention, detection and investigation
  • Protecting our systems and data
  • Compliance with legal and regulatory requirements

5. Storage of personal data

5.1. Storage period

We only retain your personal data for as long as necessary for the purposes for which it was collected or to comply with legal requirements:

  • Order and invoice data : 10 years (according to accounting legislation)
  • Account and profile data : while you have an active account or up to 5 years after last activity
  • Marketing communication data : until you withdraw your consent or up to 5 years after the last interaction
  • Customer service data : up to 5 years after the issue is resolved
  • Technical data and cookies : from a few hours to 2 years, depending on the type of data

5.2. Data security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of sensitive data
  • Secure SSL protocol for data transmission
  • Data access control
  • Regular reviews and updates of security measures
  • Staff training on data protection

6. Sharing personal data

6.1. Internal use

Your personal data is used internally by authorized employees of “Ekon” 91 OOD to fulfill the above-mentioned purposes.

6.2. Personal data processors and third parties

We may share your personal data with:

  • Service providers : courier companies for order delivery, payment service providers, hosting companies
  • Technology partners : for website support, analytics, customer service
  • Government authorities : when required by law (tax authorities, law enforcement agencies)

All third parties processing data on our behalf are contractually obligated to maintain confidentiality and to process data in accordance with the GDPR and our instructions.

6.3. International data transfer

If we need to transfer your personal data outside the European Economic Area (EEA), we will provide adequate safeguards to protect your personal data in accordance with the requirements of the GDPR, such as:

  • Standard contractual clauses approved by the European Commission
  • Certifications for an adequate level of protection
  • Mandatory company rules

7. Your rights

Under the GDPR, you have the following rights with respect to your personal data:

7.1. Right to information

You have the right to receive transparent information about how we process your personal data.

7.2. Right of access

You have the right to receive confirmation whether we are processing your personal data and to receive a copy of it, as well as information about the purposes of the processing, the categories of personal data, the recipients, the storage period, etc.

7.3. Right to rectification

You have the right to request correction of inaccurate personal data or completion of incomplete data.

7.4. Right to erasure (“right to be forgotten”)

You have the right to request the deletion of your personal data in certain circumstances, for example when the data is no longer necessary for the purposes for which it was collected or when you withdraw your consent.

Please note that deleting your data would result in the termination of your registration on the website and would make it impossible to view its full content and make purchases.

7.5. Right to restriction of processing

You have the right to request restriction of the processing of your personal data under certain circumstances.

7.6. Right to data portability

You have the right to receive your personal data in a structured, commonly used and machine-readable format and to transfer it to another controller, where technically feasible.

7.7. Right to object

You have the right to object to the processing of your personal data where this is based on legitimate interest or for direct marketing purposes.

7.8. Right to withdraw your consent

Where processing is based on consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of the processing prior to the withdrawal.

7.9. Right to appeal

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the provisions of the GDPR.

In Bulgaria, the competent supervisory authority is the Commission for Personal Data Protection (CPDP):

  • Address: Sofia 1592, 2 “Prof. Tsvetan Lazarov” Blvd.
  • Phone: 02/91-53-518
  • Email: kzld@cpdp.bg
  • Website: www.cpdp.bg

8. How to exercise your rights

To exercise any of the above rights, please contact us via:

  • Email: gdpr@fortunapaints.com
  • Postal address: Ruse, Western Industrial Zone, 11 Kapitan Raycho Nikolov Street
  • Phone: 082495914

When requesting to exercise rights, we may request additional information to confirm your identity and prevent unauthorized access to personal data.

We will respond to your request without undue delay and at the latest within one month of receipt. In the case of complex or numerous requests, this period may be extended by a further two months, and we will notify you of such extension.

9. “Cookies”

9.1. What are cookies?

Cookies are small text files that are stored on your device when you visit our website. They help the website remember information about your visit, such as your preferred language and settings.

9.2. Types of cookies we use

  • Necessary cookies : enable basic functions such as security, identification and user cart management
  • Functional cookies : allow you to remember settings such as language, location, font size
  • Analytical cookies : help us understand how visitors interact with the website by collecting anonymous information
  • Marketing cookies : used to display relevant advertisements and measure the effectiveness of marketing campaigns

9.3. Cookie management

When you first visit our website, you will see a banner with information about cookies and the opportunity to choose which types of cookies to accept. You can change your cookie settings at any time via the “Cookie Settings” link at the bottom of our website.

You can also control cookies through your browser settings. Please note that blocking all cookies may affect the functionality of the website.

10. Marketing communications

10.1. Newsletter subscription

When you provide your email address and agree to receive marketing communications, we may use your personal data to send you information about our products, promotions and special offers that we think may be of interest to you.

10.2. Unsubscribe

There is a clear unsubscribe option in every marketing message we send. You can withdraw your consent to receive marketing messages at any time by:

  • Click the “Unsubscribe” link at the bottom of each email.
  • Change your account settings
  • Contact us at gdpr@fortunapaints.com

11. Account Security

You are responsible for maintaining the confidentiality of your password and account information. We recommend that you:

  • Use strong passwords and don’t share them with anyone
  • Log out of your account after using shared computers
  • Notify us immediately if you suspect unauthorized access to your account.

fortunapaints.bg cannot be held liable for errors that occur due to the user’s negligence regarding the security and confidentiality of their account and password.

12. Changes to the privacy policy

We periodically update this policy to reflect changes in our data processing practices and/or applicable law. The current version of the policy will be posted on our website with the date of the last update.

In the event of material changes that significantly affect the processing of your personal data, we will notify you by a visible message on our website or by email before the changes take effect.

13. Contact us

If you have any questions, comments or concerns about this Privacy Policy or the processing of your personal data, please contact us:

“Ekon” 91 Ltd.

  • Address: Ruse, Western Industrial Zone, 11 Kapitan Raycho Nikolov Street
  • Phone: 082594914
  • Data protection email: gdpr@fortunapaints.com

Last update: 01.05.2025

Youtube Facebook
Icon-Visa
Icon-Visa-El
Ikon-Mastercard
Ikon-Maestrol
Icon-Bank
Ikon-Nalojen-Platej
Ikon-paypal
Copyright © 2025 EKON -91 Ltd. - All rights reserved

082 594 910

online@fortunapaints.com

Shopping Cart
Scroll to Top

BUY MORE - SAVE MORE

Get UP TO 15% OFF!

5% discount if you buy 2 random products

15% discount if you purchase 3 or more random products