top of page

PRIVACY POLICY

With this Privacy Policy ("Policy"), we will inform you how we process your personal data, what your rights are, and how the law protects you. In case of legislative changes at the national or European level, including the General Data Protection Regulation ("Regulation"), we may make changes to this Policy, and we will notify you promptly by publishing the changes in this section of our website. We may need to ask you to accept the changes or give your consent again for the use of your personal data.

 

If you have concerns or questions regarding this Policy or our data processing practices, you can contact us using the contact details provided below. If there are any terms in this Policy that you do not agree with, please discontinue your visit and use of the Site and Services.

 

Your Personal Information


The Policy explains how we collect and process your personal data when you visit and use the hourtherapy.bg website (the "Site") and any services presented on and/or provided on/through/in connection with it, including marketing, information campaigns, promotions and other events (collectively, the "Service(s)"). Personal Data means any information or set of information that identifies or could be used to identify you (together with other information). This includes information you share with us, what we learn from you, and the choices you make about the marketing messages you want us to send to you. 

 

Who processes your personal data?

 

The processing of personal data collected when using the Site and/or Services is carried out by its operator: 

 

hOUR SPACE Ltd., UIC 205551917

Registered at the address: Sofia, 38 Ivan Vazov Str., floor 2

Telephone: 0882 008 317

Email: hello@hourspace.bg

("we", "us", "our")

 

We operate the Site and provide the Services, and are therefore personal data administrators within the terms of this Policy and applicable law.

 

How do we collect your personal data?

We only collect personal data that you have voluntarily provided to us according to the purpose for which we process it: 

– Internet Protocol (IP) address required to establish a connection between your device and the Internet;

 data you give us when you submit a request to use our Services through the Site;

– data you share with us when you make a booking to use our Services through other tools and platforms we provide you access to in connection with providing the Services;

– data you share with us when you speak to us by phone;

– data you send us in emails or letters to us;

– data relating to your participation in our promotions or events;

– data you send to us in the form of feedback.

 

Categories of data we collect about you:

We may collect, use, store and transfer different types of personal data about you, which we have grouped as follows:

  • data about your identity - names;

  • contact details - postal and/or email address and/or telephone numbers;

  • marketing and communication data - names and email according to your settings to receive marketing and other messages from us.


We do not collect sensitive personal data about you. This includes details of your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data. We also do not collect information about criminal sentences or committed criminal offences.

For what purpose do we process your personal data?

Your personal data is legally protected.

We are only allowed to process your personal data for legitimate purposes. The purposes outlined in this Policy are:

  • To process bookings for the provision of the Services;

  • To respond to enquiries;

  • To send you special offers and information about Services that may appeal to you;

  • To send you newsletters if you have subscribed to them;

  • To enable you to access our social networks and media accounts;

  • To keep statistics on the Site's traffic and usability;

  • To ensure the smooth and error-free functioning of the Site;

  • To improve the user experience of using the Site and Services;

  • To provide assistance in using the Site/Services;

  • To perform our administrative duties.

 

On what basis do we process your personal data?

Depending on the purposes for which we process your personal data, we have various legal grounds for processing and process your personal data only to the extent that such a basis exists:

 

  1. The data we collect to provide the Services to you is processed on the basis of a contract concluded for your benefit with your employer.   

  2. If you send us enquiries via the contact form on the Site or contact us by telephone or email, the data you provide in the enquiry form and other contact details you share with us when reaching us will be stored for the purposes of processing your enquiry and follow-up questions. If your enquiry relates to the execution of a contract with us or to a pre-contractual relationship, the processing of such data is based on that contractual/pre-contractual relationship. In all other cases, processing is based on our legitimate interest in processing enquiries to us efficiently or on your consent if necessary.

  3. The data we collect through cookies is processed on the basis of our legitimate interest in ensuring the proper functioning of the Site. If we use cookies for purposes other than providing the functionality of the Site, we will ask you to explicitly consent to our use of the relevant cookies and the processing of the information we obtain through them. In this case, you will have the right to withhold your consent to access your personal data through cookies other than the so-called "necessary cookies" as described below in this Policy, without affecting the entering into and/or execution of a contract with us; however, withholding consent to the use of certain types of cookies may result in the loss and/or unavailability of certain functionality of the Site provided through the relevant cookies.

  4. The data we collect and share through third-party services and tools is processed based on either our legitimate interest in making the Site and Services more attractive to users or your explicit prior consent. The differing cases are described below in this Policy.

  5. The data we collect to send you newsletters and interesting offers is processed on the basis of your explicit prior consent. You can learn more about your options regarding data processing for these purposes in the relevant sections of this Policy below. In this regard, it is important to know that, if your personal data is processed on the basis of your consent, you can always withdraw such consent by notifying us by email or by following the link provided for this purpose in the relevant communication. Please note that the lawfulness of data processing carried out prior to the withdrawal of your consent remains unaffected by the withdrawal.

  6. In addition, we may process and store your personal data to protect our legitimate interests in fulfilling our administrative and/or contractual obligations arising from applicable laws and regulations (such as accounting, statistics, taxation, responding to requests from public authorities, etc.).

 

Who do we share your personal data with?

Occasionally, in order to enable access and full functionality of the Site and/or to provide the Services, we may share your personal information with outside service providers.


We require all service providers with whom we share your information to maintain the security of your personal information and to treat it in accordance with the law. We do not allow any of our service providers to use your personal data for their own purposes and only allow them to process your personal data for certain purposes and in accordance with our instructions.

 

External hosting


The website is hosted by Superhosting.BG Ltd, Iztok, 36 G. M. Dimitrov Blvd., 1797 Sofia, Bulgaria (Superhosting.BG) as an external service provider. Personal data collected through our website is stored on Superhosting.BG's servers. Such data may include IP addresses, meta and communication data, contact details, website access and other data generated through the Site.


Superhosting.BG is used for the purpose of executing the contract with our potential and existing customers and in the interest of safe, quick and efficient delivery of our Services by a professional provider. In order to ensure data protection compliant processing, we have entered into a data processing agreement with Superhosting.BG


Superhosting.BG will only process your data to the extent necessary to perform its service obligations to us and will follow our instructions regarding such data processing.

 

Social media plugins

 

Social media and networking plugins are implemented on the Site. Such plugins can be identified by the respective logo of the social media or network. 

 

By clicking on a button with the logo of the relevant social network, you agree to a direct connection with the server of the operator of that social network, whereby that operator receives information about your visit to our Site. If at the same time you are logged into your account on the relevant social network, its operator will be able to link your visit to our Site to your profile on that social network. 


Please note that we, as the operator of the Site, do not receive information about the data provided to social media and networks and their use. Information about this can be obtained from the privacy policy of the relevant social media or network.

Transfer of personal data to third party countries

 

Personal data you share with us may be transferred to our subcontractors based in third party countries (outside the EU). Such transfers are made on the basis of the data protection safeguards provided for in the Regulation and in particular:

  • Standard data protection clauses. Transfer of data shall be made in accordance with Article 46 of the Regulation to recipients who have entered into a contract approved by the European Commission for the transfer of personal data outside the European Economic Area;

  • Other means. In accordance with Articles 45 and 46 of the Regulation, personal data may also be transferred to recipients located in a country for which an adequate level of data protection has been decided by the European Commission, pursuant to an approved certification mechanism or code of conduct, together with binding enforceable commitments by the recipient to implement appropriate safeguards, including with respect to the rights of data subjects, or to processors who have committed to comply with binding corporate rules.

 

Processing of personal data of children

 

We do not intentionally collect data relating to children.

 

Not providing personal data

In cases where we need to process your personal data in connection with our legal or contractual obligation, and you are unable to provide that data upon request, we may not be able to fulfil our existing obligation (for example, to provide you with the Services). In this case, it may be possible that we will not provide the Services, but we will notify you accordingly.

 

Data protection

We have appropriate security measures in place to prevent accidental loss, use or access to your personal data by unauthorised means, alteration or disclosure. In addition, we restrict access to your personal data to those employees, external service providers and other third parties who have a legitimate right to access it. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

 

For security reasons and to protect the transfer of confidential content, such as orders or enquiries you send to us as the operator of the Site, this Site uses SSL encryption. You can recognize an encrypted connection by the fact that the browser address line changes from "http: //" to "https: //" and by the lock symbol. When SSL-encryption is enabled, the data you send to us cannot be viewed by third parties.

 

We have procedures in place to deal with any suspected personal data breach and will notify you and the relevant authorities of a breach where we are legally obliged to do so.

 

How long will we store your personal data?

 

Unless a specific storage period is specified in this Privacy Policy, we will only store your personal data for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting or reporting requirements.


To determine the appropriate storage period, we consider the volume, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes by other means, and applicable legal requirements.

Data collected through cookies or third party services and/or tools as described in this Policy will be stored for the period specified in the relevant section of the Policy. 


If you make a legitimate request for the deletion of your data, or withdraw your consent to the processing of your personal data, your data will be deleted unless we have other legitimate grounds for storing your data (e.g. storage periods for commercial or tax purposes, limitation periods); in the latter case, deletion takes place after the relevant ground for storage has lapsed.


Marketing

We may use your personal information to inform you about our Services and upcoming offers. We may only use your personal information to send you marketing materials if we have your consent or legitimate interest to do so. 

 

IF YOU HAVE GIVEN YOUR CONSENT TO RECEIVE SUCH MARKETING MATERIALS, YOU MAY OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH DIRECT MARKETING. UPON EXERCISE OF THIS RIGHT, WE WILL NO LONGER USE YOUR PERSONAL DATA FOR MARKETING PURPOSES.  

 

To object to the processing of your personal data for direct marketing purposes, you can follow the link provided for this purpose in the relevant marketing material or email us at connect[at]hourspace.bg. 

 

Cookies

 

"Cookies" are text files stored on your device to collect information about your user behaviour. When you visit the Platform, we automatically collect information from you using cookies or similar technology.

 

Based on our legitimate interests in ensuring and improving the functionality and user experience of visiting and using the Site, we may use cookies that are necessary for the operation of the Site. Other types of cookies can only be applied with your consent. In these cases, the first time you visit the Site, you will be prompted to select the cookies you wish to allow access to your device. If you change your mind later, you may change your cookie settings or withdraw your consent to the use of cookies other than those required.

 

Your rights

 

The Regulation guarantees you a set of rights that you can exercise in relation to your personal data processed by us. Specifically, you have:

  • Right of access: you have the right to access information about the categories of personal data processed, their source, recipients of your personal data, the purposes of the processing and other information related to the processing, where applicable. Such information will generally be provided free of charge, although we may charge a reasonable administrative fee upon request for additional copies;

  • Right to correction: you have the right to question any information we store about you that you believe is incorrect; or incomplete;

  • Right to be "forgotten": you can ask us to delete your personal data under certain conditions;

  • Right to object to processing: under certain conditions you have the right to object to the use of your personal data;

  • Right to restriction of processing: under certain conditions you can ask us to restrict the processing of your personal data;

  • Right to transferability: ​you have the right, under certain conditions, to ask us to transfer your personal data processed by us to another organisation or directly to you;

  • Right to file a complaint: you have the right to file a complaint with a supervisory authority, including in the country of your usual residence, place of work or place of the alleged infringement. The competent supervisory authority for our personal data processing activities is the Data Protection Commission, 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia, Bulgaria, Tel. +359 2 915 3555, Fax +359 2 915 3525, Email: kzld@cpdp.bg, Website:  http://www.cpdp.bg/ 

 

If you wish to exercise any of the rights listed, please contact us by email at hello@hourspace.bg. We will respond to such request within one month.

 

Privacy policies of other websites

 

This Site contains links to other websites, including social media and networking sites. This Policy applies only to our Site. If you choose to follow a link to another website, please note that our Policy does not apply to your visit to and use of other websites, even if they are accessed through a link from our Site. You should therefore read the privacy policy of the website you are accessing through a link from this Site.  

 

bottom of page