Terms of service

I. SUBJECT

Art. 1. These Terms and Conditions ("Terms") govern the relationship between IT Security BG Ltd., registered in the Commercial Register at the Registry Agency of the Republic of Bulgaria under UIC 204257108, with its registered office and address: Sofia, 159 Aleksandar Stamboliyski Blvd., floor 5, hereinafter referred to as the “Provider”, and the clients, hereinafter referred to as the “Users”, of this website owned by the Provider.

Art. 2. These Terms regulate the conditions for using the website of IT Security BG Ltd.

Art. 3. The website presents the company’s products and services but does not offer direct online sales. Through the website, users may send product or service inquiries via contact forms or by email.

Art. 4. The website uses the Google Analytics tool to collect anonymous statistical traffic data. Through the contact form, personal data (e.g., email addresses) are collected solely for the purpose of responding to user inquiries, in compliance with the applicable data protection legislation and the company’s Privacy Policy.

II. PROVIDER INFORMATION

Art. 2. (1) Information under the Bulgarian Electronic Commerce Act and Consumer Protection Act:

  1. Name of Provider: IT Security BG Ltd.
  2. Registered office and address: Sofia, 159 Aleksandar Stamboliyski Blvd., floor 5.
  3. Business address: Sofia, 159 Aleksandar Stamboliyski Blvd., floor 5.
  4. Contact details: Sofia, 159 Aleksandar Stamboliyski Blvd., floor 5; tel. +359877223277; email: office@itsecurity-bg.com.
  5. Company registration: Commercial Register at the Registry Agency – UIC 204257108.
  6. VAT registration: BG204257108.
  7. Address for complaints: Sofia, 159 Aleksandar Stamboliyski Blvd., floor 5; tel. +359877223277; email: office@itsecurity-bg.com; website: www.LEDProducts.eu.

(2) Supervisory authorities:

  1. Commission for Personal Data Protection (CPDP)
    Address: 2 Prof. Tsvetan Lazarov St., Sofia 1592
    Tel: (02) 915 35 19 | Email: kzld@cpdp.bg | Website: www.cpdp.bg
  2. Consumer Protection Commission (CPC)
    Address: 4A Slaveykov Sq., Sofia 1000
    Tel: (02) 933 05 65 | Hotline: 0700 111 22 | Email: info@kzp.bg | Website: www.kzp.bg

III. FEATURES OF THIS PORTFOLIO WEBSITE

Art. 3. The website is an online portfolio platform accessible at https://www.LEDProducts.eu, allowing Users to:

  1. Learn about and view the products, services, and delivery conditions offered by the Provider;
  2. Obtain information on the nature and main characteristics of the products;
  3. Send electronic inquiries through the contact interface;
  4. Be informed about their legal rights;
  5. Exercise their right of withdrawal where applicable, under the Consumer Protection Act.

Art. 4. The Provider presents products and ensures Users’ rights in accordance with the law, good faith, established business practice, and commercial usage.

Art. 5.

  1. Users may enter into a sales agreement with the Provider as described in Article 8. Contracts are concluded in Bulgarian and stored in the Provider’s database.
  2. Users can review and correct input errors before submitting the statement to conclude a contract.
  3. Upon conclusion of a contract, the Provider undertakes to organize the delivery and transfer of ownership of the selected goods.
  4. Users pay the Provider the agreed remuneration according to the terms specified in the contract and these Terms.

IV. TERMS OF USE OF THE WEBSITE

Art. 6. Acceptance of the Terms: By accessing the website, the User agrees to these Terms and undertakes to comply with them. Website use is voluntary, and Users acknowledge that their data may be processed according to the Privacy Policy.

Art. 7. User Rights and Obligations: Users must use the website lawfully and responsibly, without infringing third-party rights or regulations. In particular, Users must not:
(a) engage in illegal activities;
(b) damage the site’s functionality (e.g., by viruses, malware, or DDOS attacks);
(c) post offensive, defamatory, or discriminatory content;
(d) send unsolicited advertisements (spam).
Users are responsible for the accuracy of the data they provide via contact forms.

Art. 8. Google Analytics: The site uses Google Analytics to improve its services. Anonymous data such as page visits and geographic location may be collected. Personal identifiers (e.g., name or phone number) are not collected. Details regarding cookies and analytics tools are described in the Privacy Policy. Users have the right to refuse cookies in accordance with the Bulgarian Electronic Commerce Act and EU Regulation (GDPR).

Art. 9. Modifications and Interruptions: The administrator reserves the right to modify website content or functionality at any time. Continuous and error-free operation is not guaranteed. The Provider is not liable for temporary unavailability or interruptions beyond its control (e.g., technical failures, Internet outages, force majeure).

Art. 10. Users must provide accurate and up-to-date information in all contact forms and promptly update it when changes occur.

Art. 11. If a User provides false or incomplete information, the Provider may block or deny access to the website at its discretion.

V. INTELLECTUAL PROPERTY AND COPYRIGHT

Art. 12. All texts, images, logos, videos, databases, and other website elements are the property of IT Security BG Ltd. or authorized third parties. They are protected under the Copyright and Related Rights Act. Reproduction, distribution, or modification without explicit written consent is prohibited.

Art. 13. All company names, trademarks, and logos displayed on the website are the property of IT Security BG Ltd. or their respective owners. Unauthorized use is prohibited and will be legally pursued.

VI. DISCLAIMER

Art. 14. The website content is provided “as is” for informational purposes only. The Provider does not guarantee its completeness, accuracy, or timeliness. Users access and use the site at their own risk.

Art. 15. The website may contain links to third-party sites. These are provided solely for convenience. The Provider is not responsible for their content, privacy policies, or practices.

Art. 16. The Provider is not liable for service unavailability or damages resulting from circumstances beyond its control (e.g., force majeure, power outages, cyberattacks).

VII. PERSONAL DATA PROCESSING

Art. 17. Personal data submitted through contact or subscription forms (e.g., name, email) are processed solely for the purposes for which they were collected — responding to inquiries or sending newsletters. Processing is carried out in accordance with Regulation (EU) 2016/679 (GDPR) and Bulgarian data protection laws. The detailed rules for collection and processing are set out in the Privacy Policy, which forms an integral part of these Terms. By using the site, Users declare that they have read and accepted the Privacy Policy.

VIII. INQUIRIES AND OFFERS BY EMAIL

Art. 18. Users may submit product or service inquiries through the contact form or the provided email address. Sending an inquiry does not create any contractual obligation.

Art. 19. All inquiries are reviewed by IT Security BG Ltd., which may provide further information or a non-binding offer.

Art. 20. The Provider reserves the right to refuse processing or entering into a contract without justification.

IX. TECHNICAL STEPS FOR CONCLUDING A SALES CONTRACT

Art. 21.
(1) The User and the Provider conclude a sales contract for the goods in the Online Store according to the following procedure:

  1. The User selects one or more of the goods offered by the Provider for which a sales contract will be concluded.
  2. The User fills out an order form and provides the necessary information to identify the User as a party to the sales contract.
  3. The User selects the delivery method and provides the required information for completing the delivery.
  4. The Provider confirms the order placed by the User (accepts the User’s offer) by sending an electronic statement to the email address provided by the User or by calling the phone number provided by the User. The Provider provides the User with confirmation of the concluded contract within a reasonable time by courier or at the latest upon delivery of the goods.

X. PERFORMANCE OF THE CONTRACT

Art. 22.
(1) The Provider organizes the delivery and transfer of the goods to the User through an appropriate courier within the period agreed upon when concluding the contract.
(2) If the period in paragraph 1 was not explicitly agreed upon between the parties at the time of contract conclusion, the Provider shall organize delivery and transfer within a reasonable period. If the Provider fails to organize delivery within the specified period, they are obliged to notify the User in advance.

Art. 23.
(1) The User must inspect the goods upon delivery and transfer and immediately notify the Provider if the goods do not meet the requirements.
(2) If the User does not notify the Provider as described in the previous paragraph, the goods are considered approved as conforming to the requirements, except for hidden defects.

XI. PERSONAL DATA PROTECTION

Art. 24. Personal data are processed in accordance with IT Security BG Ltd.’s Privacy Policy, the General Data Protection Regulation (GDPR), and applicable Bulgarian legislation. The Privacy Policy is available at https://LEDProducts.eu and forms an integral part of these Terms.

XII. GOVERNING LAW

Art. 25. All matters not explicitly covered in these Terms are governed by the laws of the Republic of Bulgaria, including the Electronic Commerce Act, Consumer Protection Act, and GDPR (EU Regulation 2016/679). All disputes shall be resolved by the competent Bulgarian courts.

XIII. AMENDMENTS

Art. 26.

  1. These Terms form an integral part of the agreement between the parties.
  2. By using the site, the User acknowledges and accepts these Terms.
  3. The Provider reserves the right to amend the Terms at any time. Amendments take effect upon publication unless otherwise stated. Continued use of the website after publication constitutes acceptance of the revised Terms.

References:

[1] [6] Ciela Norma – Electronic Commerce Act – Online Laws
https://www.ciela.net/svobodna-zona-normativi/view/2135530547/zakon-za-elektronnata-targoviya

[2] Regulation 2016/679 – EN – GDPR – EUR-Lex
https://eur-lex.europa.eu/legal-content/BG/TXT/?uri=CELEX:32016R0679

[3] [4] [5] [7] [8] Terms of Use of the Website vas.bg and Rules for Using Services via Remote Access from the Website vas.bg
https://www.vas.bg/bg/a/terms

Privacy Policy

Data Controller

  • Controller: IT SECURITY BG Ltd. (UIC: 204257108), registered in the Republic of Bulgaria, with its registered office and management address: Sofia, Vazrazhdane District, 159 Aleksandar Stamboliyski Blvd., floor 5.
  • Contact: office@itsecurity-bg.com (email for questions regarding personal data).

Types of Personal Data Collected

  • Data provided by the user: e.g., first name, last name, phone number, and email address entered via the contact or subscription forms.
  • Technical and analytical data: information about website visits collected via Google Analytics — e.g., anonymized IP address, browser type and version, language settings, visited pages, visit duration, and similar. This information is collected using cookies.

Purposes of Processing

  • Responding to inquiries and requests submitted through the website’s contact form.
  • Sending a newsletter to users who have explicitly consented to subscription. These messages are sent only upon user request and are not automated marketing emails.
  • Analyzing traffic and user behavior on the website to improve the offered services, using Google Analytics.
  • Administrative purposes related to website management and maintenance.

Legal Basis for Processing

  • Consent (Art. 6(1)(a) GDPR): for sending newsletters — after the user provides explicit, informed consent (freely given, specific, informed, and unambiguous[1]).
  • Legitimate interest (Art. 6(1)(f) GDPR): for processing inquiries and analyzing traffic. Processing is necessary to respond to user requests and improve the website, while protecting the users’ interests and rights.

GDPR requires that all personal data processing be lawful and transparent[2]. We process data in strict compliance with the principles of minimization and purpose limitation (we will not collect or store more data than necessary for the stated purposes[3]).

Data Retention Period

Personal data is stored no longer than necessary for the processing purposes[3]. In this case, data (name and email) is kept for 5 years from the last contact with the user (e.g., last inquiry or subscription confirmation). After this period, the data is deleted or anonymized, unless the law requires longer retention.

Rights of Data Subjects

Under GDPR, every data subject has the following rights:

  • Right of access: to know whether and what personal data is processed and to receive a copy[4].
  • Right to rectification: to request correction of inaccurate or incomplete data[5].
  • Right to erasure (“right to be forgotten”): to request deletion of data if it is no longer needed for the stated purposes or consent is withdrawn[5].
  • Right to restriction: to temporarily halt processing of their data (e.g., while accuracy is verified).
  • Right to data portability: to receive personal data provided in a structured, commonly used, and machine-readable format or transfer it to another controller.
  • Right to object: to object to data processing on grounds of public or legitimate interest (e.g., for direct marketing).
  • Right to withdraw consent: at any time, without affecting the lawfulness of processing before withdrawal.
  • Right to lodge a complaint: to the Commission for Personal Data Protection (CPDP) in Bulgaria if rights are violated.

These rights may be exercised by contacting the Data Controller (email above) or filing a complaint with the CPDP.

Sharing Data with Third Parties

We do not share personal data with third parties except as explicitly stated in this policy. We do not use external CRM systems, marketing platforms, or services like Mailchimp. The only data transfer is with Google Analytics, which acts as a data processor on our instructions[6]. Otherwise, your data is processed internally only by the administrators.

Use of Google Analytics

Our website uses Google Analytics — a web analytics service by Google LLC — to collect anonymized traffic statistics (via cookies). You consent to the use of cookies for traffic analysis. Your IP address is anonymized, and we review only aggregated reports so no individuals are identified. Under GDPR, we are the data controller, and Google acts solely as a processor on our behalf[6].

Data Protection

IT Security BG Ltd. implements some or all of the following technical and organizational measures to protect personal data: SSL encryption, server protection, limited staff access, regular IT security audits, etc. Processing is carried out with an “appropriate level of security,” including prevention of unauthorized access, as required by GDPR[7]. This ensures the confidentiality and integrity of your data.

Contact

  • Data Protection Officer: office@itsecurity-bg.com
  • Complaints and inquiries: Commission for Personal Data Protection (CPDP), 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592; website: www.cpdp.bg.

Policy Updates

This policy may be updated due to changes in operations or legislation. Last updated: 2025.

Sources: GDPR (Regulation (EU) 2016/679) and CPDP recommendations for transparency and personal data protection[2][3][7][6][4][1].

References

[1][6] GDPR and Google Analytics
https://epis.bg/internet/gdpr-i-google-analytics/

[2][3][7] Recital 39, EU General Data Protection Regulation (GDPR)
https://www.privacy-regulation.eu/bg/r39.htm

[4][5] Rights and obligations of personal data subjects – Ministry of Economy and Industry
https://www.mi.government.bg/business-handbook-for-sme/prava-i-zadalzheniya-na-subektite-na-lichni-danni/

Let’s talk about your project.
COMPANY
Terms of ServicePrivacy PolicyHome
CONTACTS
+359 877 223277
office@itsecurity-bg.com
© 2025 Copyright IT Security BG Ltd.