loading...
loading...

Privacy Policy

 

Effective date: 1 June 2026 Version: 2.0

This Privacy Policy explains how we collect, use, share, and protect personal data when you visit our website, contact us, or use the Trackian platform and related services (the “Service“). It also explains your rights under applicable data-protection law, including the EU General Data Protection Regulation (“GDPR“) and the Bulgarian Personal Data Protection Act.

Please read this Policy together with our Terms & Conditions, which govern your use of the Service.


1. Who we are

TRACKIAN Ltd. (in Bulgarian: Тракиан ООД) is the controller responsible for the personal data described in this Policy, except where we act as a processor (see Section 5).

Registered name TRACKIAN Ltd. / Тракиан ООД
UIC (ЕИК) 207030368
VAT number BG207030368
Registered office Office 6, 19 Krayrechna Street, 6500 Svilengrad, Bulgaria
Phone +359 890 450 550
Email info@trackian.com

If you have any questions about this Policy or how we handle your personal data, please contact us at info@trackian.com.


2. Scope of this Policy

2.1. This Policy applies to personal data we process as a controller — that is, where we decide how and why the data is used. This covers, for example:

  • visitors to our website;
  • individuals who contact us or request information;
  • account holders, users, and billing contacts of the Service;
  • prospective business customers we reach out to.

2.2. This Policy does not cover personal data that may be contained in the marketing and analytics data we process on behalf of our customers through the Service (for example, data ingested from Google Ads, Meta Ads, Google Analytics 4, or Google Tag Manager). For that data we act as a processor, not a controller — see Section 5.


3. The personal data we collect

Depending on how you interact with us, we may collect the following categories of personal data.

3.1. Account and identity data. Name, business email address, job title, company name, and login credentials when you register for or use the Service.

3.2. Billing data. Billing name, business address, VAT number, and transaction records. Card payments are processed by our payment provider, Stripe — we do not store your full card details.

3.3. Usage and technical data. Information about how you use the Service and our website, such as IP address, device and browser type, log data, pages viewed, and actions taken within the Service.

3.4. Communications and support data. The content of messages, support requests, and other correspondence you send us, including via email, phone, or scheduling tools.

3.5. Prospect and marketing data. Business contact details (such as name, company, role, and business email) that we collect when we identify potential business customers or partners, including from publicly available and professional sources.

3.6. Cookies and similar technologies. Data collected through cookies and similar technologies on our website — see Section 6.

We do not intentionally collect special categories of personal data (such as health or biometric data), and we ask that you do not provide such data to us.


4. How we use personal data and our legal bases

We use personal data for the purposes below, relying on the corresponding legal bases under the GDPR.

4.1. To provide and manage the Service — creating and administering your account, delivering the platform’s features, and providing support. Legal basis: performance of a contract with you (or your organisation).

4.2. To process payments and manage billing — invoicing, collecting Fees, and maintaining financial records. Legal basis: performance of a contract; and compliance with our legal (accounting and tax) obligations.

4.3. To operate, secure, and improve the Service and our website — monitoring performance, preventing fraud and abuse, ensuring security, and developing new features. Legal basis: our legitimate interests in running and improving a secure, reliable service.

4.4. To communicate with you — responding to enquiries, sending service-related notices, and providing important information about the Service. Legal basis: performance of a contract; and our legitimate interests in communicating with our users.

4.5. For business-to-business marketing and prospecting — contacting potential business customers and partners with relevant information about Trackian. Legal basis: our legitimate interests in promoting our business to relevant organisations, balanced against your rights (see Section 12); or your consent where required.

4.6. To comply with law — meeting our legal, regulatory, accounting, and tax obligations, and responding to lawful requests. Legal basis: compliance with a legal obligation.

Where we rely on legitimate interests, we have assessed that our interests are not overridden by your rights and freedoms. You may ask us for more information about this assessment, and you have the right to object (see Section 11).


5. Our role as a data processor

5.1. When you use the Service, Trackian accesses and processes marketing and analytics data from the platforms you connect (such as Google Ads, Meta Ads, GA4, and GTM). Where that data includes personal data, Trackian acts as a data processor and processes it on the documented instructions of our customer, who is the controller.

5.2. This processing is governed by our Terms & Conditions and, where applicable, our Data Processing Agreement, rather than by this Policy. If you are an individual whose personal data appears in that data (for example, because you interacted with one of our customers’ ads or websites) and you wish to exercise your rights, please contact the relevant Trackian customer, who is the controller of that data. We will support our customer in responding to such requests as required by law.


6. Cookies and similar technologies

6.1. Our website uses cookies and similar technologies to function and to help us understand how the site is used.

6.2. We use:

  • Essential cookies, which are necessary for the website and Service to work and do not require consent; and
  • Analytics and functional cookies, which help us measure and improve website usage and are used only with your consent where required.

6.3. You can manage your preferences through the cookie settings on our website and through your browser settings. Blocking some cookies may affect how the website functions. Full detail about the specific cookies we use, their purposes, and their duration is set out in our separate Cookie Policy, available on our website.


7. How we share personal data

We do not sell personal data. We share it only in the following circumstances:

7.1. Service providers (sub-processors). We use trusted third parties to help us operate the Service and our business, who process personal data on our behalf under appropriate contractual safeguards. These include:

  • Google Cloud — hosting and infrastructure (EU region);
  • Stripe — payment processing;
  • Google Workspace — email and productivity;
  • scheduling and communication tools used to arrange and conduct meetings.

We may use additional service providers from time to time and maintain a current list, which is available on request.

7.2. Professional advisers and authorities. We may share personal data with advisers (such as lawyers and accountants) and with courts, regulators, or authorities where required by law or to protect our legal rights.

7.3. Business transfers. If we are involved in a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction, subject to appropriate safeguards.


8. International transfers

Your personal data is primarily hosted and processed within the European Union (using Google Cloud, EU region). Where any transfer of personal data outside the EU/EEA is necessary — for example, involving a service provider located in another country — we ensure appropriate safeguards are in place, such as an adequacy decision or the European Commission’s Standard Contractual Clauses.


9. Data security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or alteration. These include access controls, encryption in transit, use of reputable EU-based cloud infrastructure, and internal policies limiting access to personal data. No system can be guaranteed to be completely secure, but we work to protect your data and to respond promptly to any incident.


10. How long we keep personal data

We retain personal data only for as long as necessary for the purposes described in this Policy, or as required by law. In general:

  • Account data is kept for the duration of your account and for a reasonable period after it is closed (up to 12 months), unless longer retention is required.
  • Billing and tax records are kept for the period required by Bulgarian accounting and tax law (generally up to 10 years).
  • Prospect and marketing data is kept until you object or ask us to stop, or until we determine it is no longer relevant, and is reviewed periodically.
  • Support and communication records are kept for a reasonable period to manage our relationship and resolve any issues.

When personal data is no longer needed, we securely delete or anonymise it.


11. Your rights

Subject to the conditions and exceptions in applicable law, you have the right to:

  • access the personal data we hold about you;
  • request correction of inaccurate or incomplete data;
  • request erasure of your data (“right to be forgotten”);
  • restrict or object to our processing, including processing based on legitimate interests and processing for direct marketing;
  • request portability of data you provided to us, in a structured, machine-readable format; and
  • withdraw consent at any time, where we rely on consent (this does not affect processing carried out before withdrawal).

To exercise any of these rights, contact us at info@trackian.com. We will respond within the timeframes required by law. You will not usually have to pay a fee, and we may need to verify your identity before acting on your request.

Right to complain. If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Bulgarian supervisory authority:

Commission for Personal Data Protection (CPDP / КЗЛД) 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592, Bulgaria Website: www.cpdp.bg

We would, however, appreciate the chance to address your concerns first, so please consider contacting us directly.


12. Marketing communications

12.1. We may send business-to-business marketing communications about Trackian to organisations and professionals who we believe may be interested, relying on legitimate interests or consent as applicable.

12.2. You can opt out of marketing at any time — by using the unsubscribe link in our emails, or by contacting us at info@trackian.com. We will honour opt-out requests promptly. Opting out of marketing does not stop essential service-related communications.


13. Children

The Service is a business-to-business product and is not directed at children. We do not knowingly collect personal data from anyone under the age of 18. If you believe a child has provided us with personal data, please contact us and we will delete it.


14. Changes to this Policy

We may update this Policy from time to time. If we make a material change, we will update the “Effective date” above and, where appropriate, notify you by email or through the Service. We encourage you to review this Policy periodically.


15. Contact us

For any questions, requests, or concerns about this Policy or your personal data, please contact us:

TRACKIAN Ltd. (Тракиан ООД) Office 6, 19 Krayrechna Street, 6500 Svilengrad, Bulgaria Email: info@trackian.com Phone: +359 890 450 550


This Privacy Policy was last updated on 1 June 2026 (Version 2.0).

Close Popup