Effective Date: [Insert Date]

Transport Academy BAIRO (“we,” “us,” “our”, or “BAIRO”) is committed to protecting the privacy and personal data of our users and visitors. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website [bairo.com] (the “Website”), in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR).

By using our website, you agree to the practices described in this Privacy Policy.

This website is owned and managed by [Transport Academy BAIRO OOD], in accordance with the provisions of the GDPR.

The present Privacy Policy is intended to inform users about what kind of personal data is processed by BAIRO (the “Controller”) in connection with the visit and use web site www.bairo.bg

This Privacy Policy refers only to the information collected through this Website.

1. Information We Collect

“Personal Data” means any information related to identification of an individual (such as name, age, date of birth, telephone, e-mail address, etc.). Personal data revealing race or ethnic origin, political opinions, religious or philosophical beliefs, membership of trade unions and genetic data processing, biometric data to uniquely identify an individual, health, or data on sexual life or sexual orientation of an individual are a special category of personal data. The Controller does not process such information about you.

We process personal data (i) because we are obliged to do so in accordance with the applicable laws; (ii) because the data is needed for the completion of contracts; (iii) because such information is especially important for us and we have acquitted legitimate interest; or (iv) when it is necessary to preserve the health and life of an individual.  In case that none of the above reasons to collect and use your personal data apply, the decision to provide us your personal data is voluntary, when using our Website.

If you do not provide us with your data, under certain circumstances we may not be able to fulfil our obligations.

The Controller is going to process the provided by you information in a way, that is compatible with the requirements of Regulation (EU) 2016/679.

Personal data of all persons using the Website (including IP address or other identifiers and information collected via cookies or other similar technologies) may be processed by the personal data Controller:

1. in order to provide electronic services in the scope of making content collected on the Website available to users – the legal basis for processing is the legitimate interest of the personal data Controller (Article 6(1)(b) of the GDPR);
2. for analytical and statistical purposes – the legal basis for processing is the legitimate interest of the personal data Controller (Article 6(1)(f) of the GDPR), consisting in conducting analyzes of users’ activity, as well as their preferences in order to improve the functionalities and services provided;

• in order to possibly establish and pursue claims or defend against claims – the legal basis for processing is the legitimate interest of the personal data Controller (Article 6(1)(f) of the GDPR), consisting in the protection of its rights.

The personal data Controller provides the possibility of contacting him using electronic contact forms, via e-mail address provided on the Website or trough designated information points – the legal basis for the processing of personal data is the legitimate interest of the personal data Controller – (Article 6(1)(f) of the GDPR).

We may collect and process the following types of personal data:

1. Personal Data You Provide:

• Name, email address, phone number, company name, or other contact details provided via forms or communications.

1. Automatically Collected Information:

• IP address, browser type, device information, access times, and pages visited, collected through cookies and similar technologies.

1. Cookies and Tracking Technologies:
   We use cookies to enhance your experience and analyze traffic. You can control cookie preferences through your browser settings.

2. Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds, as defined in Article 6 of the GDPR:

• Your consent (for example, subscribing to a newsletter)
  
  
• Performance of a contract (providing services you requested)
  
  
• Legal obligation (compliance with applicable laws)
  
  
• Legitimate interests (improving our website, marketing our services)

3. Purpose of Processing

We use the collected data to:

• Operate and maintain our website
  
  
• Respond to inquiries and provide customer support
  
  
• Send marketing communications (only with your consent)
  
  
• Analyze usage trends and improve our services
  
  
• Ensure security and prevent fraud

4. Sharing Your Information

We do not sell or rent your personal data. We may share your data with:

• Trusted service providers who perform services on our behalf (e.g., hosting, analytics)
  
  
• Public authorities if required by law
  
  
• In case of business transfer, such as a merger or acquisition
  
  

5. DataTransfers Outside the EU

If we transfer your personal data outside the European Economic Area (EEA), we ensure such transfers are made in compliance with GDPR using approved safeguards, such as Standard Contractual Clauses or adequacy decisions.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law.

7. Your Rights under GDPR

As a data subject under GDPR, you have the following rights:

• Right to access your personal data
  
  
• Right to rectification of inaccurate or incomplete data
  
  
• Right to erasure (“right to be forgotten”)
  
  
• Right to restrict processing
  
  
• Right to object to processing
  
  
• Right to data portability
  
  
• Right to withdraw consent at any time (where processing is based on consent)
  
  
• Right to lodge a complaint with a supervisory authority
  
  

To exercise any of your rights, contact us at [your email address].

8. Security of Your Information

We implement appropriate technical and organizational measures to protect your personal data. However, no online platform is entirely secure, and we cannot guarantee absolute protection.

9. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for their privacy policies or practices. We encourage you to review their policies before providing personal data.

10. Children’s Privacy

Our website is not intended for children under 13, and we do not knowingly collect personal information from them.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. We encourage you to review this policy regularly.

12. Contact Us

If you have questions or concerns about this Privacy Policy or your data rights, you can contact us at:

[Your Company Name]Email: [your contact email]Phone: [your phone number]Address: [your business address]

13. Supervisory Authority

If you believe your rights under the GDPR have been violated, you have the right to file a complaint with the Bulgarian Commission for Personal Data Protection:

Commission for Personal Data Protection (CPDP)
Website: https://www.cpdp.bg
Address: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592
Phone: +359 2 91 53 518
Email: kzld@cpdp.bg