Privacy policy

We, MATCHPOINT 7 LTD. (“we” or the “Controller”), in certain cases collect and process personal data of natural persons, our customers, contracting parties, representatives or employees of such, or other contacts on the Bulgarian market (“you”). We are aware of the responsibility we have to care for and to protect your personal data, to comply with the applicable laws in the field of privacy and protection of personal data.

With this Privacy Policy (the “Policy”) we would like to introduce you to the manner in which we collect and use the personal data you have submitted to us. The policy describes what methods and for what purposes MATCHPOINT 7 LTD. and respectively our service providers process the information collected from and about you upon entering into contracts, or when using our services at our commercial locations and/or through the website (the “Website”).


Read this Policy carefully. It provides important information on how we process your personal data and explains your legal rights. This Policy is not intended to alter the terms and conditions of any contract concluded between us, or the rights you have, or our obligations in accordance with the applicable personal data protection laws.

By submitting your personal data or using the Website you trust us and voluntarily accept the terms and conditions of this Policy.


The personal data controller is MATCHPOINT 7 LTD., with the following data:

MATCHPOINT 7 LTD.., UIC 204910687, Website:

Registered office

Commercial location (the “Office”)

Contact person of the Controller for any matters relating to personal data:

city of Plovdiv 4000,

75 Vasil Aprilov Bvd.

Tel.: +359 892971520;


city of Plovdiv 4000,

57 Maritza Bvd.

Tel.: +359 892971520;

E-mail: ;

Bedros Mangachev, Manager

Address: city of Plovdiv 4000, 75 Vasil Aprilov Bvd.

Tel.: +359 892971520


MATCHPOINT 7 LTD., as personal data controller, is liable for the appropriate and lawful processing of the personal data you submit upon entering into contracts or when using services through the Website, or any of our services.


MATCHPOINT 7 LTD. may collect and process your personal data in the following cases:

If you visit our office directly and submit your data upon purchasing any item on site;

If you place an order through the Website and submit your data by filling in an order form;

If you submit your data upon entering into a contract with MATCHPOINT 7 LTD.;

If you are purchasing a product directly from us or through our Website;

If you respond to our direct marketing campaigns, for example by filling in a survey card or entering data online on the Website;

If any third parties (our business partners) perform authorized transfer of your personal data to us.

If you submit information on behalf of someone else, you must make sure that said person is aware of this Policy and that the requirements of the applicable law have been complied with prior to submitting the information.

If you are below 14 years of age, please do not provide us with your information, unless you have the permission of a parent or legal guardian to do so.

We ask for your cooperation to maintain your information up to date, by informing us of any changes to your personal data.


The following categories of personal data may be collected from and about you depending on whether you are our customer, contracting party and what services you are using:

With regard to physical identity – full name, address, telephone, e-mail address;


The processing of your personal data, in accordance with the current Bulgarian law and the principles of the framework directives of the European Union for protection of information, in particular the General Data Protection Regulation ЕС/2016/679 (the “Regulation”), must be justified based on one of several legal grounds, and we are required to specify the purposes and the grounds for any single use of your data.

Purpose: Exercising the rights and obligations of the Controller arising as a result of contracts concluded with you, including the use of our services;

Grounds for processing: Performance of a contract or compliance with a legal obligation (Art. 6, Para.1, letter (b) or letter (c) of the Regulation);

Purpose: Implementation of financial and accounting operation of the Controller upon and on the occasion of the concluded contracts, including: Receipt and ordering of payable amounts to bank accounts, receipt/issuance of invoices;

Grounds for processing: Performance of a contract or compliance with a legal obligation (Art. 6, Para.1, letter (b) or letter (c) of the Regulation);

Purpose: Implementation of correspondence with customers of the Controller and servicing of customers, including in order to respond to your questions and to fulfil your requests, for example to send you the requested documents or notifications by e-mail; to send you important information regarding the relationship between us or regarding any changes to our terms and conditions or policies;

Grounds for processing: Performance of a contract or compliance with a legal obligation (Art. 6, Para.1, letter (b) or letter (c) of the Regulation); or explicit consent of each person (Art. 6, Para. 1, letter (a) of the Regulation); or on the grounds of legitimate interests of the Controller (Art. 6, Para.1, letter (f) of the Regulation);

Purpose: Direct marketing

Grounds for processing: Explicit consent of each subject within the meaning of Art. 6, Para. 1, letter (a) of the Regulation;

Purpose: For our business purposes, for example data analysis, development of new products and services, improvement of our Website, improvement of our products and services.

Grounds for processing: The legitimate interests of the Controller. The legitimate interest of the Controller to provide first-class products and services corresponds to the interests of the customers and therefore this is in conformity with the requirements of the current personal data protection laws in Bulgaria, and constitutes sufficient grounds for their processing.


MATCHPOINT 7 LTD., in the capacity of personal data controller, is subject to the law of the Republic of Bulgaria. In some cases this may necessitate the submission and/or disclosure of your personal data, when required by law, upon request and/or if needed by third parties – state and other authorities, institutions and departments, insurance companies, insurance brokers, banks and institutions within the scope of their competence, and in compliance with the provisions of the Regulation, the Personal Data Protection Act and the other regulations of Bulgarian law.

Whenever possible, we will direct such request to you or we will notify you prior to responding, unless it is a matter of preventing or uncovering a crime.


The personal data we collect may be submitted for processing to third parties who act in their own name or on behalf of the Controller, in accordance with the requirements of the Regulation and while ensuring protection of the data subjects’ rights.

Your personal data may be processed by:

Companies providing services to the Controller, such as IT support, IT hosting, use and support of software products;

Contractual partners (for example couriers, advertising and PR agencies);

Third parties whose brands, products or services are distributed by the Controller;

Persons authorized for technical processing of your personal data: Representatives and employees of MATCHPOINT 7 LTD.. engaged in administration of orders on the website, sales, logistics, supply, quality control, accounting, etc.

Transfer of data to countries outside the European Economic Area

The Controller and/or the Processors of personal data may transfer part of your personal data to countries outside the European Economic Area, only if appropriate protections are ensured.


We protect the personal data in strict compliance with the current Bulgarian laws and the principles of the framework directives of the European Union for protection of information and personal data (including Regulation ЕС/2016/679).

Your information is stored on secured local or cloud servers of our subcontractors or business partners (or in certain cases the information is also stored on paper, in compliance with the requisite protections). The information is accessible and is used in conformity with our security policies (or those of our subcontractors or business partners), always in compliance with the current law and the requisite protection measures.

We maintain appropriate technical, physical and organizational measures for protection of the personal information against accidental or illegal destruction or accidental loss, unauthorized disclosure or access. Even though we cannot guarantee that the transmission of data through the Internet or the Website is without any risk of unauthorized disclosure or access, we and our business partners work hard in order to maintain adequate measures for protection with regard to your data in conformity with the applicable law. For example, we employ the following measures:

Strictly restricted and controlled access of our employees and subcontractors to your personal data, provided only in view of realizing the purposes for which they are processed and on a need to know basis;

The personal data is stored electronically in databases accessible with individual user name and password, and with various levels of access authorization; monitoring and virus protection are implemented; copies and backup copies are created for the purpose of restoration. By exception, data may also be stored on the personal computers of the persons with access rights, if the protection provided is equivalent to the aforementioned.

All documents on paper which may store your personal data are kept in a specially designated administrative room on the territory of the commercial location in Sofia, or at the office of our accounting service providers.

The staff of the Controller that processes personal data is aware of the requirements of the current laws, the policies of MATCHPOINT 7 LTD., the existing risks and action scenarios in case of their occurrence.

Contractual protection is also stipulated in the contracts concluded with the Processors of personal data on behalf of the Controller.


We store your personal data for as long as necessary in view of the purpose, for which we have received it. If your data is processed for two purposes, we will keep it until the purpose with the longer period of processing is realized; but we will stop processing it for the other purpose with the shorter period upon expiration of such shorter period.

We restrict the access to your data to those persons who need to process such data for the respective purpose.

Under specific circumstances we may store your personal data for longer periods of time, if we are bound by law, by an act of a competent authority or in order to have accurate records of your relationship with us in case of appeals, or if we justifiably believe that there is a possibility of legal disputes in view of which your personal data will be required.

The periods of storing are based on the business needs of the Controllers and in accordance with the applicable law. The personal data that is no longer needed will be anonymized (anonymized data may be preserved, but it no longer has any relation to you) or destroyed.


You have specific rights in relation to your personal data, for example you are entitled to:

Request from us to provide you with additional information on how your data is used;

Request from us to grant you access to your personal data and to provide you with a copy thereof;

Receive the personal data that affects you and that has been submitted to us by you, in a structured, commonly used and machine readable format, and – whenever technically possible – to transfer such data to another controller without any hindrances, if the processing of your data is based on your consent and is performed through automated means;

Request from us to update all inaccuracies in the data that we store and to correct it;

Request from us to delete or anonymize all data, which we no longer have any legal grounds to process;

File an objection to any processing (including profiling) based on legitimate interests, if you believe that your fundamental rights and freedoms prevail over our legitimate interests;

File an objection to any processing for the purpose of automated making of individual decisions, if this affects you in a material way;

Request from us to restrict the processing of your personal data, for example, for the duration of investigating an appeal.

Exercising such rights is subject to specific exceptions, for example when the public interest or out interests, or the rights and freedoms of others need to be protected. If you exercise any of the aforementioned rights, we will verify your rights to exercise them and respond without undue delay, but no later than one month. In more complicated cases or if we have received multiple requests, this period may be extended by two more months, about which we will inform you in due time.

If you have any questions regarding the processing of your data, contact us through the data and contact person of the Controller listed at the top of this Policy (Monday – Friday, from 09:00 am to 05:00 pm).

The main contact person in relation to all issues arising out of or on the occasion of processing of your personal data, including requests for exercising your rights, is the contact person of the Controller specified at the top of the Policy.

If you are not satisfied by the processing of your personal data or by our response upon exercising such rights, you are entitled to file a complaint with the supervisory body on personal data protection in your country, where the Controller is providing its services. The contact information of the supervisory bodies on data protection in the member states of the EU is accessible on the site of European Data Protection Board.

We ask you to first try to resolve the issue with us, even though you are entitled to contact the supervisory bodies on personal data protection at any time.


You can get acquainted with our Cookie Policy which is available at


We may implement changes to this Policy from time to time. Any changes to this Policy shall enter into effect when the updated Policy is published on the Website. You will be notified about the updated Policy upon visiting and using our Website.