Privacy policy

The data controller for personal data processed via this website (including consultation requests and business enquiries) is Uniset EOOD, registered in Bulgaria, with offices at Vitosha Blvd 120, Sofia (contact: hello@uniset.net). Where we provide accounting or advisory services under contract, processing may also follow separate engagement letters.

Through the consultation form we typically collect your name, company name, email address, optional phone number, business stage and interests you select, optional message text, and technical data such as approximate IP address and browser user-agent when the request is submitted. For administration of our website we process credentials for authorised staff accounts where applicable.

We use this information to respond to your enquiry, assess fit for services, operate and secure our website and internal tools, comply with legal obligations (including accounting and tax rules where relevant), improve our content and service offering, and send operational emails relating to your request. Marketing emails would only be sent where we have a lawful basis and, where required, your consent.

Depending on the activity, we rely on: performance of pre-contractual steps or a contract with you (Art. 6(1)(b)); our legitimate interests in operating a professional practice and securing our systems (Art. 6(1)(f)), balanced against your rights; compliance with legal obligations (Art. 6(1)(c)); and, where appropriate, consent (Art. 6(1)(a)), which you may withdraw without affecting prior lawful processing.

Enquiry and lead records are kept for as long as needed to handle your request and any follow‑up commercial relationship, and thereafter according to statutory limitation periods and professional retention standards applicable in Bulgaria (often several years for accounting correspondence unless a shorter period applies). Technical logs may be retained for shorter security-focused periods.

We share personal data only with service providers who help us run the business (for example hosting, email delivery, IT security), acting under instructions where they process personal data on our behalf. We require appropriate contractual safeguards. Some providers may be located outside the EEA; where required we implement safeguards such as Standard Contractual Clauses or rely on adequacy decisions.

Under GDPR you may request access, rectification, erasure, restriction of processing, data portability (where applicable), and objection to processing based on legitimate interests. You may lodge a complaint with a supervisory authority — in Bulgaria this is the Commission for Personal Data Protection (CPDP). Contact us first at hello@uniset.net so we can resolve your concern.

We use privacy‑friendly analytics (Plausible Analytics, self-hosted) to understand aggregated traffic without behavioural advertising profiles. Plausible does not use cookies for core measurement in its usual configuration and minimises personal data; technical logs may still include truncated IP-related elements depending on setup. You can read more at plausible.io/privacy.

We apply appropriate technical and organisational measures (access control, encryption in transit where applicable, backups) appropriate to the risk. No transmission over the Internet is completely secure.

We may update this policy from time to time. The updated version will be posted on this page with a revised date.