call +359 887 300 963
menu
  • Home
  • /
  • Privacy Policy

Privacy Policy

Privacy Policy of the website sofia-rent-a-car.com

 

COPYING, IMITATION, MODIFICATION, BORROWING, RESEMBLING, REPRODUCTION, DOWNLOADING, SELLING, DISTRIBUTION AND PUBLICATION OF THIS PRIVACY POLICY IS ABSOLUTELY PROHIBITED!

Last updated on 01.01.2022

1. Introduction

Welcome to https://sofia-rent-a-car.com/bg (the “Website” or “Internet page”), which has been created for the benefit and upon the order of “PRO CARS” EOOD, UIC: 206209222, with registered office and management address: Sofia, Buxton residential area 5, entrance V, floor 8, contact phone: +359 887 300 963.

BY USING THIS INTERNET PAGE, YOU AGREE TO THE TERMS REGARDING THE COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL DATA IN ACCORDANCE WITH THIS PRIVACY POLICY.

PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING THIS WEBSITE AND IF YOU HAVE ANY QUESTIONS REGARDING THIS PRIVACY POLICY, PLEASE CONTACT US AT +359 887 300 963 OR AT [email protected]. IF YOU DO NOT AGREE WITH ANY OF THE TERMS CONTAINED IN THIS PRIVACY POLICY, YOU SHOULD NOT USE THIS WEBSITE.

 

PERSONAL DATA CONTROLLER

“PRO CARS” EOOD (hereinafter referred to for brevity as the “Controller”) is a sole-owner limited liability company, UIC: 206209222, with registered office and management address: Sofia, Buxton residential area 5, entrance V, floor 8, contact phone: +359 887 300 963 and website: https://sofia-rent-a-car.com/bg.

 

SUPERVISORY AUTHORITY

Commission for Personal Data Protection
Address: Sofia, postal code 1592, 2 Prof. Tsvetan Lazarov Blvd.
Contact details: 02/915 35 18; 02/915 35 15; 02/915 35 19; [email protected], www.cpdp.bg

 

2. Purposes and scope of the privacy policy

 

2.1 The Controller understands the concerns of visitors to this website regarding the protection of personal data and is committed to protecting their personal data by applying all personal data protection standards pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.

With this Privacy Policy, the Controller respects the privacy of natural persons and makes all necessary efforts to protect the personal data of natural persons against unlawful processing by applying technical and organizational measures for the protection of personal data, which measures are fully compliant with modern technological achievements and ensure a level of protection corresponding to the risks associated with the processing and the nature of the data to be protected.

2.2 With this Privacy Policy and in fulfillment of the requirements of Regulation (EU) 2016/679, the Controller provides information regarding:

  • • the purposes and scope of the privacy policy;
  • • the personal data collected and processed by the Controller;
  • • the purposes of processing personal data;
  • • the retention period of personal data;
  • • the mandatory and voluntary nature of providing personal data;
  • • processing of personal data;
  • • protection of personal data;
  • • the recipients or categories of recipients to whom the data may • be disclosed;
  • • rights of natural persons;
  • • procedure for exercising the rights;
  • • right to object;
  • • buttons, tools and content from other companies;
  • • changes to the privacy policy.

3. Definitions

 

3.1 Within the meaning of Regulation (EU) 2016/679 and this policy, the specified terms have the following meaning:

  1. 1. Personal data means any information relating to an identified natural person or a natural person who can be identified (“data subject”); a natural person who can be identified is a person who can be identified, directly or indirectly, in particular by an identifier such as a name, identification number, location data, online identifier or by one or more factors specific to the physical, physiological, genetic, mental, intellectual, economic, cultural or social identity of that natural person.
  2. 2. Processing of personal data means any operation or set of operations performed on personal data or on sets of personal data by automated or other means such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making the data available, alignment or combination, restriction, erasure or destruction.
  3. 3. Restriction of processing means the marking of stored personal data with the aim of restricting their processing in the future.
  4. 4. Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, and specifically to analyze or predict aspects concerning the performance of that natural person’s professional duties, economic situation, health, personal preferences, interests, reliability, behavior, location or movement.
  5. 5. Controller means a natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union law or the law of a Member State, the controller or the specific criteria for its designation may be provided for by Union law or by the law of a Member State.
  6. 6. Processor of personal data means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
  7. 7. Recipient means a natural or legal person, public authority, agency or other body to which the personal data are disclosed, whether a third party or not. At the same time, public authorities which may receive personal data in the framework of a specific investigation in accordance with Union law or the law of a Member State shall not be regarded as “recipients”; the processing of those data by the said public authorities complies with the applicable data protection rules according to the purposes of the processing.
  8. 8. Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor of personal data and the persons who, under the direct authority of the controller or the processor of personal data, are authorized to process the personal data.
  9. 9. Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes, by a statement or a clear affirmative action, which expresses his or her consent to the processing of personal data relating to him or her.
  10. 10. Personal data breach means a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.

4. Principles in the processing of personal data

 

4.1 The Controller follows the following principles when processing personal data for natural persons, namely:

  • • Personal data are processed lawfully, fairly and in a transparent manner in relation to the data subject (“lawfulness, fairness and transparency”);
  • • Personal data are collected for specified, explicit and legitimate purposes and are not further processed in a manner incompatible with those purposes;
  • • Personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimization”);
  • • Personal data are accurate and, where necessary, kept up to date (“accuracy”);
  • • Personal data are stored in a form which permits identification of data subjects for a period no longer than is necessary for the purposes for which the personal data are processed (“storage limitation”);
  • • Personal data are processed in a manner that ensures an appropriate level of security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (“integrity and confidentiality”).

5. Personal data collected and processed by the controller

 

A. Processing of special categories of personal data (“sensitive data”)

5.1.a The Controller does not collect or process special categories of personal data, such as: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic data, biometric data solely for the purpose of identifying a natural person, data concerning health or data concerning the sex life or sexual orientation of the natural person.

Natural persons should not provide such sensitive data to the Controller. In the event that the natural person intentionally provides sensitive data to the Controller, the Controller undertakes to delete them immediately.

 

B. Personal data collected directly from natural persons

Personal data collected directly from natural persons when the persons contact the Controller by telephone

5.1.b Natural persons provide personal data to the Controller when they contact the Controller by telephone. The telephone number for contacting the Controller is specified in the Controller’s identification details in this Privacy Policy and in the “Contacts” menu located in the upper right corner of the web page, where the contact details of the Controller are provided.

When the person contacts the Controller by telephone, the Controller collects and processes only the name and telephone number of the natural person, and in some cases also the e-mail address of the natural person. These data are processed for the purposes of communication with the natural person.

The processing of these personal data is necessary for actions preceding the conclusion of a contract and undertaken at the request of the natural person, namely providing more information about the services offered by the Controller in connection with the possible conclusion of a contract with the natural person.

The Controller uses the services of a telephone service provider, which provider is located in the Republic of Bulgaria.

 

Personal data collected directly from natural persons when the persons contact the Controller through the contact form on the site for making contact with the Controller

5.2.b Natural persons provide personal data to the Controller when they contact the Controller by sending a message using the contact form on the Controller’s site, located in the “Contacts” menu and available at the following web address: https://sofia-rent-a-car.com/bg/kontakti/.

When the person sends a message to the Controller using the contact form for making contact, the Controller collects and processes the name of the natural person, the e-mail address, telephone number, as well as the other information that the person provides in the sent message, such as an address.

These data are processed for the purposes of communication with the natural person and record keeping. The processing of these personal data is necessary for actions preceding the conclusion of a contract and undertaken at the request of the natural person, namely providing more information about the services offered by the Controller in connection with the possible conclusion of a contract with the natural person.

 

Personal data collected directly from natural persons when the persons contact the Controller by e-mail

5.3.b Natural persons provide personal data to the Controller when they contact the Controller by electronic mail. The e-mail address of the Controller is specified in the Controller’s identification details in this Privacy Policy and in the “Contacts” menu located in the upper right corner, where the contact details of the Controller are provided.

When the person sends an e-mail to the Controller, the Controller collects and processes the e-mail address, as well as the other information that the person provides in the sent e-mail, such as name, telephone number, address. These data are processed for the purposes of communication with the natural person and record keeping. The processing of these personal data is necessary for actions preceding the conclusion of a contract and undertaken at the request of the natural person, namely providing more information about the services offered by the Controller in connection with the possible conclusion of a contract with the natural person.

 

Personal data collected directly from natural persons when the persons contact the Controller by sending a message through the use of the Facebook

5.4.b Natural persons provide personal data to the Controller when they contact the Controller by sending a message through the use of the Facebook platform via Facebook’s messaging service, available through the Controller’s Facebook page.

When the person sends a message to the Controller through the use of the Facebook platform via Facebook’s messaging service, the Controller collects and processes the name of the natural person as well as the other information that the person provides in the sent message.

These data are processed for the purposes of communication with the natural person and record keeping. The processing of these personal data is necessary for actions preceding the conclusion of a contract and undertaken at the request of the natural person, namely providing more information about the services offered by the Controller in connection with the possible conclusion of a contract with the natural person.

The Controller uses the services of Facebook, an independent service provider located in the USA, to receive messages through the Facebook platform. This means that the personal data provided will be stored on Facebook’s servers in the USA. Appropriate safeguards pursuant to Art. 46 of Regulation (EU) 2016/679 should be provided for the transfer of these personal data outside the European Economic Area. Facebook has its own Privacy Policy and it is recommended that natural persons familiarize themselves with it in order to obtain more information. Facebook’s Privacy Policy is published at the following address: https://www.facebook.com/policy.php

 

Personal data collected directly from natural persons when the persons reserve a car

5.5.b Natural persons provide personal data to the Controller when they reserve a car from the Controller’s website. When reserving a car from the Controller’s website, the natural person provides

the following personal data, which the Controller collects and processes, namely: first name and surname of the natural person, e-mail address, identity document number (passport or identity card), driving license number, telephone number, place of pick-up and return of the car, date and time of pick-up and return of the car, necessary additional extras, as well as the other information that the person provides in the submitted form. The collection and processing of these personal data is necessary: – with a view to concluding or performing a contract for the provision of services to which the natural person is a party; – for compliance with a legal obligation applicable to the controller for the purposes of issuing invoices.

 

C. Personal data of natural persons provided by third parties

5.1.c The Controller usually does not receive personal data about natural persons from third parties. However, in some cases, if the Controller has reasonable grounds to suspect that a given natural person infringes intellectual property rights and other similar cases, then the Controller has the right to obtain personal data of the suspected person from public registers, such as: the Commercial Register, the register of registered trademarks maintained by the European Union Intellectual Property Office and other similar ones.

These data may be collected and processed for the purpose of bringing an infringement claim against the infringer. The processing of personal data collected from a public register is necessary for the purposes of the legitimate interests of the Controller, which legitimate interests are the filing of a claim for an infringement committed against the infringer, as well as on a legal basis.

 

D. Data collected automatically

5.1.d When visiting the website, the Controller may automatically collect the following data, namely:

  • • Internet protocol (IP) address of the device from which the natural person accesses the platform (usually used to determine the country or city from which the natural person accesses the platform);
  • • Type of device from which the natural person accesses the platform (for example computer, mobile phone, tablet, etc.);
  • • Type of operating system;
  • • Type of browser;
  • • The specific actions that the natural person undertakes, including the pages visited, the frequency and duration of visits to the website;
  • • Date and time of visits.

The collection and processing of these personal data is necessary for the realization of the legitimate interests of the Controller, which legitimate interests are facilitating the use of the website and improving the functionality of the website.

6. Cookies

6.1 Natural persons can obtain more information about how the Controller uses cookies by reading the
Cookie Policy, published on the Controller’s website.

7. Purposes for which personal data are processed

7.1 The Controller collects and processes the personal data of natural persons that are provided directly by them only for the following purposes, namely:

  • • for the purpose of providing services offered by the Controller, namely providing rental cars and identifying natural persons (future and current clients);
  • • for contacting the natural person by e-mail so that the Controller can respond to the inquiry received from the natural person;
  • • for the performance of obligations under a contract to which the natural person to whom the data relate is a party, as well as for actions preceding the conclusion of a contract and undertaken at his or her request;
  • • for compliance with a statutory obligation of the Personal Data Controller, in accordance with applicable law;
  • • for providing the car selected by the natural person;
  • • acceptance and processing of complaints;
  • • accounting purposes;
  • • statistical purposes.

7.2 The Controller collects and processes the personal data of natural persons that are collected automatically for the following purposes, namely:

  • • improving the efficiency and functionality of the website;
  • • preparing anonymous statistical data on how the website has been used;
  • • for providing better service;
  • • for administering the website;
  • • adapting the website to the preferences of natural persons.

7.3 The Controller has no right to use the personal data of natural persons for purposes other than the purposes specified in this section of this Personal Data Protection Policy.

8. Retention period of personal data

8.1 Inquiries and correspondence by e-mail, Facebook: The Controller stores the personal data and messages received by e-mail and Facebook for a period necessary to respond to the message received and to satisfy the request of the natural person, as well as for a period of one year after the Controller has responded to the message received.

8.2 Personal data of persons who have reserved a car: The Controller stores the personal data of persons who have reserved a car from the Controller for as long as is necessary for the performance of the contract, as well as for a period of ten years after the performance of the contract, which period is the statutory period.

 

Criteria for determining the period for which personal data will be stored

8.3 In other cases not specified above, the Controller will store the personal data of the natural person for no longer than necessary, taking into account the following criteria, namely:

  • • whether the Controller is obliged, in order to comply with a legal obligation, to continue processing the personal data of the natural person;
  • • the purpose of storing the personal data both now and in the future;
  • • whether there is a contract concluded between the Controller and the natural person and the Controller is obliged to continue processing the personal data in order to fulfill obligations under the contract;
  • • purposes for using the personal data now and in the future;
  • • whether it is necessary to contact the natural person in the future;
  • • whether the Controller has a legal basis to continue processing the personal data of the natural person;
  • • any other valid reasons, such as the nature of the relationship with the natural person.

9. Mandatory and voluntary nature of providing personal data

9.1 The personal data that are required to be provided by natural persons are consistent with the services offered by the Controller and have a mandatory nature. The provision of personal data by natural persons is voluntary. In the event that the provision of personal data is refused:

  • • The Controller will not be able to provide the service desired by the natural person, namely: to provide the car reserved by the natural person;
  • • The Controller will not be able to receive the e-mail from the user if the latter does not fill in the necessary information in the contact form;
  • • The natural person will not submit a car reservation.

10. Processing of personal data

10.1 The Controller processes the personal data of natural persons through a set of actions that may be carried out by automated or non-automated means.

10.2 The Controller processes the personal data of natural persons independently or by assigning processing to processors of the data on behalf of the Controller, who are providers of accounting services, hosting service providers, providers of marketing services, providers of website traffic analysis services.

11. Protection of personal data

11.1 The Controller undertakes the necessary technical and organizational measures to protect personal data from accidental or unlawful destruction, or from accidental loss, from unlawful access, alteration or dissemination, as well as from other unlawful forms of processing, namely:

  • • all personal information that the natural person provides to the Controller is stored on secure and reliable servers and folders;
  • • when the natural person exercises the right of access, the Controller verifies the identity of the natural person before providing the requested information;
  • • web-based information systems have the prefix “https:” instead of “http:”. In this way your information is protected and unchanged and unread by third parties, and for this purpose the Controller uses an SSL certificate issued by one of the world’s leading companies in the field of security and encryption of data transmitted over the Internet.
  • • The Controller provides natural persons with a secure and encrypted connection when sending personal data.

11.2 In the event that you wish to receive detailed information regarding the technical and organizational measures, please do not hesitate to contact us by phone at +359 887 300 963 or by e-mail at [email protected].

12. Recipients to whom personal data may be disclosed

12.1 The Controller has the right to disclose the processed personal data to the following categories of persons, namely:

  • • to the natural persons to whom the data relate;
  • • to persons, if provided for in a statutory act, for example state authorities;
  • • to persons processing the personal data who provide services for the benefit of the business activities of the Controller, such as accounting service providers, hosting service providers, telephone service providers, providers of marketing services, providers of website traffic analysis services, where these persons are bound by an obligation to maintain confidentiality, and these persons have also provided sufficient guarantees for the implementation of appropriate technical and organizational measures in such a way that the processing proceeds in accordance with the requirements of the Regulation and ensures the protection of the rights of natural persons.
  • • to providers that provide electronic and banking payment services.

12.2 The Controller does not sell personal data provided by the natural person to third parties.

13. Rights of natural persons

Right of access

13.1 The natural person has the right to obtain from the Controller confirmation as to whether personal data relating to him or her are being processed and, where that is the case, to obtain access to the data – the relevant categories of personal data.

Right to rectification

13.2 The natural person has the right to request the Controller to rectify without undue delay inaccurate personal data relating to him or her. Taking into account the purposes of the processing, the natural person has the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to erasure (right “to be forgotten”)

13.3 The natural person has the right to request the Controller to erase personal data relating to him or her without undue delay, and the Controller has the obligation to erase personal data without undue delay where one of the grounds specified in Art. 17 of Regulation 2016/679 applies.

Right to restriction of processing

13.4 The natural person has the right to request the Controller to restrict processing where one of the conditions specified in Art. 18 of Regulation 2016/679 applies.

Where restriction of processing has been carried out, such data shall be processed, with the exception of storage, only with the consent of the natural person or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural person or for reasons of important public interest of the Union or of a Member State.

Where the natural person has requested restriction of processing, the Controller shall inform him or her before the restriction of processing is lifted.

Right to data portability

13.5 The natural person has the right to receive the personal data concerning him or her which he or she has provided to a controller, in a structured, commonly used and machine-readable format, where the processing is based on consent in accordance or on a contractual obligation and the processing is carried out by automated means.

Right to object

13.6 The natural person has the right, at any time and on grounds relating to his or her particular situation, to object to the processing of personal data concerning him or her. Pursuant to Art. 21, paragraph 4 of Regulation 2016/679, the natural person is explicitly informed of the existence of the right to object, which is presented clearly and separately from any other information. For the fulfillment of this obligation, more information regarding the right to object can be found in the section below entitled “Right to object”.

Right to withdraw consent

13.7 The natural person has the right to withdraw the consent given by him or her at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent given before its withdrawal. The natural person may withdraw his or her consent in the manner specified in section XIV of this privacy policy or by selecting the “unsubscribe” option when receiving a newsletter.

Rights in profiling

13.8 The natural person has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning the data subject or similarly significantly affects him or her.

Right to notification of a personal data breach

13.9 Where a personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the natural person must be notified without undue delay of the personal data breach.

 

Right to judicial and administrative protection

Right to lodge a complaint with a supervisory authority

13.10 The natural person has the right to lodge a complaint with a supervisory authority, in particular in the Member State of habitual residence, place of work or place of the alleged infringement, if the natural person considers that the processing of personal data relating to him or her infringes the provisions of the Regulation.

Right to an effective judicial remedy against a supervisory authority

13.11 Every natural and legal person has the right to an effective judicial remedy against a legally binding decision of a supervisory authority concerning him or her. Proceedings against a supervisory authority shall be brought before the courts of the Member State in which the supervisory authority is established.

Right to an effective judicial remedy against a controller or processor of personal data

13.12 Without prejudice to any available administrative or non-judicial remedies, including the right to lodge a complaint with a supervisory authority, the natural person has the right to an effective judicial remedy where he or she considers that his or her rights under the Regulation have been infringed as a result of the processing of his or her personal data which is not in compliance with the Regulation. Proceedings against a controller or processor of personal data shall be brought before the courts of the Member State where the Controller or the processor of personal data has an establishment.

Right to compensation for damages suffered

13.13 Any person who has suffered material or non-material damage as a result of an infringement of the Regulation has the right to receive compensation from the Controller or the processor of personal data for the damage suffered. Court proceedings in connection with exercising the right to compensation shall be brought before the courts of the Member State where the Controller or the processor of personal data has an establishment.

14. Procedure for exercising the rights

14.1 Natural persons exercise their right to withdraw consent given, right of access, right to erasure, rectification, right to restriction of processing, right to data portability, right to object and rights in profiling by submitting a written request to the Controller (either by post to the address specified in the identification of the Controller above in this privacy policy or by sending an e-mail), which should contain the following information:

  1. 1. name, address and other data for identifying the respective natural person;
  2. 2. description of the request;
  3. 3. signature, date of submission of the request and e-mail address.

14.2 The request is submitted personally by the natural person. The Controller records the requests submitted by natural persons in a separate register.

14.3 After the natural person exercises his or her right of access to personal data relating to him or her, the Controller verifies the identity of the natural person before responding to the request. This is necessary in order to minimize the risk of unlawful access to the data and identity theft. In the event that the Controller cannot identify the natural person from the personal data collected, then the Controller has the right to request a copy of documents that identify the natural person (such as an identity card, driving license, other documents containing personal data that can identify the natural person).

14.4 The Controller considers the request and provides the natural person with information on the actions taken in relation to the request within two months of receipt of the request. If necessary, this period may be extended by one more month, taking into account the complexity and number of requests.

14.5 The Controller informs the natural person of any such extension within one month of receipt of the request, also indicating the reasons for the delay. Where the natural person submits a request by electronic means, where possible the information is provided by electronic means, unless the person has requested otherwise.

14.6 If the Controller does not take action on the request of the natural person, the Controller shall notify the person without delay and at the latest within one month of receipt of the request of the reasons for not taking action and of the possibility to lodge a complaint with a supervisory authority and seek judicial protection.

14.7 The Controller undertakes to communicate any rectification, erasure or restriction of processing carried out to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The Controller informs the natural person about those recipients if the person requests this.

15. Right to object

15.1 The natural person has the right, at any time and on grounds relating to his or her particular situation, to object to the processing of personal data concerning him or her. Pursuant to Art. 21, paragraph 4 of Regulation 2016/679, the natural person is explicitly informed of the existence of the right to object, which is presented clearly and separately from any other information. For the fulfillment of this obligation, more information regarding the right to object will be provided in this section of this privacy policy.

15.2 The natural person has the right, at any time and on grounds relating to his or her particular situation, to object to the processing of personal data concerning him or her in cases where the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller, or the processing is necessary for the purposes of the legitimate interests of the Controller or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the natural person which require protection of personal data, in particular where the natural person is a child.

The Controller undertakes to terminate the processing of the personal data, unless it proves that there are compelling legal grounds for the processing which override the interests, rights and freedoms of the natural person, or for the establishment, exercise or defense of legal claims. Natural persons exercise their right to object by submitting a written request to the Controller by post to the address specified in the identification of the Controller above in this privacy policy or by sending an e-mail.

15.3 Where personal data are processed for the purposes of direct marketing, the natural person has the right at any time to object to the processing of personal data concerning him or her for this type of marketing, which includes profiling to the extent that it is related to direct marketing. Where the natural person objects to processing for direct marketing purposes, the processing of personal data for those purposes shall cease.

Natural persons exercise their right to object by submitting a written request to the Controller by post to the address specified in the identification of the Controller above in this privacy policy or by sending an e-mail stating that they do not wish to receive advertising messages.

16. Links, tools and content from other companies

16.1 The website contains buttons, tools or content that link to services of other companies, such as a “Facebook” button, as well as links to the developer of the Controller’s website and others. All websites of such companies that may be accessed through this website are independent and the Controller assumes no responsibility whatsoever for any damages and losses arising as a result of the use of these sites. Natural persons use these sites at their own risk and it is recommended to familiarize themselves with the relevant Privacy Policy of the respective company in order to obtain more information.

17. Changes to the privacy policy

17.1 This Privacy Policy may be updated at any time in the future. When this happens, the amended policy will be published on this website with a new “Last amended” date at the top of this Privacy Policy and will be effective from the date of publication. Therefore, it is recommended that you periodically check this Privacy Policy to ensure that you are familiar with any changes. Use of the website after the updated Privacy Policy has been published will be deemed to mean that you agree to the changes made.

18. Contacts

18.1 In the event that you have additional questions regarding this Privacy Policy, please do not hesitate to contact us by phone at +359 887 300 963 or by e-mail at [email protected]

Privacy Policy of the website sofia-rent-a-car.com and “PRO CARS” EOOD – last updated on 01.01.2022.

Prepared by attorney Krasimira Kadieva – Intellectual Property specialist

 

sofia-rent-a-car.com © 2026
All Rights Reserved - Pro Cars Ltd.