1. Data Controller
The data controller responsible for your personal data is:
EUROPE4U BG Ltd. (Bulgarian: ЮРЪП 4Ю БГ ЕООД) Company ID (EIK): 201035643 Registered address: Sofia, Bulgaria Contact: contact@europe4u.online
2. What Data We Collect
We collect personal data only when you voluntarily provide it or when it is generated automatically through your use of this website. The categories of data we may process include:
• Contact information: name, email address, phone number (optional), company name (optional), country/location, industry sector • Diagnostic data: your answers to the business diagnostic questionnaire, your resulting route recommendation and score • Consent record: the fact and timestamp of your consent to data processing • Technical data (analytics): anonymised IP address, browser type, device type, pages visited, time on page, referral source
3. Legal Basis for Processing
We process your personal data on the following legal bases under Article 6 of the GDPR:
• Consent (Art. 6(1)(a)): When you complete the contact or diagnostic form, you explicitly consent to us processing your name, email, and other details in order to respond to your enquiry and send relevant follow-up communications. • Legitimate interest (Art. 6(1)(f)): We use essential cookies that are strictly necessary for the website to function. No consent is required for these cookies as they are covered by our legitimate interest in providing a working service.
4. How We Use Your Data
We use the data we collect for the following purposes:
• To respond to your enquiry and communicate with you about our services • To send you the automated email responses triggered by the diagnostic tool (route-specific guidance) • To record your enquiry in our internal CRM for follow-up and project planning • To understand how visitors use our website and improve the user experience (analytics, only with your consent) • To comply with our legal obligations
5. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected:
• Contact form and diagnostic submissions: retained for 1 year from the date of submission, after which records are deleted or anonymised. • Analytics data (Google Analytics 4): retained for 14 months (Google's default retention period). • Behavioural analytics (Microsoft Clarity): retained for 13 months (Microsoft's default retention period). • Cookie consent records: stored in your browser's localStorage for 1 year. • CRM records (Notion): retained for 1 year and then reviewed for deletion.
6. Third-Party Processors
We share your data only with trusted third-party processors who act on our instructions and are bound by appropriate data processing agreements. All processors listed below are located in the EU or operate under Standard Contractual Clauses (SCCs):
• Google LLC (Google Analytics 4) — analytics only; IP anonymisation is enabled; data processed under SCCs. Google Privacy Policy: policies.google.com/privacy • Microsoft Corporation (Microsoft Clarity) — session recording, heatmaps, and behavioural analytics; sensitive form fields are masked automatically; data processed under SCCs. Microsoft Privacy Statement: privacy.microsoft.com • Resend Inc. — transactional email delivery (automated route emails); data processed under SCCs. • Notion Labs Inc. — CRM and enquiry tracking; data stored on AWS servers in Frankfurt, Germany (EU). No international data transfer occurs.
We do not sell, rent, or trade your personal data to any third party for marketing purposes.
8. Your Rights
Under the GDPR, you have the following rights with respect to your personal data:
• Right of access (Art. 15): You can request a copy of the personal data we hold about you. • Right to rectification (Art. 16): You can ask us to correct inaccurate or incomplete data. • Right to erasure (Art. 17): You can ask us to delete your personal data ("right to be forgotten"), subject to certain legal exceptions. • Right to restriction of processing (Art. 18): You can ask us to limit how we use your data in certain circumstances. • Right to data portability (Art. 20): You can request your data in a structured, machine-readable format. • Right to object (Art. 21): You can object to processing based on legitimate interest. • Right to withdraw consent (Art. 7(3)): Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.
9. How to Exercise Your Rights
To exercise any of the rights listed above, please contact us at:
contact@europe4u.online
We will respond to your request within 30 days. We may ask you to verify your identity before processing your request. There is no fee for making a request.
10. Right to Lodge a Complaint
If you believe that we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the Bulgarian supervisory authority:
Commission for Personal Data Protection (CPDP) 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia, Bulgaria Website: www.cpdp.bg Email: kzld@cpdp.bg
You also have the right to lodge a complaint with the supervisory authority of your country of residence within the EU.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
Continued use of the website after changes are published constitutes your acceptance of the updated policy.
12. Contact
If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:
EUROPE4U BG Ltd. Email: contact@europe4u.online Sofia, Bulgaria