Legal

Privacy Policy

Last updated: 20 May 2026

1. Data Controller

Your personal data is processed by:

Company"BROWIE BROWS" EOOD, registered in Bulgaria
UIC / Reg. No.208559431
Registered addressul. "Makedonia" 92, 9000 Varna, Bulgaria
Emailinfo@browiebrows.bg
Websitebrowiebrows.bg

If you have any questions about how we handle your personal data, please contact us at info@browiebrows.bg.

2. Personal Data We Collect

We only collect personal data that is necessary to provide our services. When you submit a booking request through our website, we collect:

  • Full name — to identify you and address you in communications.
  • Email address — to send booking confirmations and appointment reminders.
  • Phone number — to contact you regarding your appointment if needed.
  • Appointment details (service, date, time) — to process and confirm your booking.
  • Optional notes — any additional information you choose to share about your appointment.

We do not collect sensitive personal data (e.g. health data, financial information, or identification numbers) and we do not collect data from children under 16 years of age.

3. How We Use Your Data

We use your personal data solely for the following purposes:

  • Booking confirmation — sending you an email confirming your appointment details.
  • Appointment reminders — notifying you of upcoming appointments.
  • Appointment management — contacting you to reschedule or cancel if necessary.
  • Internal records — maintaining a record of appointments for business operations.

We do not use your data for automated decision-making or profiling. We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Legal Basis for Processing

We process your personal data on the following legal bases under the General Data Protection Regulation (GDPR):

  • Contract performance (Art. 6(1)(b) GDPR) — processing is necessary to fulfil your booking request and provide the agreed service.
  • Legitimate interests (Art. 6(1)(f) GDPR) — sending appointment reminders and managing our business operations.
  • Legal obligation (Art. 6(1)(c) GDPR) — where required by applicable Bulgarian or EU law.

5. Third-Party Services

To operate our booking system and deliver confirmation emails, we use the following third-party processors. Each has appropriate data processing agreements in place:

  • Supabase (Supabase Inc.) — secure database storage for booking records. Data is stored on servers within the EU/EEA. Privacy policy: supabase.com/privacy.
  • Resend (Resend Inc.) — transactional email delivery for booking confirmations. Privacy policy: resend.com/privacy.
  • Vercel (Vercel Inc.) — website hosting and infrastructure. Privacy policy: vercel.com/legal/privacy-policy.

We do not transfer your personal data to countries outside the EU/EEA without ensuring appropriate safeguards (such as Standard Contractual Clauses).

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Booking records are retained for up to 3 years for business and accounting purposes.
  • Email correspondence is retained for up to 2 years.
  • Data is securely deleted when it is no longer required.

7. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — request correction of inaccurate or incomplete data.
  • Right to erasure — request deletion of your personal data (right to be forgotten).
  • Right to restriction — request that we limit how we use your data.
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to object — object to processing based on legitimate interests.
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at info@browiebrows.bg. We will respond within 30 days.

You also have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection (CPDP) at www.cpdp.bg, or with the supervisory authority in your country of residence.

8. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. Our website uses HTTPS encryption and our booking data is stored in a secure, access-controlled database.

Despite these measures, no data transmission over the internet can be guaranteed to be 100% secure. If you believe your data has been compromised, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The date at the top of this page indicates when the policy was last revised. We encourage you to review this page periodically.

10. Contact Us

For any questions, requests, or concerns regarding your personal data or this policy, please contact us:

Company"BROWIE BROWS" EOOD
Addressul. "Makedonia" 92, 9000 Varna, Bulgaria
Emailinfo@browiebrows.bg
← Обратно към Browie Brows