Personal Data Protection Policy
ITA Engineering Ltd


Personal data protection is an important aspect and part of the policy for information security and confidentiality of ITA Engineering Ltd. In relation to the entry into force of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data (“the Regulation”), this notice gives you detailed information about the protection of your personal data by ITA Engineering Ltd. The present notice aims to inform you what personal data about you we use, the reasons we use and share such data, how long we store the data for and how you can exercise your rights.

Personal data

We collect and process your personal data to the extent necessary in the course of our activities as well as to achieve a high standard for our products and services. ITA Engineering Ltd collects and processes customer personal data on a legal basis and in performance of the regulatory obligations applied with respect to the Company, processes the data lawfully and in good faith, and does not have the right to process the data additionally in a way, which is incompatible with these purposes.

Personal data are stored in hard copy, soft and/or electronic copy only for the time necessary to perform the contracts concluded between ITA Engineering and customers/partners/suppliers.

1. Personal data are collected, processed and stored in the registers of ITA Engineering Ltd in hard copy, soft and/or electronic copy;

2. ITA Engineering Ltd. collects and processes the following personal data to identify its customers and partners:
2.1. Two names,
2.2. Contact details (telephone, email address), postal address (of the partner firm/customer).
2.3. Data from video surveillance and other security and safety systems located only and solely on the territory of the building owned by the company;

For the needs of accessing the building and registering all visitors and guests, the data we process may be provided voluntarily only by you personally so that our contractual and statutory obligations may be performed to ensure the legitimate interest of the company.

2.4. Data about job applicants and employees of ITA Engineering Ltd in relation to their (potential) role in the company, including contact details, curriculum vitae, training and development, company file, etc.

The purposes to collect personal data at the reception desk for registration and access to the building serve the legitimate interest of the building owner, to safeguard the movable and immovable property of the owner, to prevent infringement, to ensure safety and confidentiality in pursuing the business interests of the organisation itself and those of its tenants. To provide 24-hour physical security, the company has concluded a contract with Delta Guard which is licensed under the Private Security Activities Act.

ITA Engineering Ltd sets orally, electronically or in writing the identified customer purposes at or before the time of collecting personal data. Upon request, the persons collecting personal data explain these identified purposes or refer an individual to the designated person at ITA Engineering Ltd who explains the purposes. Unless required by law, ITA Engineering Lt does not use or disclose any new purpose any personal data which have been collected without identifying and documenting the new purpose and obtaining the customer’s consent before that.

Telephone calls to and from company representatives which include personal data may be monitored or recorded in order to ensure quality and/or perform a contractual or legitimate obligation.

If we perform additional processing for purposes other than the ones listed above, we will inform you of that and, when necessary, request your consent.

We never collect personal data related to your racial or ethnic origin, political opinions, religious or philosophical beliefs, membership in professional organisations, genetic data or data related to your sex life or sexual orientation, or data about criminal records unless we have a statutory obligation to do so.

Data collection method

We process and use only data our customers have provided to us voluntarily. This means that every person is responsible not to provide data of third parties in breach of their personal data protection rights. Therefore, every person bears full personal liability if they provide us the data of a third party without their knowledge and without obtained consent in performance of the requirements of the applicable law concerning personal data protection, including with respect to the data of individuals representing legal entity customers.

Consent you have given

The collection of personal data based on consent is not necessary. The reason for this is the need to take security and safety measures, actions to guarantee the information and network security and protection of the legitimate interest of the controller, in this case, the company and the building tenants, etc.

If we perform additional processing for purposes other than the ones listed above, we will inform you of that and, when necessary, request your consent.

Transmission and transfer of personal data outside the European Economic Area (EEA)

In order to pursue the purposes listed above, we do not disclose your personal data to third parties and we do not transfer them outside the EEA.

Terms to store personal data

We process and store your personal data for a certain period of time determined by:
• Periods required for compliance with the Bulgarian and European law;
• Another period in relation to our operational requirements in view of the protection of our legitimate rights and interests.

Following the expiry of the required storage period, personal data are destroyed in accordance with the respective destruction procedure and protocol.

Your rights and how you can exercise them

Pursuant to the personal data protection legislation, you have certain rights in relation to your personal data as follows:

Access: You may receive information related to processing of your personal data and a copy of any such data.

Rectification: When you believe that your personal data are inaccurate or incomplete, you may request that any such personal data be changed accordingly.

Erasure: You may request the erasure of your personal data to the extent permitted by law unless the company proves that there are legal grounds for the processing, which prevail over the interests of the data subject or to establish, exercise and protect the legitimate rights and interests of the company.

Restriction: You may request the restriction of your personal data processing to the extent permitted by law.

Objection: You may object against the processing of your personal data on grounds related to your specific situation. You have the absolute right to object against the processing of your personal data for the purposes of direct marketing, which includes profiling related to any such direct marketing.

Consent withdrawal: When you have given your consent to the processing of your personal data, you have the right to withdraw it at any time.

Data transferability: When provided for by law, you have the right to have the personal data you have provided to us returned or, when technically possible, to have them provided to a third party.

In accordance with the applicable requirements, in addition to your rights above you may also refer to the Personal Data Protection Commission in relation to breaches concerning your rights at the following address: Sofia 1592, 2 Prof. Tsvetan Lazarov Blvd, telephone: 02/91-53-518, or to the competent court.


If you have any questions related to the use of your personal data in accordance with this notice, you may get in touch with us at telephone: +359 2 405 9800 or email:



This Policy aims to inform you how our website uses the so called “cookies”.


Cookies are small bits of information (small text files) that the browser stores on your computer or mobile device when you visit our website and that makes it possible to remember the flow of information between the website and the browser. Cookies enable the server to collect information from the browser so that you do not need to re-enter it when you return to the website or go from one page to another.

Cookies do not relate to an individual but to a combination of a device and a web browser. Cookies perform a number of functions, which impact the seamless surfing of websites. The cookie files usually contain the domain name a user comes from, the “cookie lifespan” and a value (usually in the form of a randomly generated number). Cookies do not require personal information to be able to be work and most often they do not identify the identity of internet users.


Our website uses cookies to improve the quality of the offered services. The data, provided by the user or collected automatically, are used for the following purposes:

• Cookies for functionality and website productivity – accurate website functioning, configuration, safety and reliability; ensuring normal and quality access to the website services with all of their functionalities; monitoring the session status; information about the type of devices accessing the website (e.g. smartphone, tablet, computer), operating system (e.g. Android, iOS), web browser, browser language settings etc.; eliminating problems, administration of the website, pages and our system;
• Cookies for website visitor analytics – check for availability of scripts, software applications and settings of the user’s end device necessary for the normal access and use of the website services, and informing about the lack of such; adjusting the information displayed to the user’s preferences; remembering the user’s preferences, which may be used in displaying the accurately adjusted editorial content;
• Cookies for statistical and analytical purposes – analysis, statistics, search and website audit; trend analysis, most popular website pages, number of page views, number of clicks, number of content shares, number of page and content likes.

It is not strictly necessary to activate these cookies for the main functions of the website but it will ensure better user experience in the browser and our website.


We use the Analytics service, which collects statistics about the use of the website. Cookies are used to this end. To opt-out of Google Analytics cookies, open this link:


All contemporary browsers allow you to change the cookie settings. You can usually find these settings in the Options or Preferences menu of your browser. You can control and/or delete cookies as you wish. You can delete all cookies already stored on your device and you can also set most browsers to block them. The use of our website in a Private view also blocks the storing of cookies. However, if you do this, you may need to set certain parameters manually every time you visit the website and it may also be possible for certain services and functions not to work properly or fully.

Opting out of cookies

You can easily accept or reject the use of cookies on this website by clicking on one of the following links:
• I accept cookies
• I reject cookies (except for the one remembering this choice)
• I reject cookies (*) (In this case, you will see our cookies banner every time you visit our website)


When you use our website, the following data are collected automatically: IP address, domain name, browser type, operating system type.


If you have any questions about this Cookies Policy, please get in touch with us at e-mail:
This Cookies Policy has been adopted and is effective as of 2020.

ITA Group Bulgaria reserves the right to amend this Cookies Policy by publishing a new version on the website. If you disagree with any changes made, you should stop using the website.


Signals under the Act on the Protection of Persons who Report or Publicly Disclose Violations (APPRPDV):

You can submit your signals under the APPRPDV via the following e-mail:



You can submit your signals on violations and corruption via the following е