0,00  0

Cart

No products in the cart.

See more products:

Prima Sanitas Regimen
add
Antioxidants
add
Omega-3 70% DHA and EPA Algae Oil
add
Probiotics with prebiotic
add
Protein and Glutamine with Electrolytes
add

PRIVACY POLICY

Of PRIMA SANITAS OOD, Unique ID Code 207086153, regarding primasanitas.com approved on 1 June 2024

  1. INTRODUCTION

PRIMA SANITAS OOD, Unique ID Code 207086153, having its registered office and place of business at 134 Konstantin Fotinov St., Poduyane Area, Sofia, ZIP 1517, hereinafter referred to as the COMPANY, is the owner of primasanitas.com website, whereby it offers dietary supplements to adult and competent users only. The Company is, for the purposes of selling products, a personal data controller and is responsible for compliance with the provisions of the General Data Protection Regulation 2016/679 and the Personal Data Protection Act, effective since 1 Jan. 2002.

No personal data shall be collected by the Company when someone visits primasanitas.com as a guest, without placing an order or making an online inquiry. In this case, information shall be collected that does not personally relate to the website visitor such as the IP address of their computer, the name of the local network or the Company, the website they visited before the Company’s website, the information the subject searched for on primasanitas.com, as well as the date and time of the visit and the browser used. This information shall be collected and analyzed with the visitor remaining anonymous. It shall be used solely to improve the enjoyability, content and functionality of primasanitas.com. This information shall not be further used and shall not be forwarded to any third parties.

The purpose of this Privacy Policy is to inform you what personal data the Company shall process and for what purposes, to whom it shall provide them, what your rights regarding your personal data processed are and how you can exercise them.

  1. GROUNDS FOR PERSONAL DATA COLLECTION, PROCESSING AND STORAGE 

The Company shall collect, process and store your personal data in relation to the use of the e-commerce platform on the Internet at primasanitas.com, hereinafter referred to as the Platform, and the entry into agreements with the Company on the basis of Article 6, Paragraph 1 of Regulation (EU) 2016/679 (GDPR) and particularly on the basis of the following grounds:

  • Express consent obtained from you as a customer;
  • Performance of a controller’s obligations under an agreement with you;
  • Compliance with a legal obligation applicable to the controller;
  • For the purposes of the legitimate interests of the controller or a third party.

III. PERSONAL DATA PROCESSED.

PURPOSES OF PERSONAL DATA PROCESSING

The Company shall process the following categories of personal data and information for the following purposes:

  • Data to make the delivery (e-mail address, mailing address, billing address, phone number, bank account details, payment details, etc.) – to perform the Company’s obligations under an agreement of sale, purchase and delivery of the products purchased.
  • Data to issue invoices to users – individuals – First and last name and Personal Number. Personal Number is processed only after an express request by the person to have an invoice with this detail issued.
  • Direct marketing data – first and last name and e-mail;
  • Data to send an online inquiry – first and last name and e-mail.

The Company, as a personal data controller, shall perform the following operations and shall process only the required personal data for the following purposes:

  • Provide full functionality when using the Platform;
  • Individualize the user – a party to the agreement of sale and purchase of products offered through the Platform;
  • Ensure the performance of the agreement of sale and purchase of products offered through the Platform;
  • Exercise the right of withdrawal or complaint by the customer for the products in respect of which these rights may be exercised;
  • Protection of information security;
  • Accounting purposes, including issue of invoices and/or other documents related to the delivery of the products offered on the Platform.
  • Statistical purposes.
  1. PERIOD OF PERSONAL DATA STORAGE

The Company shall process your personal data for the duration of the contractual relationship, i.e. the sale and purchase agreement.

The Company shall store your personal data provided in relation to online orders placed in the accounting documents issued for a period of 10 years for the purposes of protecting the Company’s legal interests in legal or administrative disputes with users of the online store, as the accounting documents shall be stored for the respective statutory period.

The Company shall notify you in the event of a need to extend the data storage period in order to perform a regulatory obligation or in view of legitimate interests of the Company, or otherwise.

The Company shall store the personal data that it has to keep by virtue of the applicable laws for the respective stipulated period, which may exceed the duration of the contractual relationship.

  1. DATA PROTECTION

The Company has implemented reasonable technical and administrative measures to protect the personal data that are processed in order to create certainty that unauthorized persons shall not have access to them and prevent their leakage, as well as ensure their proper use in accordance with the law and for a period during which we legitimately need these data.

  1. DATA SHARING

The Company shall share users’ personal data in the following cases:

  1. Sharing with service providers

The Company shall use service providers which shall perform certain activities on behalf of the Company. These service providers may be located in countries of the European Union and the European Economic Area, as well as in the US or in other countries around the world and offer services such as credit card payment processing, customer support, content personalization, IT services, e-mail service providers, data hosting. The Company’s service providers shall by virtue of the legal relationships established and the legal regulations protect the personal data received from the Company and shall have no right to use them for purposes other than perform the services in accordance with the Company’s instructions.

  1. Sharing with providers for the purpose of delivery to an address

The Company shall use courier service providers to make deliveries of the products offered by the Company to any address on the territory of the Republic of Bulgaria in view of an order placed on the Company’s website. The Company’s courier service providers shall by virtue of the legal relationships established and the legal regulations protect the personal data received from the Company and shall have no right to use them for purposes other than make a delivery to an address in accordance with the Company’s instructions.

  1. Corporate transactions

If at any time the Company decides to reorganize its activities, it may disclose or transfer personal data to potential buyers or receive personal information from sellers and it is an obligation of the Company to ensure adequate protection of users’ personal data in this type of transactions.

  1. Legal compliance 

The Company may share users’ personal data if it is required to: (a) respond to duly authorized requests for information from law enforcement authorities, as well as comply with national security requirements and other requirements of law enforcement authorities; (b) comply with a law, regulation, subpoena or court order; (c) investigate and help prevent security threats, fraud or other criminal or malicious activity; or (d) protect the rights or personal safety of its employees and third parties in accordance with the applicable laws. 

Similar to most websites, the Platform shall collect data in log files. This information shall contain a user’s IP address, as well as which browser they use (such as Mozzilla, IE, Chrome, etc.), operating system (Linux, Windows, iOS), when they visited the Platform. The Company shall preserve the right to use users’ IP addresses to disclose their identity in cases when this is required to comply with the law.

The Company shall have the right to provide a user’s personal data to third parties in order to offer a quality, fast and comprehensive service. Personal data shall be provided after the Company makes sure that all technical and organizational measures have been taken to protect these data.

VII. RECIPIENTS AND CATEGORIES OF RECIPIENTS

In relation to the accomplishment of the purposes specified above, the Company shall provide individuals’ personal data to the following recipients:

  • National Revenue Agency – during inspections and audits;
  • Banks under a banking service agreement with the Company – in relation to payment of money when the right to withdraw from an agreement is exercised;
  • Other state and municipal authorities and/or institutions – in relation to legal obligations to them or in relation to legal requests from them for information containing personal data;
  • Subcontractors for performance of contractual obligations, including providers for the purpose of delivering products offered by the Company to an address.

VIII. COMPANY CONTACT DETAILS

If you have any questions or concerns regarding the processing of your personal data or wish to exercise any of your rights, please, use the following contact details:

  • Email: order@primasanitas.com
  • Phone: 0876 60 60 88
  • Address: 81 Chelopeshko Shosse, Sofia
  1. PRINCIPLES OF PERSONAL DATA PROCESSING
  2. Compliance with the provisions of the European and Bulgarian laws.

The Company’s policy aims to ensure compliance with the provisions of Regulation 2016/679 and the Personal Data Protection Act.

  1. Personal data shall be collected and processed lawfully and in good faith

The Company shall collect and process personal data lawfully, in good faith and in accordance with the principles and rights of individuals in relation to their personal data processing.

  1. Personal data shall be collected and processed for specific purposes only

The Company shall process individuals’ personal data in the following cases only:

  1. When an individual has given their unambiguous consent to an understandable purpose transparently defined by the Company for which processing of their personal data is required;
  2. When processing is required to comply with a legal obligation of the Company;
  3. When processing is required to perform an agreement with the Company to which an individual is a party or take steps at the request of an individual prior to entering into an agreement, when their identification is required;
  4. When processing is required to protect the vital interests of an individual, whose personal data are processed, or another individual;
  5. When processing is required for the purposes of the legitimate interests of the Company or a third party in accordance with the provisions of the Regulation;
  6. When processing is required for the purposes of analysis and business intelligence, development of new products, improvement of systems and parameters based on the legitimate interest of the Company, i.e. to continuously improve and develop its products;
  7. For other legitimate purpose or in other cases provided for in the Regulation.
  8. Personal data not required for the activity shall not be collected and processed

The Company shall not collect or process individuals’ personal data that are beyond its obligations under the law or its needs of doing business.

  1. Restriction of purposes

The Company shall use users’ personal data for the purposes specified at the time of their collection only, as well as for additional, compatible purposes in accordance with the law.

In all cases, when individuals’ personal data collected and processed are required to be used for purposes other than the initial ones, the Company shall notify the respective individuals, request their consent and proceed to processing their personal data for other purposes after their express consent only.

  1. Personal data shall be processed transparently

The Company shall ensure transparency in communication about personal data collected and processed, with the information about this being in a short, transparent, understandable and readily accessible form and the wordings used being clear and unambiguous. A user decides for themselves whether and how to use the website and its functionalities.

  1. Right to informed choice

The Company shall always provide users with accurate information and give them the right to choose the type of personal data it shall collect from them, as well as the purposes and period for which it shall collect and process them. The Company shall not use users’ personal data for purposes incompatible with these principles, the Personal Data Protection Policy or specific notices related to the services provided.

  1. Minimally required personal data shall be collected for processing

The Company shall only collect and process minimally required personal data of individuals that:

  1. Are provided for by law;
  2. Are required to perform an agreement;
  3. Are required to accomplish the purposes they are collected for.
  4. Are provided by you voluntarily and after your consent.
  5. Personal data processed shall be accurate and updated

The Company shall ensure that processing of individuals’ personal data shall take place with maximum accuracy and, if possible, always up to date.

  1. Personal data shall be processed by the minimally required number of persons

The Company shall ensure that access to and processing of individuals’ personal data shall be carried out by the minimally required number of persons (operators) who have the required competence for their processing and the required commitment to their protection.

  1. Personal data shall be stored for the minimally required time

The Company shall store personal data for the minimally required time:

  1. Required by law;
  2. Required to perform an agreement (including an order) and the responsibility thereunder;
  3. Required to accomplish the purpose data are collected and processed for;
  4. Until a request from an individual to have them erased, after which they shall be destroyed without undue delay;
  5. Until the end of the period for which the Company has the right to store the data based on a legitimate interest.

In all cases, the Company shall ensure that personal data collected and processed be reviewed at least once a year and those of them falling into any of the above hypotheses be erased without undue delay.

  1. RULES OF PERSONAL DATA PROCESSING
  2. Personal data shall be processed with the required protection levels and measures 

The Company shall ensure the required levels of physical, organizational and technological protection in view of:

  1. The nature, scope, context and purpose of personal data processed;
  2. The likelihood, levels of impact and severity of the risk to individuals’ rights and freedoms in the event of a breach of the security of personal data processed;
  3. Its financial and organizational resources.

The Company shall also ensure all required measures of timely recovery of personal data collected and processed in the event of their loss as a result of accidental, malicious or force majeure events.

  1. Personal data shall be processed with controlled and traceable access

The Company shall ensure the required and appropriate technical, organizational and technological measures of controlled and traceable access to individuals’ personal data and the option to review, rectify, supplement, transfer or erase users’ personal data shared with us.

  1. Personal data shall be processed with the required accountability to comply with the Regulation

The Company shall ensure the required accountability and records to be able to prove that the provisions of the Regulation have been complied with.

  1. Data security

In order to protect users’ personal data from misuse, the Company shall apply strict measures to protect the information it stores and shall require the same level of security from its partners it provides it to in order to perform the obligations to users as undertaken.

  1. Respect for the rights of individuals whose personal data are processed

Users shall have the right to access all personal data that they have provided or that the Company stores about them. They shall also have the right to request rectification, supplementation, restriction, transfer or erasure of their personal data, as well as request clarifications in relation to their processing. In certain cases, a user’s request may be refused on the basis of law, for example when providing information would disclose another person’s personal data or when there is a legal prohibition on disclosing such information.

The Company shall ensure respect for the rights of individuals whose personal data are collected and processed, which includes:

A user may request the Company to confirm whether it processes their personal data and, if so, request access to them. This shall be done by sending a request to the Company at the address specified below.

  • Right to rectification of inaccurate data

You may request the Company to rectify your inaccurate personal data or complete those it already has.

  • Right to erasure (right to be forgotten)

In certain circumstances you may request the Company to erase your personal data and, if permitted by law, the Company shall do so as soon as possible. In such a case, the Company shall no longer be able to provide you with its services.

  • Right to restriction of processing

You may request from the Company to restrict the processing of your personal data. In this case, the respective data shall be marked and may be processed by the Company for certain purposes only.

  1. The right to be notified of any actions resulting from a request for rectification, erasure or restriction of processing of personal data
  2. Right to data portability

Under certain circumstances you may have the right to receive your personal data, which you have provided to the Company, in a structured, commonly used and machine-readable format (e.g. in a digital format) and request transmission of these data to another person without hindrance from the Company if such transmission is technically feasible.

  1. Right to object to the processing of personal data
  2. Right to lodge a complaint with a supervisory authority.
  3. If you believe that your rights in relation to personal data have been violated, please, contact the Company to try to find a solution to the matter.
  4. You can also contact your local data protection authorities and lodge a complaint with them, particularly if you live in a country of the European Union as your permanent residence or at the place of the alleged violation.
  5. In Bulgaria this is the Commission for Personal Data Protection, information about which you will find below.
  6. You can send a request to exercise the rights described above to the following e-mail address: kzld@government.bg, kzld@cpdp.bg
  7. Contact us.

We at PRIMA SANITAS OOD value your opinion. If you have any questions or concerns about our Personal Data Protection Policy, the collection and use of your personal data or in relation to a possible violation of the Personal Data Protection Act, you can contact us at the Company’s contact details specified above.

  1. COMPETENT SUPERVISORY AUTHORITY

The Commission for Personal Data Protection (CPDP) is the independent state authority that protects individuals when processing their personal data and when accessing such data, as well as controls compliance with the Personal Data Protection Act in the territory of the Republic of Bulgaria.

In case of doubt that your rights related to the protection of your personal data have been violated you can file a report with the CPDP at:

  • Address: 2 Prof. Tsvetan Lazarov Blvd, 1592 Sofia
  • E-mail: kzld@cpdp.bg
  • Website: www.cpdp.bg
  • Phone: 02 / 91-53-518

XII. CHANGES TO THE PRIVACY POLICY

The Company shall preserve the right at any time, without notice and without your prior and express consent, to change this Privacy Policy in strict compliance with the provisions of the General Data Protection Regulation 2016/679.
+359 876 606 088 order@primasanitas.com Sofia, “Chelopeshko Shosse” 81
Healthy Lifestyle Recovery after chronic conditions therapy Ingredients For Medical Professionals Medical Oncologist Worksheet
Terms of Service Privacy Policy
Prima Sanitas © 2025. All right reserved.
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.

Additional Cookies

This website uses the following additional cookies:

(List the cookies that you are using on the website here.)

Powered by  GDPR Cookie Compliance