My cart

Your shopping cart is empty

Privacy policy

2024-12-10T01:37:55+02:00

Privacy Policy

“ND FASHION” Ltd.

(Data Processing Notification)


Data Controller:

1. Name: “ND FASHION” Ltd.

2. VAT ID: 208040397

3. Registered Address and Management Address: 3 Beyko Voyvoda Street, Pazardzhik

4. Phone: 0895780823

5. Email Address: ndfashion@abv.bg

6. Website: www.nicolidevone.com


“ND FASHION” Ltd. (“The Company” or “Data Controller”) operates in accordance with the Law on Personal Data Protection and Regulation (EU) 2016/679 of the European Parliament and Council of April 27, 2016, on the protection of natural persons regarding the processing of personal data (“General Data Protection Regulation” or “Regulation”). This Privacy Policy (“Privacy Policy” or “Policy”) aims to inform each Client (as defined below) of the Company regarding the processing of data by which the Client is identified or can be identified.


For the purposes of this Policy, “Client” refers to any natural person that is a party to a contract with the Company for the sale of goods, a natural person that has expressed intent to enter into pre-contractual relations with the Data Controller, and/or a user of the NICOLI DEVONE online store available at www.nicolidevone.com, as well as directors, managers, representatives, agents, employees, partners, shareholders, beneficial owners of a legal entity, or any other legal structure using the Online Store.


1. What personal data do we process?


The Company processes, as the data controller, the following groups of personal data of Clients:

Physical Identity: names, ID number, address, phone, email address;

Economic Identity: information about bank account numbers.


The personal data is collected by the Data Controller from the individuals to whom it pertains.


2. How do we collect personal data?


We collect personal data:

During the registration process on the Online Store’s website and when using the Online Store without registration;

During correspondence with the Client, which may include written (including electronic) and oral communication;

Through “cookies” when you use or browse our website.


In some cases, we may collect information from third parties or public sources.


Our website collects data in log files. This information includes your IP address, Internet service provider, browser, operating system, the date and time you visited our website, and the pages you accessed.


Our website uses cookies. Cookies are small files of information sent by the website to the visitor’s browser, stored on their device. They help us make our website work better for you. For more information about the use of cookies, please see our Cookie Policy, available at www.nicolidevone.com.


3. Do we process special categories of personal data?


The Company does not process special categories of personal data of Clients.


4. For what purposes do we process personal data?


The Company processes Clients’ personal data for the following purposes:

To provide the information and assistance you have requested;

For the individualization and communication with Clients and beneficial owners;

For all activities related to the establishment, modification, and termination of the relationship between the Company and the Client;

Offering and promoting additional services;

Compliance with regulatory requirements;

Protection in case of disputes and cooperation with regulatory authorities to the extent required by law.


If we do not process this personal data, we may not be able to provide you with our services or requested assistance.


5. On what legal grounds do we process personal data?


The Clients’ personal data is collected, processed, and used on the basis of the following grounds:

To fulfill a contract or pre-contractual obligations;

To comply with a legal obligation applicable to the Company;

For the legitimate interests of the Company or a third party, provided that the rights and interests of data subjects do not outweigh them – resolving disputes, preventing and investigating fraud, breaches, or other unlawful conduct, establishing or defending legal claims;

Based on voluntary consent when required under applicable law.


6. For how long do we store personal data?


The Company stores personal data during the contractual relationship and until the payment under the contract is settled, and for a transitional period (e.g., compliance with obligations related to archiving and storing accounting data). If a judicial or other action is initiated, personal data may be stored until the conclusion of such action, including all appeal periods, and will then be deleted or archived as permitted by applicable law.


Specifically, accounting and tax data containing personal data are stored for a period of 10 years, starting from January 1 of the reporting period following the reporting period to which they pertain.


If your personal data has been received and processed on the basis of your consent, we will process your personal data only to the extent that we have your consent to process them.


7. With whom do we share personal data? Do we transfer it to third countries?


The Company may, at its own discretion, transfer part or all personal data to data processors to achieve processing objectives, complying with the Regulation.


The Company shares personal data with:

Third parties – service providers engaged by us to perform functions or activities on our behalf;

Third parties: regulatory authorities, tax and financial bodies, judicial, administrative, and law enforcement agencies, all in accordance with applicable law.


This list is not exhaustive and there may be other lawful purposes for the storage, disclosure, or other processing of your personal data.


The Company will notify the data subject if it intends to transfer part or all of their personal data to third countries or international organizations.


8. Are personal data protected?


The Company implements and maintains appropriate technical and organizational measures to protect personal data against unauthorized access or unlawful use, and/or accidental loss, alteration, disclosure, access, damage, or copying. These measures aim to ensure the continued protection and confidentiality of personal data. The Company regularly reassesses these measures to ensure ongoing security.


9. Do we perform automated decision-making?


The Company does not perform automated decision-making using personal data.


10. What are the Clients’ rights regarding personal data protection?


Clients may exercise the rights listed below by sending a written request to the Company:

Withdrawal of Consent: If personal data processing is based on Client consent, the Client has the right to withdraw their consent at any time without affecting the lawfulness of processing based on prior consent.

Right of Access: Clients have the right to confirm whether their data is being processed and to access their personal data and related information free of charge.

Right to Rectification: Clients have the right to correct or request the correction of inaccurate or incomplete personal data.

Right to Erasure (Right to be Forgotten): Clients can request the deletion of their personal data under specific conditions.

Right to Restrict Processing: Clients can request the restriction of their data processing under specific circumstances.

Right to Object: Clients may object to processing for legitimate interests.

Right to Data Portability: Clients may request that their personal data be provided in a structured, commonly used, machine-readable format.

Right to File a Complaint: Clients can file a complaint about personal data processing with the Data Protection Commission.


Data Protection Commission:

Address: Prof. Tsvetan Lazarov Street No. 2, Sofia 1592, Bulgaria

Phone: (02) 91 53 519

Fax: (02) 91 53 525

Email: kzld…


We use cookies to ensure that our website works well for you, respecting all rules and good practices for the privacy of your personal data. Agreement page